diff --git a/fickit-frontend.yml b/fickit-frontend.yml
index f20edb9e..809112bf 100644
--- a/fickit-frontend.yml
+++ b/fickit-frontend.yml
@@ -121,10 +121,11 @@ onboot:
 
   - name: firewall-frontal
     image: linuxkit/ip:v1.0.0
-    command: ["/bin/bash", "-c", "/sbin/iptables-restore < /etc/iptables/rules-frontal.v4; /sbin/ip6tables-restore < /etc/iptables/rules.v6; [ -f /run/config/remote_sync/destination ] && /sbin/iptables -I OUTPUT 7 -o bond-frontal -d $(cat /run/config/remote_sync/destination | tr -d '\n') -p tcp -m tcp --dport https -J ACCEPT;" ]
+    command: ["/bin/bash", "-c", "/sbin/iptables-restore < /etc/iptables/rules-frontal.v4; /sbin/ip6tables-restore < /etc/iptables/rules.v6; [ -f /run/config/remote_sync/destination ] && /sbin/iptables -I OUTPUT 7 -o bond-frontal -d $(cat /run/config/remote_sync/destination | tr -d '\n') -p tcp -m tcp --dport https -j ACCEPT;" ]
     binds:
       - /etc/iptables/rules-frontal.v4:/etc/iptables/rules-frontal.v4:ro
       - /etc/iptables/rules.v6:/etc/iptables/rules.v6:ro
+      - /etc/resolv.conf:/etc/resolv.conf:ro
       - /run/config/remote_sync/:/run/config/remote_sync/:ro
     net: /run/netns/nginx
   - name: firewall-sshd