Not sure if i understand this setup. Wouldn’t rule 1 (Accept all connections from and source and any destination ) since these rules are read from top to bottom? what is the purpose of rule 1 here? Since we are specifying only HTTP/DNS traffic ?
This rule will allow all outgoing packets destined for the localhost interface to be accepted. This is generally required as many software applications expect to be able to communicate with the localhost adaptor.