To disable the default general allow all rule -
Navigate to the Firewall tab, Policy section of the web-administration.
Select the appropriate policy based on desired effect (LAN->WAN or DMZ->WAN).
Click Edit next to the default allow all rule.
Check the check box next to delete this rule.
Click Apply.
To allow DNS queries to pass through
Navigate to the Firewall tab, Policy section of the web-administration.
Select the appropriate policy based on desired effect (LAN->WAN or DMZ->WAN).
Click Add New at the bottom of the list.
Give the rule a friendly name, such as dns_out.
Position does not matter, leave blank or choose a position.
Choose Allow as the Action.
For service choose dns_all.
Select a schedule and enable IDS/IDP if desired.
Click Apply to save the changes, or click Cancel to disregard.