pfSense

UDP - LAN - net - * - !Router - 53(DNS) - WAN - none - DNS Reject

If this rule is setup on the LAN interface to reject DNS traffic NOT going to the router's DNS forwarder and a request is sent through the router to another DNS server this happens:

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xc
fault code = supervisor read, page not present
instruction pointer = 0x20:0xc0970497
stack pointer = 0x28:0xe2ca2498
frame pointer = 0x28:0xe2ca24c4
code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 11 (irq10: vr0)
trap number = 12
panic: page fault
cpuid = 0
Uptime: 2h35m4s
Cannot dump. Device not defined or unavailable.
Automatic reboot in 15 seconds - press a key on the console to abort
Rebooting...

All that is needed to crash the router is running "nslookup google.com. 8.8.8.8" from windows and the box will reboot. The solution is to change the gateway for this rule back to default and the problem does not occur.