It depends what you want to do. Do you want to capture DNS queries inbound or outbound or both?
By default, DNS queries are simple UDP packets. There are some TCP generated packets, but if all you want to capture are the DNS queries, than UDP should suffice. As stated above, you could choose to capture both (TCP & UDP).
Obviously, DNS is using port 53. So you will need to specify the Port number in your rule.
* * * * * *
Allow connections to Any Host from Any Host -> Specify the port number DNS (53) and choose to lo the events that match.