OPNsense Forum

English Forums => General Discussion => Topic started by: scoobey on March 16, 2024, 04:21:37 pm

Title: DNS Rules and Port Forwarding not working
Post by: scoobey on March 16, 2024, 04:21:37 pm

NAT:Port Forward
Interface: IOTNET
IPV4
TCP/UDP
Source: Any
Destination/Invert: Checked
Destination: IOTNET address
Destination Port: From:any   To:DNS
Redirect Target IP: Single host  127.0.0.1
Redirect Port: DNS
Log: Checked

I have created the above NAT Forwarding rule. It does not appear to be working as when a host (I manually set the DNS on the host to 8.8.8.8 overriding DHCP settings) on that network pings a domain. TCPDump/Wireshark show that the DNS Request/Reply is bypassing the Local Unbound DNS and going directly to google.com@8.8.8.8.

On NAT: Port Forward summary page I have noticed that the Ports column shows 53-105 when I have DNS or Other (with 53) selected as the Destination To

I have also created Reject Rules on the Interface for TCP/UDP port 53 that should be logging but not seeing those log entries either and the traffic is clearly being passed.

These type of logs should be under what type?

Title: Re: DNS Rules and Port Forwarding not working
Post by: Patrick M. Hausen on March 16, 2024, 06:19:16 pm

Destination Port - from: DNS - to: DNS