OPNsense Forum
English Forums => General Discussion => Topic started by: scoobey on March 16, 2024, 04:21:37 pm
-
NAT:Port Forward
Interface: IOTNET
IPV4
TCP/UDP
Source: Any
Destination/Invert: Checked
Destination: IOTNET address
Destination Port: From:any To:DNS
Redirect Target IP: Single host 127.0.0.1
Redirect Port: DNS
Log: Checked
I have created the above NAT Forwarding rule. It does not appear to be working as when a host (I manually set the DNS on the host to 8.8.8.8 overriding DHCP settings) on that network pings a domain. TCPDump/Wireshark show that the DNS Request/Reply is bypassing the Local Unbound DNS and going directly to google.com@8.8.8.8.
On NAT: Port Forward summary page I have noticed that the Ports column shows 53-105 when I have DNS or Other (with 53) selected as the Destination To
I have also created Reject Rules on the Interface for TCP/UDP port 53 that should be logging but not seeing those log entries either and the traffic is clearly being passed.
These type of logs should be under what type?
-
Destination Port - from: DNS - to: DNS