Print Page - firewall rule to DNS destination instead of IP

Title: firewall rule to DNS destination instead of IP
Post by: robertkwild on July 20, 2022, 07:30:47 PM

hi all,

making a firewall rule but instead of the destination being an "ip" i want it to be a "DNS" record, is it possible to put in a DNS name ie dns.msftncsi.com and that resolves to the ip

if not has it got the plugin squid?

thanks,
rob

Title: Re: firewall rule to DNS destination instead of IP
Post by: tiermutter on July 21, 2022, 09:05:01 AM

Create an alias containing the URL and set the fw rule destination to this alias :)

Title: Re: firewall rule to DNS destination instead of IP
Post by: yourfriendarmando on July 25, 2022, 07:28:03 AM

This is very good to know

I'm sure this is costly L7 to L4 transition, short of loading an alias with IP blocks, or implementing proxy

Title: Re: firewall rule to DNS destination instead of IP
Post by: Spoonman2002 on August 29, 2022, 08:55:11 PM

Quote from: robertkwild on July 20, 2022, 07:30:47 PM
hi all,

making a firewall rule but instead of the destination being an "ip" i want it to be a "DNS" record, is it possible to put in a DNS name ie dns.msftncsi.com and that resolves to the ip

if not has it got the plugin squid?

thanks,
rob

You cannot use a DNS name in a firewall rule, only IP addresses.
You can use aliases in OPNsense and define a host/DNS name in there.

OPNsense Forum

English Forums => General Discussion => Topic started by: robertkwild on July 20, 2022, 07:30:47 PM