Text only | Text with Images

OPNsense Forum

Archive => 22.7 Legacy Series => Topic started by: weeßicknich on September 11, 2022, 08:09:40 PM

Title: Why is there no automatic rule creation for Unbound DNS?
Post by: weeßicknich on September 11, 2022, 08:09:40 PM
Hi,

I was wondering why there is no automatic firewall rule creation for the interfaces Unbound DNS listens on like there is for DHCPv4/v6.

Any ideas or theories?  :)
Title: Re: Why is there no automatic rule creation for Unbound DNS?
Post by: cookiemonster on September 11, 2022, 10:35:38 PM
I've never had to create a rule after enabling Unbound. It's been a while so it might be different now but as far as I'm aware, it is created by default. Or rather, the allow in from LAN would take care of it.
Is it a special type of interface perhaps you have?
Title: Re: Why is there no automatic rule creation for Unbound DNS?
Post by: Bob.Dig on September 12, 2022, 11:08:48 AM
The rules for DHCP are for hosts/clients to talk to the firewall, not the other way around. 
Title: Re: Why is there no automatic rule creation for Unbound DNS?
Post by: weeßicknich on September 12, 2022, 05:01:31 PM
No exotic interface, just VLAN on a physical gigabit ethernet port. There was no automatic rule creation for port 53 TCP/UDP, see attached screenshot. Queries aren't answered until I manually create an allow rule from interface net to interface address on 53 TCP/UDP. So the firewall is working as expected but the original question remains.
Text only | Text with Images