OPNsense Forum
English Forums => Tutorials and FAQs => Topic started by: orange-phone on October 31, 2018, 09:32:40 pm
-
I wanted to create a local caching DNS server that would redirect DNS queries by crafting my own DNS answer with the IP 127.0.0.1 to neutralize malware instead of the real IP provided by the real DNS server.
*see illustration attached
I have OPNsense running on a VM with 3 NICs; internet, client and management. These are running on my local machine as a simulation of client access to internet. There is no external internet connection.
WAN (em1) OPT1 (em2)
Internet ----> OPNsense ----> Client Network
10.1.1.10 10.1.1.20
LAN (em0): Used for management (192.168.1.99)
I configured OPNsense as a Transparent Bridge Connection (OPT2).
I was looking into using Dnsmasq DNS (forwarder) to accomplish this, however have not been successful so far. Here is the current set up I have:
I have 10.1.1.10 assigned as my DNS server under System>Settings>General>DNS servers. I’ve created a file in /etc/extra that stores the domains that I would like blocked as well as the IP that I want to redirect to (eg. 127.0.0.1 www.test.ca) . I’ve added this file under the Advanced option under Services>Dnsmasq DNS>Settings.
When I do a DNS lookup through the OPNsense GUI I get the correct response. However, when I do nslookup www.test.ca from my client network I do not get the response that I`m looking for (127.0.0.1).
How do I get OPNsense to respond to my client network with the IP 127.0.0.1?
Any help would be appreciated!