OPNsense Forum
English Forums => Zenarmor (Sensei) => Topic started by: hakuna on February 23, 2021, 11:35:19 am
-
Hi guys,
I have followed this post https://labzilla.io/blog/force-dns-pihole and all the devices are being forced to send DNS request to my Pi-Holes.
Well, not entirely. My Samsung Smart TV is still showing under: sensei/index/#/reports/dns
By analysing the traffic, it's the Netflix application calling 8.8.8.8 from some weird high port such as 51300. They are random high ports.
I don't understand how and why that is happening since one of the rules are like redirect LAN from any port .....
I have checked, rechecked everything. Only my TV is driving me nuts.
Thanks guys.
-
The source port is random and irrelevant. It’s the destination port (53) you need to be focused on
-
It’s the destination port (53) you need to be focused on
Remember that the redirect rule for port 53 is not hit when clients use DoT or DoH, destination ports are 853 for DoT and 443 for DoH.
-
The source port is random and irrelevant. It’s the destination port (53) you need to be focused on
That is the problem, there are already rules for that.
One of the rules is:
TCP/UDP LAN net * ! PiHoles 53 (DNS) PiHoles 53 (DNS)
My smartTV fits in there (LAN net followed by * port), and if the destination on 53 isn't Pi-Hole, redirect to it.
This issue is only happening with the TV. It is application level coming from Netflix App and I am not sure how to fix that :(
-
Why do you care about PiHole? Sensei does all the filtering you need. Yup, this was posted under Sensei discussions.