Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - EdwinKM

Pages 1 ... 9 10 11
#151
General Discussion / Unbound DNSBL on selection of interfaces?
April 10, 2022, 03:50:04 PM
I use a couple of (vlan) networks.
  * guest: allow internet (everything) except rfc1918
  * media: reject rfc1819 but connected some devices (chromecast) and some regular guests on this subnet + internet.
  * lan: For my "own" networks i like to use DNSBL
 
The main problem is with "media". I want to use Unbound for dhcp static mappings but i do not want to use the DNSBL for this interface. So, forwarding (to isp or google) dns using DHCP is not really what i want.

So what to seems to be missing is a interfaces dropdown on the "Services -> Unbound DNS -> Blocklist" page? Is this even possible with unbound?
Am i missing something obvious?
#152
Web Proxy Filtering and Caching / Is it possible to block/forward dns requests of clients not using port 53?
March 02, 2022, 07:57:39 PM
I am not talking about DoT and DoH but plain vanilla  unencrypted DNS requests but just using another port.

Is a list of known internet dns servers the only solution/workaround? (which it is for HTTPS) of can the firewall somehow detect that a DNS query is made?
#153
Web Proxy Filtering and Caching / Re: Unblock does not log blocked requests?
March 02, 2022, 07:07:29 PM
also found this one: https://github.com/opnsense/core/pull/5152/files#

Not sure if it will also fix the logging.

The feature is currently not really usable. My phone is not working. I have to brute force first the list containing the domain. Found the list in the end, but not the exact domain. I do understand this is not pi-hole, but a log line is the first thing you want to trace issues.
#154
22.1 Legacy Series / Re: os-ddclient
February 21, 2022, 05:34:42 PM
As i am migrating pfSense to OPNsense i decided to directly use the new version. Tried with my lab (internal IP) and DuckDNS. It works when entering the Account (still the "password" bug but i just enter some bogus stuff to avoid this check).

But the part that gets me puzzled. In the account screen i can enter the correct "WAN" interface ("Use interface IP"). This seems enough to make it work.

But, on the "General settings" page i can enable the "cronjob" now. This page ALSO has the option to select "Interface" with option "WAN". What is the difference between those two?
#155
Web Proxy Filtering and Caching / Unblock does not log blocked requests?
February 15, 2022, 09:33:23 PM
Hello all, new to the forum and migrating pfSense to OPNsense.
Today i am toying with blocking ads (by blocking DNS).

So, i am using Unbound blocklists. And this works fine. Return 0.0.0.0.

But in case of future debugging, i think, it would be useful to see the blocked requests. It is not logged in "Log File" even if i change "Log level verbosity" to "Level 5". Certainly for appliances (tablets) where not always known what is called this can be useful?
Pages 1 ... 9 10 11