Messages

1

18.7 Legacy Series / Re: Update to 18.7.10 broke my WAN Interface on apu2

« on: January 13, 2019, 07:08:10 pm »

I have the same issue, all seems fine, I get the correct gateway and ip but I get no route to host to the internet.

I'll try reverting the update.

Edit: Managed to get things going, rebooting my cable modem solved the issue. Not sure how it's related, hopefully it can help someone else with this issue.

2

General Discussion / Re: Blocking DoH

« on: December 03, 2018, 09:18:04 pm »

Thank you for your answer, right now mozilla.cloudflare-dns.com resolves to the following, this can change anytime.

Code: [Select]

mozilla.cloudflare-dns.com has address 104.16.111.25
mozilla.cloudflare-dns.com has address 104.16.112.25
mozilla.cloudflare-dns.com has IPv6 address 2606:4700::6810:6f19
mozilla.cloudflare-dns.com has IPv6 address 2606:4700::6810:7019

If other browsers jump on the DoH bandwagon this can become more problematic.

Using a proxy could be a solution, I need to research that to see if it can work.

3

General Discussion / Blocking DoH

« on: December 03, 2018, 06:14:02 pm »

Hello,

It seems at least Firefox is moving to enable DNS over HTTPS by default. This creates problems on our network so I'm looking for ways to block DoH traffic. I'm wondering if someone already found a reliable way of blocking this type of traffic in OPNsense.

So far I figured I can overwrite mozilla.cloudflare-dns.com in our DNS and try to block all associated ip adresses. This could end up a game of whack a mole if they keep changing the ip addresses.

Many thanks for any insight on this in advance,