Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - wadhwa

Pages: [1]

22.1 Legacy Series / Re: os-ddclient

« on: February 16, 2022, 09:40:08 pm »

Cloudflare DNS update only works with Global API key but it does not work if I create an API token with DNS edit for the zone. DynDNS I can create API key with specific DNS zone edit access and it was working fine. This is unsafe and creates security issues.

Quote from: franco on February 15, 2022, 09:28:23 am

To sum things up the release notes for tomorrow's 22.1.1 WRT ddclient plugin are as follows:

* Add spdyn, inwx and dns-o-matic (contributed by Rene Schuster)
* Add Hurricane Electric provider (contributed by Netboy3)
* Add option to force SSL, on by default (contributed by Robin Mueller)
* Add Cloudflare and custom service (contributed by Robin Mueller)
* Add STRATO provider (contributed by Alex Mi)
* Add use interface as IP source
* Fix ip6only.me (contributed by Robin Mueller)
* Fix uppercase use in usernames

Cheers,
Franco

General Discussion / Blocking DNS over HTTP

« on: December 15, 2021, 01:21:25 pm »

There's been a lot of discussion around how to block DNS over HTTP, I found that public-dns.info have a very good list which is updated multiple times a day.

I simple Firewall Alias and a Floating rule is very affective if you use Adguard or PiHole DNS.

** Don't forget to port-forward TCP/UDP 53 to local DNS IP.

See attached Images

Documentation and Translation / Re: AdGuard Home setup guide

« on: December 05, 2021, 07:13:16 pm »

To Reject all wdap you can use following custom filtering rule:

Code: [Select]

/wpad[.]([a-z0-9.])*/$dnsrewrite=NXDOMAIN;;
I have seen api.wordpress.org.localdomain, when you use Blocking mode as NXDOMAIN, change to default and these will go away...

Quote from: RamSense on December 04, 2021, 09:17:18 pm

thnx for that tip.
But I see also domains like wpad.localdomain and api.wordpress.org.localdomain etc.
So I just tried a custom filtering rule (block):
||*.local^$important
||*.localdomain^$important

don't know what is better?

On further thought... maybe I can better add [/localdomain/]192.168.1.1:5353
to the Upstream DNS server

Documentation and Translation / Re: AdGuard Home setup guide

« on: December 04, 2021, 07:27:09 pm »

Add following to your upstream DNS servers box:

[/mydomain.local/]192.168.1.1

replace mydomain.local with your local domain and 192.168.1.1 with your local DNS server IP.

Quote from: RamSense on December 04, 2021, 01:21:52 pm

I was looking into the AdGuard Home queries and saw .local and .localdomain with processed NXDOMAIN.

Is it normal to have those queried to outside dns (in my case cloudflare)

Is there a way to have those queried only locally?

Documentation and Translation / Re: AdGuard Home setup guide

« on: December 02, 2021, 11:45:18 am »

I have extended to backup AdGuardHome.yaml file using Git backup plugin (which is a pre-requisite).

1) login to shell in OpnSense

2) edit actions_adguardhome.conf

Code: [Select]

vi /usr/local/opnsense/service/conf/actions.d/actions_adguardhome.conf
3) Insert following:

Code: [Select]

[backup]
command:cp /usr/local/AdGuardHome/AdGuardHome.yaml /conf/backup/git ; cd /conf/backup/git; git add AdGuardHome.yaml; git commit -m "Adguard Config changes on `date`" AdGuardHome.yaml
parameters:
type:script
message:backing up Adguardhome config
description:Backup Adguardhome config

See 1.png attached

5) Restart configd

Code: [Select]

service configd restart
6) Configure Corn job in Web UI

See 2.png attached

7) Result See 3.png attached

Pages: [1]