Messages

Hi,
I know that this is an old topic but this info might help someone.
Simply changing and appying the alias to ASN 0 (non-existent) will trigger the update. Changing it back to the right ASN number the update will be triggered again with the correct result.
All aliases are in separate files under

Code Select Expand

ls -al /var/db/aliastables

Hello,

Following the https://forum.opnsense.org/index.php?topic=9245 I've created a port forward rule.
Apparently this correctly forwards all DNS queries to localhost, but the firewall responds with its own interface address as source, so the client will not accept it.
See the following tcpdump output taken on the firewall:
192.168.2.21: client ip
192.168.2.254: fw interface ip

Code Select Expand

21:32:43 IP 192.168.2.21.35156 > 8.8.8.8.53: 52992+ [1au] A? dw.com. (47)
21:32:43 IP 192.168.2.254.53 > 192.168.2.21.35156: 52992 2/0/1 A 194.55.30.46, A 194.55.26.46 (67)
In my understanding the firewall just sent back the reply to the client and following its routing table it realized that it has an interface in the client's subnet -> the response packet did not pass through the NAT (portforward) rule -> the source did not get overwritten to 8.8.8.8
What did I set wrong?
Not sure if it is important, but AdGuardHome is listening on the firewall all ip and port 53.

It seems to me that I am not alone: https://forum.opnsense.org/index.php?topic=9245.msg164547#msg164547

Not sure if I have to deal with Rules/adbanced features/reply-to?