"Quote from: rainydaynetwork on February 11, 2026, 01:02:29 AMWith the rules GUI change in 26.1.1 - Can anyone provide an update to this guide? There is no redirect options, DNS option in port, or NAT reflection options on the create rule page. The migration tool did not convert the rules properly for me, they break all functionality and I had to reset them.
An updated guide will definitely help to new users like me. ;-)
Also, I have some questions (I'm on OPNsense ver.26.1.2):
1. What is the reason to use the Invert condition in the suggested rule:
Interface: LAN
Protocol: TCP/UDP
Destination / Invert: Checked
Destination: LAN address
Destination Port: DNS
Redirect target IP: 127.0.0.1
Redirect target port: DNS
NAT reflection: Disable
As I can accomplish the same by capturing DNS requests (port 53) to any destination, not only different from LAN_Address:
Interface: LAN
Protocol: TCP/UDP
Destination / Invert: Unchecked
Destination: Any
Destination Port: 53
Redirect target IP: 127.0.0.1
Redirect target port: 53
NAT reflection: [no such option, not used]
2. About the "Note: If you have multiple networks, you would have to make a rule for each network. Make sure unbound is listening on the other network interfaces too".
Maybe specific to ver. 26.x.x but in Firewall > NAT > Destination NAT now I can pick more than one interface to the NAT rule.
So, can I do that or need such rules to every Interface/VLAN I intend to set a DNS redirection?
Thank you.
