Messages

Very nice, well done!

Thanks Franco!
Nice list :)

Thanks for the report!

They do.. for 2 minutes ;D

This never happened to me...

If we're at it and anybody knows this, yeah, 18.1.7 release date is also very good to know :p

I need this info (if possible to disclose) because of some logistical decisions i need to make.

Thanks.

[all]

I have never done your setup. I'll start with saying that anything that needs to be blocked, should be blocked as fast as possible, any other design is risky and i will never recommend anything else.

Regarding your question, you should carefully follow all your fw rules, priorities and ordering. Something with higher priority is passing your packets, probably an "allow any to any" on some interfaces/vlans.

Welcome to OPNsense!

Cloudflare is some sorts of proxy for anything behind them, they intercept all queries before reaching the destination. Including encrypted communication. I didn't try, but without dnssec this may work with Cloudflare as well (although dnssec is not encrypted DNS communication, it is a signed response, with which Cloudflare may interfere).

Follow this tutorial and you will get your IDPS up and running:
https://forum.opnsense.org/index.php?topic=6893.0

It's not updated, but I hope you'll manage to find the options which were modified in the GUI.

It works exactly as it should.

This is the help text under that option:
"By default localhost (127.0.0.1) will be used as the first DNS server where the DNS Forwarder or DNS Resolver is enabled and set to listen on Localhost, so system can use the local DNS service to perform lookups. Checking this box omits localhost from the list of DNS servers."

This means your queries go directly to the configured DNS servers, and will not go through the DNS resolver (Unbound) or DNS forwarder (dnsmasq). But they are going out some way or another. There's no bug anywhere :)

Do I have to open any ports in NAT/Firewall to make this work?

No.

Much more to gain using Quad9 than Cloudflare anyway. Those 10-15 ms faster performance with Cloudflare is nothing compared to the security offered by Quad9. Regarding privacy.. that's something for you to decide.

Still going strong here... absolutely no issues...

Hmm.. Maybe a packet capture can shed some light what on what is going on there.. have you tried that?