Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Pi-hole with a combination of things
« previous
next »
Print
Pages: [
1
]
Author
Topic: Pi-hole with a combination of things (Read 6948 times)
trailgolfnet99
Newbie
Posts: 4
Karma: 0
Pi-hole with a combination of things
«
on:
December 17, 2022, 04:23:01 pm »
Hi, I'm new to the whole OPNsense forum and also to firewalls. I'm currently running pi-hole on a raspberry, but without unbound. I would like to use pi-hole with it's feature to see who requested what domain, because it will be easier for me to block certain domains this way. My OPNsense is a custom x86/64 based system with a dual port intel nic. I was looking at solutions on different websites, but my main concern was that i won't be able to see the IP/mac address of the device who requested it, only the firewall's (OPNsense) IP address, which isn't ideal for me. I would also like to block any other traffic for hardcoded dns servers on not safe devices, so nothing is getting around the pi-hole. Also is there a way to block or force DoT/DoH to go through port 53 to my pi-hole? Any help would mean a lot to me since i won't be able to deploy the new system until i figure this thing out, because my current setup is working with pi-hole (I want to minimize the level of tracking inside the network).
Logged
RamSense
Hero Member
Posts: 595
Karma: 10
Re: Pi-hole with a combination of things
«
Reply #1 on:
December 17, 2022, 04:36:41 pm »
I think this guide has all info you need:
https://homenetworkguy.com/how-to/configure-dns-opnsense-pihole/
I did use pi-hole in the past, but switched to Adguard Home, Also available as pluging for opnsense:
https://www.routerperformance.net/opnsense-repo/
I like Adguard Home more, just mention it here for you to have multiple options :-)
Logged
trailgolfnet99
Newbie
Posts: 4
Karma: 0
Re: Pi-hole with a combination of things
«
Reply #2 on:
December 17, 2022, 04:48:41 pm »
Thanks for the quick response! I haven't found this tutorial before! Also what about the DoT/DoH blocking? I find it now default on newer phones to enable google DoH by default on android.
Logged
RamSense
Hero Member
Posts: 595
Karma: 10
Re: Pi-hole with a combination of things
«
Reply #3 on:
December 17, 2022, 04:51:42 pm »
take a look at e.g. zenarmour plugin:
https://docs.opnsense.org/vendor/sunnyvalley/zenarmor.html
and
https://www.sunnyvalley.io/zenarmor-next-generation-firewall
or setup firewall block rules, there are some lists mentioned in this (long) thread:
https://forum.opnsense.org/index.php?topic=9245.0
«
Last Edit: December 17, 2022, 04:58:03 pm by RamSense
»
Logged
trailgolfnet99
Newbie
Posts: 4
Karma: 0
Re: Pi-hole with a combination of things
«
Reply #4 on:
December 17, 2022, 05:23:46 pm »
In the meantime i found this website (
https://labzilla.io/blog/force-dns-pihole
) claiming to do what i want exactly but it's for pfsense, and the namings are a bit different. Are these features present in OPNsense? If so how do they differ from pfSense?
«
Last Edit: December 17, 2022, 05:29:48 pm by trailgolfnet99
»
Logged
RamSense
Hero Member
Posts: 595
Karma: 10
Re: Pi-hole with a combination of things
«
Reply #5 on:
December 17, 2022, 06:07:48 pm »
you should be able to get it into opnsense, the principle is the same and OPNsense started as a fork of pfSense® and m0n0wall in 2014
https://opnsense.org/about/about-opnsense/
Logged
trailgolfnet99
Newbie
Posts: 4
Karma: 0
Re: Pi-hole with a combination of things
«
Reply #6 on:
December 22, 2022, 01:40:22 pm »
I only have one question in the tutorial, the 3rd rule mentions the unexpected source errors in certain devices and gives this setting (Network for the outbound NAT mapping) as a solution, but it only says that "your internal LAN network". What is he referring to? 192.168.1.0 or 192.168.1.1 for the default gateway? I know this is not the appropriate place to ask this question, but the op doesn't want to answer this question. This is the link again if somebody here knows the answer (
https://labzilla.io/blog/force-dns-pihole
)
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Pi-hole with a combination of things