DoH,DoQ,DoT - DNS blocking and redirection DNSBL.

Started by xkpx, January 25, 2023, 09:15:18 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 25, 2023, 09:15:18 AM Last Edit: January 28, 2023, 12:22:08 AM by xkpx
Hello gentlemens/ladies, still newbie here.

Configuration:
* Removed all DNS by ISP and cleared all possible places, then i set DoT Quad9 in Unbound.
* DNSBL list - https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-domains.txt
* DNSBL whitelist added dns.quad9.net
* DNSBL blacklist with checked NXDOMAIN option, then applied & restarted Unbound server.

Result:
* DOHs are blocked.

Okey, but when i try to open BraveBrowser and connect to internet website is blocked.
Then try to make NAT Port Forwarding rule for 53,853 and redirect to 127.0.0.1;53;853.
But again didn't worked and all websites was blocked.

Did i missed something, and is it possible or if not, maybe with one of these options?
* Suricata and RuleList,
* Firewall-Alias rule add (if list is domain names they are resolved to ip)
* Unbound Override
* Unbound RPZ - https://forum.netgate.com/topic/171887/unbound-dns-rpz/2
* SSL-Split - https://laskowski-tech.com/2020/03/29/opnsense-and-ssl-decryption-using-sslsplit/

( I'am thinking its way better to block on DNS level instead of rule ?)
( Also even if i manage to somehow bypass and get it working , Is it right that i'am just redirecting the request through quad9 and will still arrive at the doh server used by Brave in example ?

Video for information about "Best New" - loss of visibility by managed private networks : https://www.youtube.com/watch?v=04Wugl7yb-k [ Going Dark: catastrophic security and privacy losses...]
March 03, 2023, 03:01:29 PM #1
Found this lovely guide: https://labzilla.io/blog/force-dns-pihole
On first try manage to lock myself , but i think its working we will see :)
Print
Go Up Pages1
User actions