firewall rule to DNS destination instead of IP

robertkwild · July 20, 2022, 07:30:47 PM

hi all,

making a firewall rule but instead of the destination being an "ip" i want it to be a "DNS" record, is it possible to put in a DNS name ie dns.msftncsi.com and that resolves to the ip

if not has it got the plugin squid?

thanks,
rob

tiermutter · July 21, 2022, 09:05:01 AM

Create an alias containing the URL and set the fw rule destination to this alias :)

yourfriendarmando · July 25, 2022, 07:28:03 AM

This is very good to know

I'm sure this is costly L7 to L4 transition, short of loading an alias with IP blocks, or implementing proxy

Spoonman2002 · August 29, 2022, 08:55:11 PM

Quote from: robertkwild on July 20, 2022, 07:30:47 PM
hi all,

making a firewall rule but instead of the destination being an "ip" i want it to be a "DNS" record, is it possible to put in a DNS name ie dns.msftncsi.com and that resolves to the ip

if not has it got the plugin squid?

thanks,
rob

You cannot use a DNS name in a firewall rule, only IP addresses.
You can use aliases in OPNsense and define a host/DNS name in there.

firewall rule to DNS destination instead of IP

robertkwild

July 20, 2022, 07:30:47 PM Last Edit: July 20, 2022, 08:42:06 PM by robertkwild

tiermutter

July 21, 2022, 09:05:01 AM #1

yourfriendarmando

July 25, 2022, 07:28:03 AM #2 Last Edit: July 25, 2022, 07:37:41 AM by yourfriendarmando

Spoonman2002

August 29, 2022, 08:55:11 PM #3