Author Topic: firewall allowing WAN to connect to Google DNS servers (Read 13146 times)

Fright · « **Reply #30 on:** March 05, 2021, 07:03:42 am »

Quote

I am only allowing the DNS to the opnsense server.

no.
you allow all traffic by "allow iot to any rule". you can try to enable logging on this rule and check logs

Quote

Which brings me back to the question, why can't I disable/delete the auto-generated rules?

why do you want to block the request when it is already trying to exit the WAN? block on ingress interface: just block dns-traffic from iot-network to any except "this firewall"

tiermutter · « **Reply #31 on:** March 05, 2021, 12:17:16 pm »

Quote from: Fright on March 05, 2021, 07:03:42 am

block on ingress interface: just block dns-traffic from iot-network to any except "this firewall"

I think the TS don´t want to just block DNS requests to WAN. He wants all DNS requests to be resolved by unbound, even if the devices have hardcoded DNS Servers.

nferocious76 · « **Reply #32 on:** January 06, 2024, 06:25:54 pm »

I found Google APIs Client Library for PHP as part of the package php82-google-api-php-client.
Could this also be the cause?

cookiemonster · « **Reply #33 on:** January 06, 2024, 11:29:26 pm »

the "cause" of this was a misconfugration on the firewall rules.

Author Topic: firewall allowing WAN to connect to Google DNS servers (Read 13146 times)

Fright

Re: firewall allowing WAN to connect to Google DNS servers

tiermutter

Re: firewall allowing WAN to connect to Google DNS servers

nferocious76

Re: firewall allowing WAN to connect to Google DNS servers

cookiemonster

Re: firewall allowing WAN to connect to Google DNS servers