English Forums > Intrusion Detection and Prevention

Block connection to IPs which are not in DNS cache

(1/2) > >>

CJ:
Is this possible in OPNSense?  With the advent of DoH I want to prevent all connections to IPs that have not been resolved by the local DNS cache.

I looked through the settings and I didn't see anything that would do this.

Thanks.

AndrewBriggs:
https://writemyessay.onl
You need to go to the DNS Server settings, select Properties and on the Interfaces tab, explicitly select only those addresses to which you want to accept dns requests.

CJ:

--- Quote from: AndrewBriggs on November 30, 2020, 11:25:20 am ---https://writemyessay.onl
You need to go to the DNS Server settings, select Properties and on the Interfaces tab, explicitly select only those addresses to which you want to accept dns requests.

--- End quote ---

That's not the problem I'm trying to solve.  I want everyone on the network to use my DNS server.

What I'm trying to prevent is DoH lookups or hard coded IPs.  Anything doing that on my network is up to something.

Verda5:

--- Quote from: CJRoss on July 08, 2020, 09:23:09 pm ---Is this possible in OPNSense?  With the advent of DoH I want to prevent all connections to IPs that have not been resolved by the local DNS cache.

I looked through the settings and I didn't see anything that would do this.

Thanks.

--- End quote ---
To approve domains ex. example.com only approve the IPs of the DNS servers that have that domain. You can do this by going to "DNS Server Settings", selecting "Properties" on the "Interfaces Tab", and then explicitly allow only those DNS Servers which are hosting that domain to respond content requests.

allebone:
This sounds like a problem for Zenarmor (sensei) to solve, not for opnsense. You should ask them if they can or have plans to do this.

Navigation

[0] Message Index

[#] Next page