Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Unbound and Bind DNS services ignore blacklists
« previous
next »
Print
Pages: [
1
]
Author
Topic: Unbound and Bind DNS services ignore blacklists (Read 1842 times)
n4l0cks
Newbie
Posts: 2
Karma: 0
Unbound and Bind DNS services ignore blacklists
«
on:
March 29, 2021, 06:46:13 pm »
Hello.
I have a OPNSense firewall running as my external firewall in my home network. Last week I installed the Bind-DNS service and used its function to block both ad and porn domain name lookups. However, I just realized that it is now allowing a lot of common porn domains to be looked up.
The only thing I can recall to have down is updated my system which I hadn't done in a while (6 months). So, I believe that an update to the system has done something to the DNS-services and their DNSBL-functions.
I used to have Bind but then switched to Unbound today to see if that wasn't bugged but the same thing happens there. I enable DNSBL and it still allows the DNS-lookups.
System info: OPNsense 21.1.3_3-amd64
FreeBSD 12.1-RELEASE-p14-HBSD
OpenSSL 1.1.1j 16 Feb 2021
Using Wireshark I see that it is indeed my FW/Bind/Unbound DNS that answers my queries and I don't have any forwarder enabled on the server. The DNS-service is ignoring the blacklist.
Logged
n4l0cks
Newbie
Posts: 2
Karma: 0
Re: Unbound and Bind DNS services ignore blacklists
«
Reply #1 on:
March 29, 2021, 07:13:14 pm »
Not sure what happened but after enabling and disabling rules and continuing testing with Unbound DNS it seems as if it finally works with the blocking.
Might not be too stable at the moment if it behaves likes this for other people as well.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Unbound and Bind DNS services ignore blacklists