Using OPNsense as my Local DNS

Started by fbeye, March 22, 2023, 06:59:49 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 22, 2023, 06:59:49 PM
Hi! I have been using OPnsense at the DHCP server but referring to PiHole (192.168.5.47) as my DNS/Ad Block. I was wanting to eliminate Pihole, more so the idea of having another device to do DNS and maybe just having everything local, and maybe adding Adguard to it.

I am not exactly too sure what I would need for this, is this local DNS built in, or would it be a plugin?
In case I am talking stupid, I just wanna make, let's say, plex.x.duckdns.org resolve to 192.168.5.181, even if the Internet is down. So and and so forth for a good 15-20 dockers/hosts.

I don't necessarily need it written out for me, but just a little guidance to get me on my way.
March 22, 2023, 07:30:40 PM #1
Adguard is a 3rd party plugin for OPNsense (mimugmail's repo).
You simply need to add the repo and install the plugin, configure it and set everything (DHCP, FW rules,...) to use the sense / adguard as DNS resolver.

It will also be possible to add rewrites, achieving that any URL will be resolved to any IP you want.

Apart from this, OPNsense offers built in DNS, that would also allow rewrites and some filtering.

I like adguard :)
i am not an expert... just trying to help...
March 22, 2023, 11:19:03 PM #2
Awesome!

I will go home and give this a try. I will probably stick to ADGUARD so I can have the blocklists as well. Thank you.
March 23, 2023, 02:04:31 AM #3
Weird!

So, I followed guide https://0x2142.com/how-to-set-up-adguard-on-opnsense/ which is based off of mimugmail's repo. I see it in Plugins, I download and installed it with success. I see it under Services, I enable it.
I go to http://192.168.5.1:3000 (my Opnsense is 192.168.5.1) but it times out.
I will say, when I look in /usr/local/Adguardhome... There is no yaml. Could the download have been corrupt?

March 23, 2023, 01:38:52 PM #4
No, I think the configuration file (the yaml file) is created after you finish the setup assistant when you access AdGuard Home's web UI for the first time. Can you confirm it's running from the services widget on your OPNsense's dashboard? Or maybe just try to start an instance by executing the file /usr/local/Adguardhome/AdGuardHome (or whatever it's called).
March 23, 2023, 04:15:29 PM #5
I verified all is up and running, though inaccessible. When I run the command you mention;

/usr/local/AdGuardHome/AdGuardHome
2023/03/23 08:07:12.977157 [info] AdGuard Home, version v0.107.15
2023/03/23 08:07:12.977277 [info] This is the first time AdGuard Home is launched
2023/03/23 08:07:12.977308 [info] Checking if AdGuard Home has necessary permissions
2023/03/23 08:07:12.977495 [info] AdGuard Home can bind to port 53
2023/03/23 08:07:12.978151 [error] creating dhcpv4 srv: dhcpv4: <nil> is not an IP address
2023/03/23 08:07:12.978284 [info] Initializing auth module: /usr/local/AdGuardHome/data/sessions.db

I am looking up the error code but nothing really seems to direct me what to do, and a lot are giving commands that the Opnsense shell does not know of.
March 23, 2023, 04:30:15 PM #6
Quote from: fbeye on March 22, 2023, 06:59:49 PM
Hi! I have been using OPnsense at the DHCP server but referring to PiHole (192.168.5.47) as my DNS/Ad Block. I was wanting to eliminate Pihole, more so the idea of having another device to do DNS and maybe just having everything local, and maybe adding Adguard to it.

I am not exactly too sure what I would need for this, is this local DNS built in, or would it be a plugin?
In case I am talking stupid, I just wanna make, let's say, plex.x.duckdns.org resolve to 192.168.5.181, even if the Internet is down. So and and so forth for a good 15-20 dockers/hosts.

I don't necessarily need it written out for me, but just a little guidance to get me on my way.

I wrote a whole two part tutorial about using OPNSense for DNS and adblocking.  I haven't updated it for the new dashboard but everything else is the same.  Pi-Hole uses the Steven Black list by default last time I looked.

https://www.cjross.net/dns-security-and-adblock-with-opnsense-part-1/
March 23, 2023, 04:39:49 PM #7
So this, when I read it in a few, is a local alternative to Adguard?
March 24, 2023, 01:04:03 PM #8
Quote from: fbeye on March 23, 2023, 04:15:29 PM
2023/03/23 08:07:12.978151 [error] creating dhcpv4 srv: dhcpv4: <nil> is not an IP address

Hmm, strange. I couldn't find a solution for this problem. But maybe you could download the latest version of AGH from GitHub and replace the files in /usr/local/AdGuardHome/. Mind the permissions, group and owner of the files ofc.
March 24, 2023, 03:13:47 PM #9
Quote from: Vexz on March 24, 2023, 01:04:03 PM
Quote from: fbeye on March 23, 2023, 04:15:29 PM
2023/03/23 08:07:12.978151 [error] creating dhcpv4 srv: dhcpv4: <nil> is not an IP address

Hmm, strange. I couldn't find a solution for this problem. But maybe you could download the latest version of AGH from GitHub and replace the files in /usr/local/AdGuardHome/. Mind the permissions, group and owner of the files ofc.

Honestly, I do not know enough about the OPNSense OS platform to know the commands to download, extract and copy.
I also tried the link of the howto from prior poster, but I think my NordVPN OpenVPN using unbound is messing with it, cause when I did the how-to, I lost internet.

It's all a whole mess. I think I am gonna make start from scratch, or scratch it.
March 24, 2023, 03:30:58 PM #10
Could me running OpnVPN/NordVPN cause it [Adguard] to install but not access https://192.168.5.1:3000?
March 24, 2023, 09:50:35 PM #11
Well, it seems it was my NordVPN.. I disabled the NordVPN Interface, and sure enough, I was able to access Port 3000.
Print
Go Up Pages1
User actions