this post was submitted on 14 Jan 2024
6 points (100.0% liked)

OPNsense

489 readers
1 users here now

All discussions about the open source, FreeBSD-based firewall called OPNsense.

founded 1 year ago
MODERATORS
 

Hey all, recent convert from pfSense. I'm trying to make sure only the DNS servers I've defined are being used for lookups? I'm using Unbound and noticing a lot of traffic on port 53 to destinations other than the ones I've put in.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 10 months ago

Some devices or software will ignore what the os or network are telling them and use their own DNS servers, mainly to bypass filtering. If that's what's happening then you're mostly out of luck. The best you could do is set up firewall rules to block those other servers, assuming they all even use port 53, but that would probably just prevent those devices from working at all.

It's not completely out of the question that you could intercept and redirect those requests, if they're not encrypted