Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    redirect ping to google

    Firewalling
    4
    6
    330
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 4
      4o4rh
      last edited by

      I have firewall rules to trap DNS and redict to the local server per below

      0cc83d20-f5b5-4a6f-bdb1-a68158d1d6cf-image.png

      674de505-bf19-42bf-b737-b4cfc747e481-image.png

      However, of my TVs wants to ping dns.google and even if I put a rule to pass ICMP, it is still being blocked by pfblocker.

      7ab9ca55-1fff-417c-92fd-df5bb66dc786-image.png

      Ideally, I want to redict those pings to pfsense so that the TV thinks it is getting a response from google. how do i do that?

      R V 2 Replies Last reply Reply Quote 0
      • R
        rcoleman-netgate Netgate @4o4rh
        last edited by

        @gwaitsi said in redirect ping to google:

        Ideally, I want to redict those pings to pfsense so that the TV thinks it is getting a response from google. how do i do that?

        ICMP ≠ TCP or UDP. It's ICMP.

        Ryan
        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
        Requesting firmware for your Netgate device? https://go.netgate.com
        Switching: Mikrotik, Netgear, Extreme
        Wireless: Aruba, Ubiquiti

        1 Reply Last reply Reply Quote 1
        • V
          viragomann @4o4rh
          last edited by

          @gwaitsi
          It's the same as other redirections.
          Add a port forwarding rule, select the ICMP protocol and the IP of the TV as source, at destination 8.8.8.8 (or maybe an alias if the device uses multiple IPs) and at redirect target set localhost or any other pfSense IP.

          4 1 Reply Last reply Reply Quote 0
          • 4
            4o4rh @viragomann
            last edited by

            @viragomann but i think pfblocker is still a problem then.
            pfB_PublicDNS_v4 auto rule (1770016974)

            V 1 Reply Last reply Reply Quote 0
            • V
              viragomann @4o4rh
              last edited by

              @gwaitsi
              It shouldn't be.
              The NAT rule is applied before firewall rules. So the the firewall sees the ICMP packets to the localhost or whatever. This must be allowed.

              1 Reply Last reply Reply Quote 0
              • NightlySharkN
                NightlyShark
                last edited by

                @gwaitsi What @rcoleman-netgate already said:
                2f4cbbd6-14b0-4c97-88ea-fa0c53e1de74-image.png
                515cd4e5-71f4-4c48-9225-3192fc4d5f56-image.png

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post