Can't block DNS request for a specific client
-
I need to be able to block DNS for a specific client on my network. I have created an alias for that client however when I try to block DNS request using the alias nothing is blocked. However, if I change the protocol to http or https it gets blocked. So my question is how do I block DNS for a specific client?
-
Show the screenshot of the rule.
-
Check out the link
http://imgur.com/ObQUNmU
-
That is wrong. Make it TCP/UDP (and flush states after that).
-
I actually had tcp/udp there before and it still did not work. I even flushed the state table and still nothing. As I stated other protocols work just not dns.
-
1/ DNS is TCP/UDP. Pointless discussion.
2/ If it still does not work AFTER you have flushed all the states, then fix the non-matching alias. -
Not following you on non matching alias. I configured a basic alias for example alias name is BOB I than added IP address of the workstation in question 192.168.2.50. As stated this same alias has zero problems with http traffic I just find it weird.
-
That TCP/UDP rule will block DNS just perfectly fine if the queries are coming from the computer itself. It will not block anything at all if they are coming from elsewhere, such as another DNS server on LAN.
-
Is there another rule above it that is already passing DNS traffic?
-
doktornotor is correct if I define dns servers for example google dns the rule works. My problem is the dns queries are sent to an internal dns server than that server is configured with forwarders out to opendns.
-
Well, so… If you want to force your DNS to pfSense, the only DNS traffic that should be allowed is from pfSense itself.
https://doc.pfsense.org/index.php/Blocking_DNS_queries_to_external_resolvers
https://doc.pfsense.org/index.php/Redirecting_all_DNS_Requests_to_pfSense