Blocking certain websites
-
@Gertjan I shutoff the vpn and it works! I set the dns resolver to wan, bring back up the vpn connection and it still works....wth?
-
)
Now I’m trying to post and seeing this lmfao
-
Well once you have the correct ns cached for the domain, you don't have to go ask again.. Which is why I mentioned poisoning..
Also how did you set resolver to only use wan?
Also are you pulling routes from your vpn? This makes your vpn default, even if not policy routed. Did you actually change the resolver to only use wan, or did you set it to all? etc..
Posting a lot of text can sometimes be seen as spam.
-
I went to services, DNS resolver, network interface was already set to ALL. I changed outgoing network interface from PIA_VPN to WAN.
-
@kendalja said in Blocking certain websites:
network interface was already set to ALL
No it wasn't - from your screenshot.
See here
Not talking about the inbound to unbound, only outbound.
I would restart unbound, set it back to the way you had it.. do the trace again - are you seeing those tonic.to in the trace again?
It could of been a red herring with your vpn - and just that you had cache poisoned already.. You need to make sure you flush your unbound cache.. A restart of unbound will do that for you - just need to make sure it actually restarts, etc.
-
Right there is also a section above that and it’s set to all. I now have the outgoing to WAN.
-
Well if everything is working that way - set it back to your vpn path for outgoing, and flush - are you seeing the problem with the tonic.to in the trace? If so something really wrong if your vpn connection!! And they are manipulating your dns queries.
-
Read above on my post about the “to” in my logs lmfao. User error.
-
huh?
Here is where the to has been coming from. I've been executing the command "dig +trace to ns1.fmlh.edu"
tonic.to should be no where in a trace to that..
Nor to your original fqdn..
-
While executing the command I actually typed in “dig +trace to ns1.fmlh.edu” instead of “dig +trace ns1.fmlh.edu”
