Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Rules Order

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 269 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      TheSkelly
      last edited by

      Hi all,

      I have a guest network setup on my pfSense box. After some reading around online, I have created the following rules - and am hoping to get some feedback on whether it is in the correct order/doing what I want it to do.

      d99d840a-c4a4-4e1f-8c4a-11943dd809d2-image.png

      • Per the Netgate documentation, I have added a NAT Port Forwarding rule to ensure that all DNS queries go to the local unbound resolver.

      • I have another rule that allows access to the DNS ports on the firewall (53 and 853), followed by another rule that blocks all other access to firewall.

      My questions:
      1 - Will this work? Or do I need to swap the order of the two DNS rules?
      2 - Will this mean that even if someone specifies using 8.8.8.8 for example, it will ignore the 8.8.8.8 part of the request and go straight to the inbuilt resolver? (assuming resolver settings are still their out of the box defaults)

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.