Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Free Public IP

    Firewalling
    2
    4
    678
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      surajitom last edited by

      Dear All
      I'm using pfSense 2.3.3. I have 2 IPS. I'm using OpenDNS for content filtering. Under the general setup I've mentioned all the DNS of my ISP's. I have lots of aliases . I have my management and as well as other aliases also.I'm redirecting my normal users to the open OpenDNS address ,i.e. 208.67.220.220 and 208.67.222.222. I have made a alias for the free public DNS's, where I put around 50/60 DNS address, named is as 'Open'.For the normal user, I made a rule that source from the 'Open' will directly redirected to the '208.67.220.220 and 208.67.222.222' address.My rule is working fine. Content wise filtering is perfectly executing. No problem about that.The problem is some of my general user becomes my headache.What they are doing is, somehow they are able to open the 'youtube' by using the free public DNS address, which is not in my list of alias, named 'Open'. And it's spread like a fire.It becomes a tedious job to search for the free public DNS everyday. Is there any options that I can stop them to open 'youtube' . Please help me.Thanks in advance.

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        Why don't you just redirect all dns tcp/udp 53 to the dns you want to use..  Not why you could possible think you could create an alias that contains all known open dns on the internet.  That is just crazy.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

        1 Reply Last reply Reply Quote 0
        • S
          surajitom last edited by

          Dear Sir
          Yes I'm doing the same thing as you are suggesting me.In spite of all they are able to open the you tube and all other site.Tell me one thing ,if  I use anti DNS bypass rule,thus it will be work for this case.If not what else you suggest for me.Thanks in advance

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            What are you doing if your allowing them to use public dns..

            Here is the thing you have 2 options - block their outside dns queries - this would be my choice over redirection.  And only let them use pfsense
            2nd redirect any dns query they do to where you want to send them.

            Keep in mind this still doesn't stop them from using a host file for the fqdn…

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

            1 Reply Last reply Reply Quote 0
            • First post
              Last post