Disallow dns tunnel



  • Hello,

    i'm using captive portal over wireless with a WRAP board. now i recognize that some nice people using a dns tunnel with my AP. who to protect against this?
    i only allow ports 80, 443 and email. but i have also to activate dns 53 to make dns resolving working. is it possible to use a dns server on the box and to disable the txt records?

    Martin



  • Does it make a difference if you only allow DNS to the IP of the pfSense or is the forwarder even forwarding the tunnel traffic?



  • Hi hoba,

    i have to check if the dns forwarder of pfsense forwards the dns dunnel. at the moment i allow all dns traffic.
    hm do you think the forwarder can for example block txt records?

    Martin



  • I'm not sure but it's worth a try.



  • Unless you have reason to believe this is really a DNS tunnel, my bet is that they've just configured OpenVPN to use port 53.  Blocking DNS to servers not under your control should fix the problem.

    –Bill


Log in to reply