Disallow dns tunnel

  • Hello,

    i'm using captive portal over wireless with a WRAP board. now i recognize that some nice people using a dns tunnel with my AP. who to protect against this?
    i only allow ports 80, 443 and email. but i have also to activate dns 53 to make dns resolving working. is it possible to use a dns server on the box and to disable the txt records?


  • Does it make a difference if you only allow DNS to the IP of the pfSense or is the forwarder even forwarding the tunnel traffic?

  • Hi hoba,

    i have to check if the dns forwarder of pfsense forwards the dns dunnel. at the moment i allow all dns traffic.
    hm do you think the forwarder can for example block txt records?


  • I'm not sure but it's worth a try.

  • Unless you have reason to believe this is really a DNS tunnel, my bet is that they've just configured OpenVPN to use port 53.  Blocking DNS to servers not under your control should fix the problem.


Log in to reply