How to autorize WAN typed interface to DNSBL block-web-page
I meet a "problem" which is not one in my opinion. I'm using pfblockerNG-devel on my firewall (2.4.5-p1) and everything is going great. Here is my topology:
- HLAN interface (~ = WAN): 192.168.1.0/24 network - router ISP network with Wi-Fi for my LAN (TV, smartphone, etc.).
- DMZ interface: network 10.20.30.0/24 with my webserver
Currently, my clients (HLAN net) are configured to use PFSENSE as a DNS server and it works very well, the sites are "blocked" (resolved in 10.10.10.1). However, I do not have a block page that appears on my browsers.
On the DMZ network, I also have blocking which works but I also have the blocking web page! How to give access to my HLAN interface to 10.10.10.1 ???
I tried to authorize flows from my HLAN network to 10.10.10.1 but without effect (floatting rule). I tried to authorize HLAN flows to the DMZ interface but without effect either.
Anyone have an answer?
Thanks in advance and a big thank you to @BBcan177