Unfiltered DNS for specific application?
-
Is there any way to get unfiltered DNS for just the web browser? I can do this in Firefox by using DNS over HTTPS to a DNS like Cloudflare. However, I'd rather use my local unfiltered DNS.
In case you're asking why I do this, it's because I use uBlock Origin and would like to have fine-grained control over which sites get filtered.
-
That's one of the reasons why pfBlockerng-devel was develloped :
Use the Python mode.
And then :
Now, 192.168.1.2 ( and it's IPv6 ) will now bypass the DNSBL of pfBlockerng-devel.
-
@gertjan That will work to whitelist the IP address, not just the browser.
-
?
Have a look at a DNS packet unbound receives on the pfSense LAN port. Yep, that will be an Ethernet packet. As filter criteria, set up port 53, and use the IP of your device.
As soon as you have one, inspect it. This is technology of the years 60 and 70, last century, so quiet simple.You will find out quickly there is a source IP, destination IP, source port, destination port, and a 'word' with 16 or so bits that tells what kind of packet it is (like UDP - the packet number etc) and a time stamp.
There is no information that tells unbound "what program" made or send this packet ***
So, unbound on pfSense can not know that the packet creating program was a 'browser' (or a mail client, or command line tool, or a file server, or a mail server, or whatever program) that wants to communication over the Internet.With some very nifty comparing you could speculate what OS made the packet. Programs exist to do this kind of detecting. Unbound can't do that.
What you can do : tell your browser to do its own DNS, so addresses itself direcly to, for example, 8.8.8.8 or a "canary" solution.
