Firewall DNS Rules
-
Ok, I'm a little lost on making DNS Server Rules where Rule1 would allow the usage of the OpenDNS and then Rule2 would deny the use of anything else. Reasoning is so that my son can statically change his DNS to avoid being filtered…
-
To make an alias:
Go to Firewall->Aliases
Click the + sign
Type in the name and description
Click the + sign at the bottom twice
add the following IPs each on their own line: your firewall, 208.67.222.222, 208.67.220.220.Now for the rules:
Go to Firewall->Rules->Opt1
Click the + signthen (I have listed only the options which you need to edit):
Protocol: TCP/UDP
Destination Type: Single Host or Alias
Destination Address: whatever you named the alias
Destination Port Range from & to: DNSClick save.
-
To make an alias:
Go to Firewall->Aliases
Click the + sign
Type in the name and description
Click the + sign at the bottom twice
add the following IPs each on their own line: your firewall, 208.67.222.222, 208.67.220.220.Now for the rules:
Go to Firewall->Rules->Opt1
Click the + signthen (I have listed only the options which you need to edit):
Protocol: TCP/UDP
Destination Type: Single Host or Alias
Destination Address: whatever you named the alias
Destination Port Range from & to: DNSClick save.
Wow. You have really been helpful. I created an Alias just for OpenDNS so that is all that would be accepted under the OPT1 interface. Then the second rule rejects all port 53. Thanks again for taking the time to explain this.
-
Correct. You are welcome. I got this from the pfSense Docs/Book.
-
Correct. You are welcome. I got this from the pfSense Docs/Book.
You know I've skimmed through it but I never even thought about an Alias as I've never used them before. Very handy.