Despite WAN-blocking firewall rule, machine can still resolve hostnames? [FIXED]



  • Hello all,

    Despite the following firewall rule which SHOULD block all WAN access to this IP, it's still able to resolve hostnames to IPs.  Surely DNS traffic is included in this rule which is set up to block all protocols, ports and destinations from one IP on the LAN.

    
    Proto    Source         Dest    Port     G/W    Sched
     *  	 192.168.2.1  	 *  	 *  	 *  	 *
    

    Wite this rule in place, the machine can not ping any IPs, load websites etc, but it CAN resolve a hostname to an IP…

    E.g:

    
    C:\Documents and Settings\Dave>ping -t google.fr
    
    Pinging google.fr [216.239.59.104] with 32 bytes of data:
    
    Request timed out.
    Request timed out.
    
    Ping statistics for 216.239.59.104:
        Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
    

    Why is this? (The address is definately not cached anywhere…)

    Cheers,
    Dave



  • Turn off the DNS Forwarder.



  • Ahh it was something simple then, thanks :D

    Cheers again,
    Dave

    PS. Thanks for the prompt and knowledgable replies you lot =)


Log in to reply