Squid and DNS



  • I've been running pfSense 1.2 beta 1 for several months on a net4801.  I've been using the OpenDNS.com DNS servers defined in pfSense and have been using them for months.  Within the last few months, they added a filtering feature for adult themes, bikini sites, porn, etc.  This is great since I have children that surf the web from home.  Now, for the most part their ratings are right on, but sometimes they aren't, like for improveverywhere.com.  For sites like these, I have added domain overrides in the "DNS Forwarder" section to point the DNS service to public DNS servers for these names.  That has worked great since I set it up.

    A bit over a week ago, I loaded the latest RC of pfSense on an old P3 machine w/ an 8 gig hard drive.  Since it wasn't an embedded install, I thought I would try squid and some other packages.  Squid (running in transparent mode) seems to work great, visibly speeding up surfing.  Tonight, though, I noticed that the DNS overrides don't seem to be working properly when using Squid.

    I did a bit of investigation and I am assuming that squid is using the resolv.conf file directly, instead of querying 127.0.0.1 to go through dnsmasq.

    I manually added "dns_nameservers 127.0.0.1" to the configuration file and restarted squid, and it appears to be working as desired now.  Is this something that could be worked into a future version of the webGUI for the squid package?

    Thanks,
    Paul


Log in to reply