Q; "PoC" for virtual (fake) GW to redirect DNS requests

  • In order to bypass geolocation from DNS servers like the hardcoded DNS in chromecast i wonder if this is possible…

    • Setup a pfSENSE VM in hyper-v (win 8.1) to act as a "passthrough gateway" for the network.

    • Configure LAN DHCP to use pfSENSE as default GW

    • Let the pfSENSE box to passthrough data to the "real" adsl gateway whilst hijacking/redirecting DNS requests?

    Something like

    chromecast x.x.x.200
    Hyper-v server x.x.x.100
    pfsense LAN (And DHCP Server?) x.x.x.10
    pfsense WAN (And DHCP?) x.x.x.5
    LAN GW x.x.x.1

    so the pfsense would give the cromecast a DHCP adress and itself as GW, hijack DNS and then passthrough data to LAN GW

    I have been trying to set this up (with great difficulty and lack of skills) without success so I am now wondering if this is even possible or if I am missing something.

    Also, ofcourse, my next question will be if there are any tips on how to set this up since i am getting nowhere…

  • LAYER 8 Global Moderator

    Well it makes it very difficult to discuss when your using x.x.x.# are these the same networks different networks?

    But it sounds like your describing a typical pfsense setup that is just double natted.  Many users that are limited to isp connection gateways that can not be put into bridge mode are stuck with this model.

    But sure you could redirect/block whatever you wanted to do with either all or just dns tcp/udp 53 from the chromecast IP.

  • Sorry, i did that to keep it more readable, yes it's all on the same network range, i use 10.10.10.x

    If it would be a standalone box I wouldn't maybe question it but as it will be a virtual machine in hyper-v i thought there might be issues with the networking since all of the data will be passing through the same (one) NIC on the hyper-v server…

  • LAYER 8 Global Moderator

    Well can you not add a second nic to your hyperV box?  You could do it with vlans - does your switch(es) support vlans?

Log in to reply