Block DNS



  • Hello to all

    I'm pfSense and debugger recently and I need a hand to a rule that I should put on the firewall

    I explain my needs:
    I want LAN clients are not using their DNS, but use only the DNS set to pfSense

    Someone could give me a hand to do this?

    Thanks to all



  • Create a block rule on LAN that blocks any TCP and UDP traffic to port 53 when the destination address is not the LAN address. Put the block rule before any pass rules.



  • Hello thanks for the reply

    I made you a screen shots of my rules … let me know if it is correct in this way?

    Hello and thank you




  • Yes that should work. You can also use just "LAN Address" (from the menu) to restrict the clients to querying just the LAN IP address.



  • Hello, you can send me a screen shot of how it should be written properly rule on the firewall?

    thanks