DNS Forward & NortonSafe



  • hi,
    I create an alias with kids machine to block them communicate with other DNS ..
    so in General Setup I put norton dns , everything seems to work and block adult sites , but other machines also blocked by norton dns ! even when put manually or via DHCP
    what did I forget to do

    TY



  • Not enough information.  You say you created an alias, but aliases are useless without a firewall rule that uses them, and you didn't mention anything about firewall rules.  If you're trying to block adult sites, why not try using SquidGuard and a blacklist?



  • TY for reply I attached a pictures to show mainly what I did
    SquidGuard is great ! but major sites are not listed  … specially in arabic....and other langs
    in my opinion this is the best way ! to block adult sites and other malwares sites !
    now I did make a rule for LAN (DNS requests) and alias for kids IP's
    DNS forward is enabled  and I make the rule according to this https://doc.pfsense.org/index.php/Blocking_DNS_queries_to_external_resolvers
    BR

    ![Screen Shot 2014-08-15 at 9.24.00 PM.png](/public/imported_attachments/1/Screen Shot 2014-08-15 at 9.24.00 PM.png)
    ![Screen Shot 2014-08-15 at 9.24.00 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2014-08-15 at 9.24.00 PM.png_thumb)
    ![Screen Shot 2014-08-15 at 9.23.44 PM.png](/public/imported_attachments/1/Screen Shot 2014-08-15 at 9.23.44 PM.png)
    ![Screen Shot 2014-08-15 at 9.23.44 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2014-08-15 at 9.23.44 PM.png_thumb)



  • A port forward NAT rule that directs all the kid's port 53 traffic to the NortonSafe DNS might be all you need.  Look in Firewall - NAT - Port Forward.



  • hi, do you mean like this ? https://forum.pfsense.org/index.php?topic=63399.msg342946#msg342946
    is so I did it but not help !!!

    BR



  • The concept should work.  In fact, today's pfSense Hangout had pfSense co-founder ChrisB demonstrating using NAT port forwards to redirect DNS traffic from external to internal DNS servers.  I can't test it right now and won't be able to look into it until some time this weekend.

    Can you show the screen where you have your port forward rule?



  • thanks for trying to help .. I try everything.
    am confused  !!
    and there is no simple steps to do that or manual !
    before pfsense I use untangle everything works perfect
    but I like pfsense for fast responce and cache proxy

    BR


Log in to reply