Dnsmasq host override help

  • I'm trying to setup dnsmasq host overrides and not sure what am I doing wrong. running on 2.2-RELEASE (i386)

    I have listed these DNS servers under system:General settings:


    and unchecked the Allow DNS server list to be overridden by DHCP/PPP on WAN

    then checked all these under DNS Forwarder

    Enable DNS forwarder
    Register DHCP leases in DNS forwarder
    Register DHCP static mappings in DNS forwarder
    Resolve DHCP mappings first
    Query DNS servers sequentially
    Require domain
    Do not forward private reverse lookups
    Listen Port: (blank)
    Interface: ALL

    Then I added an host override Domain facebook.com ->
    restarted the service and renew local IP address.

    The rule didn't work and I'm able to access to facebook test.

    Under the system log (Status: System logs: Resolver) I can see entries related to dnsmasq

    Any ideas where I can further investigate what I'm doing wrong?

    EDIT: I should add that I've added a firewall rule as mentioned here https://doc.pfsense.org/index.php/Blocking_DNS_queries_to_external_resolvers

  • I just tried it myself on 2.2-x64 and it works but I had to restart the browser.  I created a host override with just facebook.com with no host specified and an alias of www.

  • Thanks KOM. so after restarting the browser (silly me) it now works but only for my local network, I have few IP cameras and created overrides like so

    Host -> camdriveway
    Domain -> zebra (this is what I have set under system general for domain)
    IP Address ->
    Description -> Driveway IP Camera
    alias -> blank

    This will allow me to access the camera from any browser using camdriveway in address bar, and works fine now

    But the facebook test still not working.

  • LAYER 8 Global Moderator

    why do people test with a browser for some as simple a dns query?

    From a cmd line use your fav tool.. nslookup, dig, drill or just ping - what does it resolve too for your fqdn query?

    Browsers can be using proxy, could be highjacked, use their own cache, etc..

    So your fqdn is camdriveway.zebra ?  not really of single label domains.  about zebra.lan or zebra.net, etc.  Single labels while they should be fine tend to have weirdness depending on OS, application, etc. etc.

    So from a cmdline do - see attached

Log in to reply