Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [RESOLVED] [2.2.x] Unbound and firewall rules

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      nikolaii
      last edited by

      Hello,

      as far as I can tell, on my pfsense box there are no default filtering rules applied when configuring the Unbound DNS Resolver.

      So far I did setup some rules in order for my internal services to allow DNS queries.

      And the Unbound resolver can make external queries thanks to these default built-in rules:

      @67(1000005811) pass in on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"
@68(1000005812) pass out on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"

      But is this enough (well so far I think yes)?

      I'm asking this because on the firewall log I could see some dropped packets from the Internet towards port 53/UDP (which is closed) ; so I was wondering if I was blocking some legitimate DNS traffic …

      Thanks.

      Nicolas

      1 Reply Last reply Reply Quote 0
      • T Offline
        tim.mcmanus
        last edited by

        Blocked incoming packets are okay.  More than likely some script kiddie is probing you to see if you have a DNS server running in an effort to bot it for a DDOS.

        1 Reply Last reply Reply Quote 0
        • N Offline
          nikolaii
          last edited by

          Yes that make sense, indeed.

          Thank you.

          Nicolas

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.