What will happen if somebody is using external DNS server is simply that the browser will remain on a loop in a blank page waiting for the DNS server to reply.Īdditionally, if you want to restrict IP’s and domains access you would want to combine this guide alongside with my blocked hosts megalist (please read more here), which will ensure that a good amount of websites containing spam, malware, viruses, ads etc will be blocked within the entire LAN. If you have followed these steps correctly and your configuration looks like mine (see screenshots), you should have successfully blocked external DNS server usage. In Protocol select - Preset -, select Service Groups, choose DNS TCP and DNS block, and select ACCEPT.Ĭongratulations. In Destination select Firewall and choose GREEN. In Source select Standard networks and choose Any. Firewall Rules (Incoming Firewall Access)Īssuming we are still inside the Firewall Rules page, you would want to select New Rule so that we can create our very last rule. NOTE: Repeat the same steps if you want to block external DNS server usage for UDP traffic. In Additional settings you would want to select Log and Active Rule. In Protocol you will need to select - Preset -, select Service Groups, choose DNS TCP and DNS block, and select REJECT. In Destination select Standard networks and choose RED. In Source select Standard networks and choose GREEN. Do the same but this time select DNS UDP.įrom within the IPFire web panel, hover over Firewall, select Firewall Rules, and select New Rule. On the next page in the Add selection you will need to select DNS TCP and click on Add. In Firewall Groups you will need to select Service Groups, in Add new service group give it a group name and in Remark add something that will remind you of what this group service does, once than that hit Add. So without further ado let’s get started.Īs first step you would need to log into your IPFire web panel, hover over Firewall and select Firewall Groups. This guide will be split based on sections. External DNS Servers block on IPFire 2.19 - Core Update 112 & Unbound 1.6.3īefore we get started, this guide assumes you already have a standard network setup with both RED and GREEN networks created, up and working.
0 Comments
Leave a Reply. |