Project

General

Profile

Actions

Feature #13200

open

Custom DNS Servers for Alert settings

Added by Jon Brown about 1 month ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

I am running DNS Hijacking so all DNS/DoT/DoH is run through pfSense and then forwarded securley to Quad9 using DoT.

While going through pfBlockerNG I discovered the setting (Firewall --> pfBlockerNG --> Alerts --> Alert Settings --> Select the DNS server for the DNSBL Whitelist CNAME lookup)

I can only select from a collection of predefined DNS servers and cannot choose the connection protocol (DNS-53, DoT-853) which is a concern.

I would like the option of being able to set a custom DNS server, but at the very least 127.0.0.1 (This Firewall) as a option so I can funnel the DNS requests through my secure DNS channel. Both would be better, add 127.0.0.1 into the list and have a combobox. Another suggestion is perhaps parse all of the interface IP addresses and automatically add then.

As you can see I am able to choose Quad9 but I cannot guarantee it is using DoT to connect to the remote DNS server so is a privacy/security risk.

pfSense 2.6.0-RELEASE (amd64)
Current Version: pfBlockerNG-devel 3.1.0_4


Files

clipboard-202205231215-jmzmi.png (63.6 KB) clipboard-202205231215-jmzmi.png Jon Brown, 05/23/2022 06:15 AM

No data to display

Actions

Also available in: Atom PDF