Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
docs:guide-user:firewall:fw3_configurations:intercept_dns [2023/10/05 06:34] – [DNS redirection] vgaeteradocs:guide-user:firewall:fw3_configurations:intercept_dns [2023/10/05 06:53] – [DNS forwarding] vgaetera
Line 89: Line 89:
 ==== DNS forwarding ==== ==== DNS forwarding ====
 Set up [[docs:guide-user:base-system:dhcp_configuration#dns_forwarding|DNS forwarding]] to your local DNS server with Dnsmasq. Set up [[docs:guide-user:base-system:dhcp_configuration#dns_forwarding|DNS forwarding]] to your local DNS server with Dnsmasq.
-Configure firewall to exclude the local DNS server from the interception rule.+Assuming the local DNS server is in the same subnet. 
 +Configure firewall to avoid looping.
  
 <code bash> <code bash>
Line 99: Line 100:
  
 ==== DNS redirection ==== ==== DNS redirection ====
-Configure firewall to redirect the intercepted DNS traffic to your local DNS server bypassing Dnsmasq.+Avoid using Dnsmasq. 
 +Configure firewall to redirect DNS traffic to your local DNS server.
 Move the local DNS server to a separate subnet to avoid masquerading. Move the local DNS server to a separate subnet to avoid masquerading.
  
Line 105: Line 107:
 # Configure firewall # Configure firewall
 uci set firewall.dns_int.name="Redirect-DNS" uci set firewall.dns_int.name="Redirect-DNS"
-uci set firewall.dns_int.src_ip="!192.168.2.2" 
 uci set firewall.dns_int.dest_ip="192.168.2.2" uci set firewall.dns_int.dest_ip="192.168.2.2"
 uci commit firewall uci commit firewall
  • Last modified: 2024/07/10 06:14
  • by lastedit