Stopping Open DNS - FireBrick 105: Difference between revisions
m (AA-Andrew moved page Fixing Open DNS - FireBrick 105 to Stopping Open DNS - FireBrick 105) |
mNo edit summary |
||
| Line 19: | Line 19: | ||
Target ports: 53 |
Target ports: 53 |
||
Protocol: UDP |
Protocol: UDP |
||
*Then re-test from the Control Pages: https://clueless.aa.net.uk/dnsresolvers.cgi |
|||
[[File:FireBrick-OpenDNS-Rule.png]] |
[[File:FireBrick-OpenDNS-Rule.png]] |
||
Revision as of 22:13, 6 Ocak 2014
FireBrick 105:
In a factory state the Filters on a FireBrick 105 will not allow DNS to the FireBrick from the WAN - the default state is to block incoming traffic, but to allow outgoing traffic. However, in some cases, customers disable the firewall by adding a rule that allows all traffic in. In this case, a new rule is needed to block DNS to the FireBrick.
Instructions
Create a Firewall filter to block port 53, from the WAN to the FireBrick, and make sure it's before any other rule that may allow this traffic in:
Name: BlockOpenDNS Source: WAN Target: FireBrick (The name of your FireBrick) Action: Drop Target ports: 53 Protocol: UDP
- Then re-test from the Control Pages: https://clueless.aa.net.uk/dnsresolvers.cgi
