Stopping Open DNS - MikroTik: Difference between revisions
Supervacuo (talk | contribs) (Add initial content) |
mNo edit summary |
||
| (One intermediate revision by one other user not shown) | |||
| Line 3: | Line 3: | ||
''(may be relevant for other models)'' |
''(may be relevant for other models)'' |
||
A DNS server is not running by default, but can be configured under <code>/ip dns</code> (or the "IP / DNS" GUI menu), in which case the router will act as an [[Category:Open DNS Resolvers| |
A DNS server is not running by default, but can be configured under <code>/ip dns</code> (or the "IP / DNS" GUI menu), in which case the router will act as an [[:Category:Open DNS Resolvers|open DNS resolver]]. |
||
A firewall filter rule can prevent incoming DNS traffic on the WAN interface: |
A firewall filter rule can prevent incoming DNS traffic on the WAN interface: |
||
| Line 20: | Line 20: | ||
[[Category:Open DNS Resolvers]] |
[[Category:Open DNS Resolvers]] |
||
[[Category: |
[[Category:3rd Party Routers]] |
||
Latest revision as of 09:22, 25 February 2015
MikroTik RouterBoard 951-2n
(may be relevant for other models)
A DNS server is not running by default, but can be configured under /ip dns (or the "IP / DNS" GUI menu), in which case the router will act as an open DNS resolver.
A firewall filter rule can prevent incoming DNS traffic on the WAN interface:
/ip firewall filter add chain=input action=drop protocol=tcp in-interface=pppoe-out1 dst-port=53 add chain=input action=drop protocol=udp in-interface=pppoe-out1 dst-port=53
(replace ppoe-out1 with your external interface name obtained from /interface print).
You can also configure this in the GUI under "IP / Firewall / Filter Rules":
Thanks to Jay Pudasaini for the general solution.