Certain flow types missing?



  • Avatar

    DNS traffic are treated special, since the system always process them and forces them into the pre-configured servers. So they do not show up as logged

    ICMP requests are not logged, there just too many of them

    Comment actions Permalink
  • Avatar

    Thanks, that's what I suspected. 

    Might be a good idea to mention explicitly how DNS works on FW, because it can get quite confusing with LAN/WAN DNS settings, DNS Booster (in a completely different menu), DOH and also Family Protect and Safe Search.

    This is a great article:


    1) Can you confirm that when I use the "DOH Target List" to create a block rule for all devices, it will still allow Firewalla to do DOH queries (I assume so)?

    2) Does FW intercept all dns  queries (udp/53 and tcp/53) to any external dns server and forward it to the Firewalla local resolver or configured DNS DOH, if it is configured?

    3) If I want to allow a specific DOH Host different than the one defined on Firewalla for some clients: is there a way to "override" the built-in list, or do I need to create an Allow rule for that DOH with higher prio than the block? 



    Comment actions Permalink

Please sign in to leave a comment.