Rules

Follow

Scott b

• February 26, 2023 14:40

Good day everyone,. Just got a fwg and working on setting up some rules for my devices. Not sure why, or if this is expected behavior, so be gentle with my newbie question. I set up a device rule to block a PC from our/in access to everything web. Then created an allow rule for a single domain allow. I confirmed that this configuration worked as I able to ping the single address but nothing else. Last night my DHCP (running in a external pihole) handed out new IP addresses and the computer was able to reach the internet again When selecting devices in the create rule section, is that adding by host name/Mac address or some other identity item. I would have thought of building a rule it would persist even after an IP address change. For the record, nothing else changed. Additionally, I can see DNS requests via pihole but those IP don't show in fwg. My set up is firewalla lab DNS is pointing to the pihole server,, which is using the gateway address for DNS. The need is to block wildcard domain. Ex test.* Verses .*. google.com

0

• 

  Scott b

  • February 26, 2023 15:11

  To add some additional context. With a rule blocking a domain, I would expect to see denied DNS requests in the logs. On pihole I see the DNS requests coming back from the DNS servers vs seeing an NXdomain.

  0

  Comment actions Permalink
• 

  Firewalla

  • February 26, 2023 20:45

  Since you have secondary DNS, best to take them out and use firewalla services first, and gradually add the other services back; this will help to isolate the problem easier. 

  0

  Comment actions Permalink

Please sign in to leave a comment.