Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Unbound and Protect/Ad strict modes

Follow
Avatar
Jeff G

When I switched from DOH to unbound the statistical level of blocking dropped quite a bit. I use several blocking rules with target lists and run in "strict" mode. 

I have never seen an article about unbound that validates how FW handles filtering. When in DOH mode, I rely on Quad9 and a substantial list of firewall rules(target lists). But in unbound I can not use Quad9. (not using Family Protect)

Where can I find an article about this subject?

Thanks!

0

Comments

5 comments

Sort by Date Votes
  • Avatar
    Firewalla

    Are the statistics you see via DNS server? or with Firewalla? 

    Firewalla ad blocker runs before unbound, so it shouldn't make any difference. 

    You can learn more about the relationships of DoH, unbound, here https://help.firewalla.com/hc/en-us/articles/4570608120979-Firewalla-DNS-Services

    0
    Comment actions Permalink
  • Avatar
    Jeff G

    Firewalla - blocked Network Flow log. Typically I see all the usual suspects blocked, apple, google, amazon, smartadserver, hotjar, etc... after turning on unbound I see none of them. My network flow block % dropped from 40% down to below 20%. Obviously that all depends on lots of factors like which devices were using the network in the last 24 hours. It is not a scientific study by any means but IF the entire filtering stack is executed before unbound then that is what I want to know. I will try retesting again. 

    Thanks

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    If you turn adblocker on, and then visit a site with lots of ads, (yahoo.com for example), do you see "blocks"? do you see any ads?

    The block percentage is really not a good way to tell if the system is healthy or not; for example, if no one (usually research people) forgot to scan your network from outside, then it is likely your block rate is high. (and the next day, they start again, you will get a high block rate)

    0
    Comment actions Permalink
  • Avatar
    Jeff G

    I'm only monitoring outbound network flows. 

    0
    Comment actions Permalink
  • Avatar
    Jeff G

    Case solved. Here is the problem --> 

    When Force DNS over VPN is enabled, will Firewalla still be able to block DNS requests?

    When Force DNS over VPN is on, DNS blocks will not take effect as Firewalla will no longer be able to see your DNS requests. However, other blocks will still work (e.g. TLS, IP).

     

    Thanks for the helpful article above. It explains a lot. I am running multiple VPN client tunnels. 

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post