How can I do dns server local cache on nethserver as gateway firewall?

,

NethServer Version: NethServer release 7.3.1611
Module: Dnsmasq

Localhost DNS Cache it is possible?

1 Like

Can you add more details? Please provide use some scenarios.

Something like that

https://pi-hole.net

3 Likes

Many thanks for the feedback.

I want Setup Master DNS Server.
Domain Name Server (DNS) used for name resolving to any hosts. Master DNS servers (Primary Server).

Pi-hole is amazing! I just came across it very recently and I am a big fan! Very easy to install and impressive results! I’ve installed it in two of my VPS’s and love it.

Wouldn’t it be possible to easily integrate it with Nethserver? I think it would be a great addition!

3 Likes

Thank you it looks very good, I will study it.

I have had a quick look and it almost seems too good to be true, so I am a little sceptical. But if it truely does what it says it does without compromising the security of the server and it has the support behind it to become and remain mainstream - then I am all for it and would like to see it integrated into Nethserver somehow. It would be a good addition.

1 Like

I would also like to integrate the transparent proxy filter with this dns block logic. It could be very useful in companies with many device

I’m testing it at home, and I set pihole as proxy dns. Filtering by categories, a few filters are crossed, that is the only incoveniente

1 Like

My local DNS Server using Bind.

acl local_acl {
        127.0.0.1;
        ::1;
        192.168.10.0/24;
        };
 
controls {
};
 
logging {
        category edns-disabled { null; };
};
 
options {
        directory "/zones";
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
 
        max-ncache-ttl 2;
 
        check-names master ignore;
        check-names slave ignore;
        check-names response ignore;
 
        //pid-file "/var/run/named.pid";
 
        datasize default;
        stacksize default;
        coresize default;
        recursion yes;
        allow-recursion { local_acl; };
        allow-query { local_acl; };
        allow-transfer { none; };
 
#       forwarders {
#               8.8.8.8;
#               208.67.222.222;
#               208.67.220.220;
#       };
        dnssec-enable yes;
        dnssec-validation yes;
#       dnssec-lookaside . trust-anchor dlv.isc.org.;
};
 
 
zone "." IN {
        type hint;
        file "root.hint";
};
 
zone "localhost" IN {
        type master;
        file "localhost.zone";
        check-names fail;
        allow-update { none; };
};
 
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "127.0.0.zone";
        check-names fail;
        allow-update { none; };
};
 
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa." IN {
        type master;
        file "0001.zone";
        check-names fail;
        allow-update { none; };
};
 
trusted-keys {
#       dlv.isc.org. 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URkY62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboMQKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59kd/VStTDN0YUuWrBNh";

Got someone to raise the pi-hole on nethserver?

1 Like