How to force DNS?

I’m trying to figure out how to force DNS to my DNS server. I’ve used dd-wrt in the past, and it has an option to redirect DNS traffic on port 53 to my server, and I can’t figure out how to do that in Nethserver. The reason is that I have a device that phones home every 15 seconds, and it’s configured to use its own DNS, so simply serving my own DNS doesn’t change it.

Hi and welcome to Nethserver Community,

it can be done in server manager with Threat shield DNS blacklist by enabling DNS proxy for green.

Another method without the need of installing additional software is to add a custom template to shorewall.

mkdir -p /etc/e-smith/templates-custom/etc/shorewall/rules/

Create the file /etc/e-smith/templates-custom/etc/shorewall/rules/90dnsredirect with following content:

# DNS redirect
REDIRECT        loc     53    udp     53
REDIRECT        loc     53    tcp     53

Restart firewall and apply config:

signal-event firewall-adjust


Yes, Threat shield redirects DNS traffic to another port that acts as filter.

1 Like

Custom templates are included in the config backup.

1 Like