I need to look at the actual config file for DNS that NSec uses.
I’ve looked at DNS in the NSec docs and that is so very not useful.
There are no servers set in the gui page for dns.
I can see by the traffic on the wan that the Nsec install is using Cloudflare DoH.
Where is that in the config… and for that matter how do I control Nsec DNS?
It seems cloudflare is the default upstream DNS when no custom DNS server is configured.
You can set custom DNS forwarding servers in the DNS tab:
It’s documented here.
To get the config on CLI:
uci get dhcp.@dnsmasq[].server
root@nsecurity01:~# uci get dhcp.@dnsmasq[1].server
uci: Entry not found
root@nsecurity01:~# uci get dhcp.@dnsmasq[].server
uci: Entry not found
I used 0 though 6 and none are found, the logs show [1].
Where is that documented?
Guessing you found it here; Advanced DNS | NethSecurity
1 Like
I think you need to add a custom DNS server to get a value.
1 Like
This is how DNS works: DNS and /etc/resolv.conf - #6 by eduperez - Network and Wireless Configuration - OpenWrt Forum
So if your WAN is configured with DHCP:
- find the dnamsq config file:
ps aux | grep dnsmasq - see what’s inside:
cat /var/etc/dnsmasq.conf.cfg01411c - check for includes
cat /tmp/resolv.conf.d/resolv.conf.auto
Mine is:# Interface lan nameserver 192.168.100.1 search isolated # Interface wan nameserver 10.10.0.1 search nat2 # Interface wan2 nameserver 192.168.122.1
I’ve added the info to the doc: dns: explain default behavior by gsanchietti · Pull Request #111 · NethServer/nethsecurity-docs · GitHub
Is it good enough now?
Edit: PR has been merged, see updated doc
1 Like