Here are the lines of interest: $ uci show your forward rule, simply redirect all traffic going to the wan zone to the router port 53? Do you block port 853, too? The easiest way to debug this is just look at the rules directly, here's what mine look like for DNS and DoT: $ nft list ruleset | grep 53 What does your current DNS system look like? First is the OpenWrt dnsmasq running on port 53, then AGH on dnsmasq's backend at port 5354 or something like that? If you could run uci show dhcp and paste the output, that would show us what's going on there. The only differences are what they do in addition to that, some add a lot more logging and reporting burden, while others are as simple as possible to minimize overhead. Yes, Adblock, AGH, PiHole and so on, all work exactly the same way: intercept DNS lookups and return NXDOMAIN when something on the blacklist is seen. Should i show you the results of both methods if you don't believe me? I think Adblock works also the same way as AGH right?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |