Update 193 (Question)

Thank you @lucatrv for your contribution to 193.

Question… on the IPF dashboard have had a look from the main menu: Status >> Services and Services and can’t find any reference to DNS-over-TLS in the list of default services.

I’m sure I will feel like an idiot when I read the answer but please do enlighten me.

RS

Hi @rjschilt, what I did is to add DNS-over-TLS (protocol TCP, port 853) in the list of default services that you find when defining new firewall rules. To see it you should select “Protocol → -Preset-”. For the full list of default services go under “Firewall / Firewall Groups” and click on “Services”.

2 Likes

Awesome mate, thank you.

I can’t find any service with port 853 and it looks exactly the same under Core 194. It looks like something is missing here?

Regards

2 Likes

How to do this manually was not my question. The release notes for 193 clearly stated that this was added.

lucatrv has added DNS-over-TLS to the list of default services

Why would the release notes say that someone added port 853 manually? You could always do that manually. Unfortunately I did not understand your answer.

I just checked and the patch was merged into CU193 but shipping the file was missed out.

Unfortunately no one flagged this up during the CU193 Testing phase.

I will submit a patch to ship the updated customservices file.

3 Likes

After adding this information, now your question is understandable. :smiley:

Regards

That may well be the case. But I wonder why rjschilt already asked this question and then thanked lucatrv for the answer, although it was impossible for him to find it afterwards. :wink:

Thank you :slight_smile:

As I understand it, this information is already in the initial post. Even if not quite so clearly. :backhand_index_pointing_down:

Sorry guys but I didn’t feel it was worth pursuing at the time. Besides, I had already added a DoT Service (853) to my own Firewall Groups configuration. Mea culpa mea maxima culpa.

2 Likes

I can see the new “DNS over TLS” service both under the default services list “Firewall / Firewall Groups / Services” and when I create a new Firewall rule from “Firewall / Firewall rules / New rule / Protocol / -Preset-”. I’m not sure why but I guess it’s not important…
I’m on CU194, but the same was true also with CU193.

It seems logical to me that you have the function in use and therefore created it manually beforehand. You have certainly also created firewall rules for this. It seems illogical to me that you deleted all this after the appearance of core 193 just to check whether your contribution was successful.

As I see it, you can’t see what’s not there. This has already been confirmed by bonnietwin. It will be fixed with Release Core 196.

I see no reason to say sorry. Mistakes happen :slight_smile:

1 Like

Correct. Patch has been merged into next which will become CU196.

https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=233dbc408a9e92abcd88b90a7d868c412aa71881

2 Likes

Yes I think you’re right, I thought I did delete it to check CU193 but I guess I did something wrong.