Firewall log is showing
00:16:21 FORWARDFW green0 UDP 192.168.0.48 188.8.131.52 61986 53(DOMAIN)
00:19:54 FORWARDFW green0 UDP 192.168.0.48 184.108.40.206 59841 53(DOMAIN)
I got this Windows 10 machine that is constantly hammering 220.127.116.11 and 18.104.22.168 on port 53, no idea why is it doing 24x7.
I setup a Firewal rule to DROP that traffic.
but maybe there is a valid reason for this traffic?
I would like to redirect that traffic to my local DNS server or Unbound. but is this Wiki - Force clients to use IPFire’s DNS proxy still accurate saying?
an “any” rule is currently not accepted for DNAT rules in the IPFire WUI. Hopefully this will be possible in future.