Windows 10 constantly on

Firewall log is showing

00:16:21 FORWARDFW green0 UDP 61986 53(DOMAIN)

00:19:54 FORWARDFW green0 UDP 59841 53(DOMAIN)

I got this Windows 10 machine that is constantly hammering and on port 53, no idea why is it doing 24x7.

I setup a Firewal rule to DROP that traffic.

but maybe there is a valid reason for this traffic?
I would like to redirect that traffic to my local DNS server or Unbound. but is this Wiki - Force clients to use IPFire’s DNS proxy still accurate saying?

an “any” rule is currently not accepted for DNAT rules in the IPFire WUI. Hopefully this will be possible in future.

There is a discussion in the community and on the dev mail list about redirecting these requests.
I do not exactly know how far the development of a solution fitting to the IPFire internals has gone, but I use the intermediate skript published in the community topic(s).

1 Like


Yes, I’m still at it - redirecting DNS and NTP requests. And I think I found an acceptable solution - everything is working fine here - no seen problems.

I just waited for Core 154 because of this commit.

In this commit Michael rewrote a few *.ctrl files and now that Core 154 has been published I’ll rewrite dnsntpctrl(.c) the same way. And then - if everything’s still working - I’ll push “DNS-Redirect V3” to GIT.



Thank you Bernhard and Matthias. I understand it is not that simple ans quick project.

I actually don’t need at this moment a solution to redirect all DNS traffic on LAN.

Maybe just the DNS traffic going to “RED” or “WAN” or is that the same exact thing as “on LAN”?

or maybe just UDP going to 53 on RED?
or even 123 in your case

I see no traffic on 853. I even set a “private DNS” in Chrome Browser to use DoT.

On other hand I heard that Windows 10 is pushing IPv6 in their new upgrades So maybe there is IPv6 traffic that I can’t see on IPFire

I was thinking… What about using

Network - Static Routes ?

would this forward all DNS traffic instead of to my IPFire ( ?

Thought about your idea, but I’m not sure - perhaps someone else?

I’ve sent my current version to the list:
=> [PATCH] (V3) Forcing DNS/NTP