unbound and packet filter
Gerben Wierda
gerben.wierda at rna.nl
Sun Jan 26 14:57:33 UTC 2020
Slightly OT. Apologies.
I have started tightening the packet filter screws on a server. This server runs an unbound resolver (two actually, one that does forwarding to quad9 and one that doesn’t do forwarding for rspamd).
In the pf logs, I notice the following logs about blocked packets:
9.9.9.9 64101 192.168.2.66 29989
9.9.9.9 53 192.168.2.66 40022
That is either unbound forwarding or the server itself asking the 9.9.9.9 resolver directly (which is possible as it is set as a fallback in case unbound has died).
If either unbound or another resolver (say mDNS) forwards to 9.9.9.9, how do I set the packet filter to accept this traffic?
G
More information about the Unbound-users
mailing list