AdBlock: ForcedPorts will produce wrong dest port entries (23.05.5) #25897
Comments
Cub0n
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Cub0n
changed the title
Hello,
the Adblock settings allows to force Ports, e.g. 53 or 853.
The forced ports create Port Forwards in /etc/config/firewall like:
...
config redirect 'adblock_lan53'
option name 'Adblock DNS (lan, 53)'
option src 'lan'
option proto 'tcp udp'
option src_dport '53'
option dest_port '53'
option target 'DNAT'
option family 'any'
config redirect 'adblock_lan853'
option name 'Adblock DNS (lan, 853)'
option src 'lan'
option proto 'tcp udp'
option src_dport '853'
option dest_port '853'
option target 'DNAT'
option family 'any'
If a nameserver is listening only on port 53, all other forwardings will result in no answer (like forwarding to local device, port 853)
Therefore, the new firewall entries should forward to the listening port for inbound DNS queries (Port 53):
...
config redirect 'adblock_lan853'
option name 'Adblock DNS (lan, 853)'
option src 'lan'
option proto 'tcp udp'
option src_dport '853'
option dest_port '53'
option target 'DNAT'
option family 'any'
/etc/config/adblock:
config adblock 'global'
option adb_debug '0'
option adb_safesearch '0'
option adb_dnsfilereset '0'
option adb_mail '0'
option adb_backup '1'
option adb_maxqueue '4'
option adb_dns 'dnsmasq'
option adb_trigger 'wan'
option adb_forcedns '1'
option adb_report '1'
option adb_fetchutil 'wget'
option adb_dnsinstance '0'
option adb_repiface 'br-lan'
list adb_stb_sources 'hosts'
option adb_enabled '1'
option adb_dnsflush '1'
list adb_zonelist 'lan'
list adb_portlist '53'
list adb_portlist '853'
The text was updated successfully, but these errors were encountered: