Joined: 08 May 2018 Posts: 14217 Location: Texas, USA
Posted: Wed May 04, 2022 15:30 Post subject:
Alozaros wrote:
Mile-Lile wrote:
@egc
DNS could be used on all sort of non-custom ports. So, I was wondering could we use deep packet inspection to intercpet dns queries and redirect them to wanted server... something like:
that's is a good idea...
my interaction with ndpi in the past was, ndpi was very CPU intensive, as well the binary needed to be updated and in DDWRT it was not full due to either it was old or striped..my guess it is too big...
egc wrote:
DoT redirects port 853 to the router port 53.
So captures rogue clients trying to use DNS over TLS
If you want to block DoH you have to use IPSET to block DoH servers
Described in the IPSET guide
interesting i was thinking it was the opposite way ...
in your case i wonder how it will redirect and reply the encrypted payload from 853 in 53..
so probb DoT will be screwed, as well how it will distinguish DNS from the other TLS requests that go over 853 ... ???
I'm pretty sure I could find email responses regarding this and these two tickets, but I think the noted silence on BrainSlayer's part speaks for itself.
Netgear XR500 - Gateway
Firmware Version: DD-WRT v3.0-r48786 std (05/03/22)
Kernel Version: Linux 4.9.312 #917 SMP Tue May 3 03:36:44 +07 2022 armv7l
Temperatures: CPU 56.188 °C / wlan0 59 °C / wlan1 64 °C
Current Time: Wed, 04 May 2022 17:14:03
Uptime: 23:30
Reset: No
GUI install over 48741
Installed using Brave browser over wireless
No issues
Thank you BS and thanks you gurus for your guides and wisdom _________________ Netgear XR500 - Gateway
R6700 v3 - Station Bridge