On Mar 04 10:11, Michael Tremer (michael.tremer(a)ipfire.org) wrote:

> >> Regarding external DNS servers, IoT and similar things
> >> come to my mind, which have their resolvers hard-coded in the firmware.
> > 
> > Thinking about those, how about an option to *redirect* connections
> > to port 53 of external servers to IPFire rather than rejecting them?
> 
> Yes, we could do that for 53 UDP and TCP, but not for 853 obviously.

Right. But if some IoT thingy relies on a hard-coded DNS-over-TLS
server there's little we can do about it, but redirection could
save the day with those that use good old 53.

-- 
Tapani Tarvainen