Hello, Am 06.10.2021 um 12:04 schrieb Daniel Weismüller: > Hello > I have also had a look at this. > There are now two Wiki pages on this topic. > - A general one (https://wiki.ipfire.org/configuration/firewall/rules/redirect-services). > - A very specific one for DNS redirect (https://wiki.ipfire.org/configuration/firewall/dns). > This is true, but the first page can't be found by a normal research in the wiki. > Since core160 the general method works. This is equivalent to the method 1 described on the specific page. > > Following the general instructions, I have created a few firewall rules to redirect DNS, DoT and NTP. > This works very well now. > > In general, I think that general instructions are always better than specific step-by-step instructions. > Agreed. > In my eyes, the described method 2, which had to be taken as a temporary solution, is therefore obsolete. In addition, pure blocking can lead to some devices no longer working. > Having implemented the second method until now, I can see a difference. Label 'DNAT' in the logging isn't nice. 'REDIRECT' would be more helpful. If I define a rule for NTP, I get two log entries ( one with 'DNAT', one with 'INPUTFW' ). A similiar rule for DNS produces one log message only. - Bernhard > Do you see it the same way? > > > - > Daniel > > 5. Oktober 2021 22:10, "Bernhard Bitsch" schrieb: > >> Hi all, >> >> Thanks. >> So it was only a misunderstanding. I thought, there would be options to redirect DNS requests and >> NTP requests. >> But this 'any port solution' is much mightier. >> I'll try to convert my actual firewall.local solution to the main stream and report about the >> results. >> >> Regards, >> Bernhard >> >> Am 05.10.2021 um 18:28 schrieb Michael Tremer: >> >>> Hello, >>> Simply using -j REDIRECT. >>> This was always part of the firewall engine, but the UI was broken and did not allow to create >>> these rules. >>> -Michael >>> On 5 Oct 2021, at 14:55, Bernhard Bitsch wrote: >>>> Just a question. How is the activation of redirection implemented? >>>> >>>> Am 05.10.2021 um 12:45 schrieb IPFire Project: >>> >>> IPFire Logo >>> there is a new post from Michael Tremer on the IPFire Blog: >>> *IPFire 2.27 - Core Update 160 released* >>> This is the release announcement for IPFire 2.27 - Core Update 160. >>> It comes with a large number of bug fixes and package updates and >>> prepare for removing Python 2 which has reached its end of life. >>> Click Here To Read More >>> The IPFire Project >>> Don't like these emails? Unsubscribe .