Am 11.05.2014 21:28, schrieb Ryan Coleman: >> The simple solution is to block all outbound DNS at the firewall, but >> this can also break things (like some Google and Apple devices). >> Even broken devices usually have a fallback mode, but be careful of >> what breaks when you do this!
> Correct. Using this feature will break any client with a hard-defined > DNS - as we found out in testing at the bar. (Guys, could we please use proper quoting etiquette instead of full-quoting and alternating top- and bottom-posting?) I've never tried this in combination with a captive portal, but how about redirecting *:53 to the pfsense DNS with a NAT rule that listens on LAN instead of WAN? Would that break the captive portal setup? -Stefan _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list