Got a jail with FreeBSD in it. I wanted to run my own DNS, but I seem to be running into problems. I tried using DNS from tor and dnscrypt-proxy. I've set these up before, but now get resolve errors when I enter
Since my pf rules for the jail included
Ran
In case someone asks, here is the entire pf.conf:
Thanks
EDIT - I never got a reply, but I started tinkering around. I had the following ip for my jail:
I put that IP as the nameserver in /etc/resolv.conf and suddenly the DNS from tor on port 53 just worked. Just fyi if anyone else runs into this problem.
nameserver 127.0.0.1
in /etc/resolv.conf:
Code:
$ curl -IL google.com
curl: (6) Could not resolve host: google.com
Since my pf rules for the jail included
block in all
, I figured this needed to be whitelisted. I added the following line:
Code:
pass in proto udp to port 53
Ran
pfctl -nf /etc/pf.conf
, but no changes when I came back to the jail. I should note that the DNS works perfectly with 8.8.8.8 or other external DNS. I just can't get local DNS to work.In case someone asks, here is the entire pf.conf:
Code:
ext_if="wlan0"
set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo
table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if)
rdr-anchor "rdr/*"
block in all
pass out quick keep state
antispoof for $ext_if inet
pass in inet proto tcp from any to any port ssh flags S/SA keep state
pass in proto udp to port 53
Thanks
EDIT - I never got a reply, but I started tinkering around. I had the following ip for my jail:
Code:
ifconfig bastille0 | awk '/inet/ { print $2 }'
10.17.89.50
I put that IP as the nameserver in /etc/resolv.conf and suddenly the DNS from tor on port 53 just worked. Just fyi if anyone else runs into this problem.
Last edited by a moderator: