Protocol blocker preventing DNS lookups
I am seeing DNS lookups classified as everything from AIM to Battlefield 2. I have been having numerous networking problems lately and now I am seeing on Untangle that lookups are being blocked. Any help would be greatly appreciated as I don't want to turn off the Protocol blocker.
I would encourage you not to just click block on all the protocols you don't want.
protocol control uses signatures and thus is going to have overmatches (and misses).
I would set things to log that you are interested in and then block as necessary.
Unless you have an issue with users playing battlefield 1492 - I certainly would not set it to block.
also, typically DNS lookups aren't scanned because they go *to* untangle (not through it), but if you're using another DNS server you can setup a different policy for DNS traffic to that server.
Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
If you need Untangle support please call or email support@untangle.com
Can you elaborate on this statement?
"typically DNS lookups aren't scanned because they go *to* untangle (not through it)"
Are you saying that DNS lookups for all traffic are done by Untangle or did I just read that wrong?
We do have a group of users that have admin rights on their laptops and do play stuff like Battlefield but I see it right now on (DNS queries) showing as AIM and Gnutella, which are forbidden and must be blocked. There are others as well.
Should I setup a policy for anything on server destination port 53 to be allowed?
Thanks for your help.
Posting Permissions
LinkBack URL
About LinkBacks