AdventuringAardvark@lemmy.one to Selfhosted@lemmy.worldEnglish · 1 year agoI finally figured out how to virtualize my OPNsense firewall. Suck it, Roku.lemmy.oneimagemessage-square57fedilinkarrow-up1155arrow-down12file-text
arrow-up1153arrow-down1imageI finally figured out how to virtualize my OPNsense firewall. Suck it, Roku.lemmy.oneAdventuringAardvark@lemmy.one to Selfhosted@lemmy.worldEnglish · 1 year agomessage-square57fedilinkfile-text
minus-squarerandombullet@feddit.delinkfedilinkEnglisharrow-up12·1 year agoI do a DNS redirect on my Mikrotik router. It’s going to suck when DoH and DoT becomes more prevalent.
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up10·1 year agoI think the solution is to avoid tech that you don’t control. Its a hard pill to swallow for some but at the end of the day there are tons of ways a device could bypass networking restrictions
minus-squareblackstrat@lemmy.fwgx.uklinkfedilinkEnglisharrow-up2·1 year agoBest you can do is maintain a list of public DoH IPs and block them. Redirect all port 53 traffic to your own DNS server.
I do a DNS redirect on my Mikrotik router.
It’s going to suck when DoH and DoT becomes more prevalent.
I think the solution is to avoid tech that you don’t control. Its a hard pill to swallow for some but at the end of the day there are tons of ways a device could bypass networking restrictions
Best you can do is maintain a list of public DoH IPs and block them. Redirect all port 53 traffic to your own DNS server.