pfSense Connecting to Many Different DNS Servers — not adhering to my configuration
Updated: Hosts all have reports in abuse DB…Root servers
I just deployed one pfSense device behind another and am inspecting the traffic. I have configured my pfSense firewall to only use specific IP ranges everywhere ( which you can here):
My laptop is also only configured to use CloudFlare DNS servers.
So with the above configuration, why am I seeing all this traffic connecting to other random DNS servers?
I put one pfSense behind another with a DENY ALL rule. Sometimes pfSense doesn’t show you the traffic unless you explicitly configure a rule for it.
WHAT IS THIS? Now I need to figure out if I did something wrong or where this is coming from.
2024-11-27 19:52:06.399282-05:00 INTERFACE_PRIVATE_NET INTERFACE_TO_PRIVATE_NET: Deny All (1732755097) 192.168.10.10:24762 192.33.4.12:53 UDP
2024-11-27 19:52:00.230938-05:00 INTERFACE_PRIVATE_NET INTERFACE_TO_PRIVATE_NET: Deny All (1732755097) 192.168.10.10:34945 192.36.148.17:53 UDP
2024-11-27 19:52:00.230803-05:00 INTERFACE_PRIVATE_NET INTERFACE_TO_PRIVATE_NET: Deny All (1732755097)…