Menu
What's new
By:
Filters Better Search

How to disable DNS query forwarding?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

M

MarceloRedfield

New Around Here
Right now I have in my network my router and a RPi running Pihole + Unbound which is my DNS resolver.
I believe I have disabled all router DNS forwarding settings, but it still keeps port 53 open (no 853) and any queries sent to the router are then forwarded and resolved by the RPi. While not a big deal, a few not-so-well-behaved devices on my network attempt to use the router as its DNS server. While queries are ultimately filtered and responded by the RPi, I wanted to ultimately have the router stop forwarding queries by disabling the appropriate setting instead of a more drastic measure like closing it's port or something like that. I feel like I'm missing something stupid but I can't find what setting I need to disable. DNS Director is disabled.

Any chance someone could lend me a hand? Thanks in advance!

Router: RT-AX88U
FW: 388.1
Router: 192.168.1.1
RPi: 192.168.1.2

pi@raspberrypi:~ $ nmap 192.168.1.1
Starting Nmap 7.80 ( https://nmap.org ) at 2023-02-20 11:46 CST
Nmap scan report for AsusRouter (192.168.1.1)
Host is up (0.00064s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
8200/tcp open trivnet1

1676915066136.png


1676914872753.png


1676914943570.png
 
You can't block traffic destined for the router using Network Services Filter. That's only for traffic sent to the WAN interface.

There's no option in the GUI to disable the router's DNS server. IIRC you can do it by using a custom config file (dnsmasq.conf.add) and setting port=0.

github.com

Custom config files

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng
github.com github.com
 
Perfect, that did the trick.

I was aware the Network Services Filter was for WAN only, but just added here in the rare instance that could be related to the forwards (I know, unlikely, and seems silly now thinking of it).

Thank you so much for the help!
 
You must log in or register to reply here.

Similar threads

cherio
How and where to shutdown unnecessary services and ports
Replies
10
Views
2K
DJones
D
Viktor Jaep
nmap results show open/filtered UDP ports on main WAN connection
Replies
3
Views
2K
SomeWhereOverTheRainBow
SomeWhereOverTheRainBow
J
Solved OpenVPN clients can't resolve custom domains defined in dnsmasq config
Replies
2
Views
588
jkbach
J
P
Solved Router DHCP and DNS not responding to changes
2
Replies
35
Views
1K
PTS
P
D
DNS over TCP to router on guest network not working
2
Replies
24
Views
2K
drinkingbird
drinkingbird
Similar threads
Thread starter Title Forum Replies Date
D Disable kernel module Asuswrt-Merlin 1
J Need to disable ipv6 dhcp server ip auto assignments in my lan. but leave ipv6 turned on for wan side. Asuswrt-Merlin 8
R Script to detect backup wan and disable certain devices from internet access Asuswrt-Merlin 0
D Solved Exists an Option to disable VPN Access for "Admin" user ? Asuswrt-Merlin 13
J SSH to disable VPN (or VPN kill switch) Asuswrt-Merlin 11
torstein Feature request asuswrt-merlin: Option to quickly disable radios from the front / status page Asuswrt-Merlin 11
P VPN Director enable/disable rules from iPhone shortcut Asuswrt-Merlin 3
D Disable Separate IP Addressing For Guest Wi-Fi Using Merlin 386.11 Asuswrt-Merlin 5
F Disable/enable NAT Loopback? Asuswrt-Merlin 4
T Using DOT DNS breaks ECS Asuswrt-Merlin 9

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 810 (members: 24, guests: 786)
Top