simple router build with OpenBSD
Wan a.b.c.d
Lan 192.168.0.1/24
Unbound run for DNS cache in 127.0.0.1
we want:
no mater a client pc set dns to any address ( 8.8.8.8 or 9.9.9.9 )
all clients' dns query are redirect to the localhost cache in the router
Can we achieve using pf.conf?
how? test no work with rdr-to or divert-to
-----
pf.conf
match out on egress inet from !(egress:network) to any nat-to (egress:0)
pass in quick proto udp from any to any port 53 rdr-to 127.0.0.1 port 53
pass
------
unbound.conf
server:
interface: 192.168.0.1
interface: 127.0.0.1
access-control: 192.168.0.0/24 allow
access-control: 127.0.0.0/8 allow
do-not-query-localhost: no
hide-identity: yes
hide-version: yes
forward-zone:
name: "."
forward-addr: 1.2.3.4 # IP of the upstream resolver
