I tried deleting the rule and it drops the traffic completely. So DNS resolution stops working and I am unsure why. It's not like default drop or anything. I can edit the rule and whatever active port 53 related rule is there works. But I want case of no such rule at all. :-)
I setup pihole on Intel NUC little while ago and all Pihole gets is 100% of wifi client traffic behind Asus wifi management IP. :-\ Plus no matter what DNS I put, queries goes via whatever router gave up when Asus booted up. Here's how creepy it gets: On Rasberry Pi (which is not behind Asus AP but a different switch) anurag@raspberrypi:~ $ dig whoami.akamai.com @1.1.1.1 a +short whoami.akamai.net. 162.158.226.218 anurag@raspberrypi:~ $ dig whoami.akamai.com @8.8.8.8 a +short whoami.akamai.net. 172.253.244.3 anurag@raspberrypi:~ $ dig whoami.akamai.com @9.9.9.9 a +short whoami.akamai.net. 103.224.242.10 anurag@raspberrypi:~ $ All normal and good. Now, from the device (which is behind Asus AP): ~> dig whoami.akamai.net @1.1.1.1 a +short 172.217.34.65 ~> dig whoami.akamai.net @8.8.8.8 a +short 172.217.34.65 ~> dig whoami.akamai.net @9.9.9.9 a +short 172.217.34.65 dig whoami.akamai.net @1.2.3.4 a +short 172.217.34.65 dig whoami.akamai.net @5.6.7.8 a +short 172.217.34.65 Essentially Asus picked 8.8.8.8 because I put that during the test and rebooted the AP. I will stick with 8.8.8.8 until DHCP lease expires and the new server is provided. On Thu, Oct 29, 2020 at 2:01 AM Neil Hanlon <n...@shrug.pw> wrote: > And if so, can you set up your own service to remove their iptables rule > after it's been added or otherwise counteract it. > > At least temporarily, anyways. > > -Neil > > On Wed, Oct 28, 2020 at 4:26 PM Ryan Hamel <r...@rkhtech.org> wrote: > >> I'm curious to know why they would add such a thing, and how you got the >> iptables rules from the device. Do these Asus routers provide SSH directly >> into the shell? >> >> Ryan >> On Oct 28 2020, at 11:33 am, Anurag Bhatia <m...@anuragbhatia.com> wrote: >> >> Hello, >> >> Wondering anyone from Asus here or anyone who could connect me to the >> developers there? >> >> Using Asus RT-AC58U in Access Point(AP) mode and expect it to simply >> bridge wired with wireless but seems like it's re-writing DNS packets >> source as well as the destination. >> >> >> 1. DNS port 53 traffic going out, the source is re-written with the >> management IP of the AP on the LAN. So virtually all DNS traffic hits the >> router from the (management) IP of the Asus AP instead of real clients. >> >> 2. If I define DNS as x.x.x.x on DHCP, the Asus AP picks that up and >> re-writes destination to x.x.x.x and hence even if any client uses >> y.y.y.y, >> the packets are simply re-written. >> >> >> I see the rule in iptables on Asus AP. All these issues give an idea that >> someone created AP mode (besides regular routing mode) and missed to >> disable the DNS related NATing features in the AP mode. So far my >> discussions with their support have been going quite slow and would greatly >> appreciate if someone could connect me to right folks in there so they can >> release a firmware fix for it. >> >> >> >> Thanks. >> >> -- >> Anurag Bhatia >> anuragbhatia.com >> >> -- Anurag Bhatia anuragbhatia.com
