On Fri, Jan 10, 2025 at 5:39 PM Jonathan Lee
wrote:
> Thanks for the reply
>
>
> What OS are you using? How many CPU cores do you want to dedicate to
> Squid? How much memory?
>
>
> I am using FreeBSD variant 4GB ram 2 CPUs pfSense plus
>
> Starting CPU 1 (1)
> FreeBSD/SMP: Multiprocessor System
Hi Jonathan,
the problem is: can you even see the HTTP being exchanged?
This requires TLS interception.
If you can, then it's relatively easy: you can to filter on (untested)
acl doh_post_ct Content-Type -i application/dns-message
acl doh_path_rfc8484 urlpath_regex ^/dns-query
acl doh_query_rfc
