FW address list LAN =
192.168.1.0/24 (local)
192.168.2.0/24 (guest)
FW address list DNS_Server =
192.168.1.20
I am using 8.8.8.8, 8.8.4.4. on the router. I am specifying the Pi-hole as the DNS Server in the DHCP Server/Networks tab. It is the only one listed. I have a filter rule allowing the networks to the DNS server.
Edit: I should have mentioned that I am using conditional formatting on the Pi-hole to get individual post data. I am using a DHCP to DNS script to make this happen.
I am trying to force all hosts to use the Pi-hole DNS, i.e. stopping a client that has DNS hardcoded. This is the NAT rule I am using:
Code: Select all
add action=dst-nat chain=dstnat comment="Redirect UDP to RPi_DNS" \
dst-address-list=!DNS_Servers dst-port=53 protocol=udp src-address-list=\
LAN to-addresses=192.168.1.20
add action=dst-nat chain=dstnat comment="Redirect TCP to RPi_DNS" \
dst-address-list=!DNS_Servers dst-port=53 protocol=tcp src-address-list=\
LAN to-addresses=192.168.1.20
Further - I found these rules on the interwebs (https://www.reddit.com/r/pihole/comment ... ole_using/) but they work for me either, and I would prefer to be more granular anyway. I did, of course amend them with my addresses. This resolves the WAN as well, and masq rule in the link does not make sense to me either....
Code: Select all
/ip firewall nat
add chain=dstnat action=dst-nat to-addresses=192.168.1.250 protocol=udp src-address=!192.168.1.250 dst-address=!192.168.1.250 dst-port=53
add chain=dstnat action=dst-nat to-addresses=192.168.1.250 protocol=tcp src-address=!192.168.1.250 dst-address=!192.168.1.250 dst-port=53