aarond10
Assigning Different HTTPS DNS Proxy Ports to Specific MAC Addresses in OpenWRT - HELP
I am using HTTPS DNS Proxy on OpenWRT and have configured two separate DNS resolvers running on different ports. I need to configure device with MAC1 to use DNS on Port1, and device with MAC2 to use DNS on Port2.
How can I achieve this? Thank you!
If you can't tell the devices themselves to talk to the ports directly, I guess your options are man-in-the-middle via a proxy like dnsmasq running on port 53 with iptable tagging enabled (it's been years since I looked at this) or MITM all traffic for both machines through a Linux box with iptable to redirect via DNAT.
On Thu, 20 Feb 2025, 6:46 am vividius, @.***> wrote:
I am using HTTPS DNS Proxy on OpenWRT and have configured two separate DNS resolvers running on different ports. I need to configure device with MAC1 to use DNS on Port1, and device with MAC2 to use DNS on Port2.
How can I achieve this? Thank you!
— Reply to this email directly, view it on GitHub https://github.com/aarond10/https_dns_proxy/issues/181, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABTOXX4X6D5RL7TUY7YHJ32QTNQBAVCNFSM6AAAAABXPAZ3OGVHI2DSMVQWIX3LMV43ASLTON2WKOZSHA3DIMRVGQYDKNA . You are receiving this because you are subscribed to this thread.Message ID: @.***> [image: vividius]vividius created an issue (aarond10/https_dns_proxy#181) https://github.com/aarond10/https_dns_proxy/issues/181
I am using HTTPS DNS Proxy on OpenWRT and have configured two separate DNS resolvers running on different ports. I need to configure device with MAC1 to use DNS on Port1, and device with MAC2 to use DNS on Port2.
How can I achieve this? Thank you!
— Reply to this email directly, view it on GitHub https://github.com/aarond10/https_dns_proxy/issues/181, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABTOXX4X6D5RL7TUY7YHJ32QTNQBAVCNFSM6AAAAABXPAZ3OGVHI2DSMVQWIX3LMV43ASLTON2WKOZSHA3DIMRVGQYDKNA . You are receiving this because you are subscribed to this thread.Message ID: @.***>
I am using HTTPS DNS Proxy on OpenWRT and have configured two separate DNS resolvers running on different ports. I need to configure device with MAC1 to use DNS on Port1, and device with MAC2 to use DNS on Port2.
How can I achieve this? Thank you!
This question belongs to OpenWrt forum. I believe the way to achieve what you're trying to do is dhcp tagging and running two separate dnsmasq instances each using a different https-dns-proxy instance for resolution.
I was looking into fixing an issue of my phone (with Private DNS over DoT [853]) not connecting through HTTPS DNS Proxy, because of the port [853] redirect/conflict.
uci add firewall rule
uci set firewall.@rule[-1].name='Allow-DoT-Phone'
uci set firewall.@rule[-1].src='lan'
uci set firewall.@rule[-1].src_mac='AA:BB:CC:DD:EE:FF'
uci set firewall.@rule[-1].dest_port='853'
uci set firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].target='ACCEPT'
uci commit firewall
/etc/init.d/firewall restart
This might do it.
I was looking into fixing an issue of my phone (with Private DNS over DoT [853]) not connecting through HTTPS DNS Proxy, because of the port [853] redirect/conflict.
Do you use luci-app-https-dns-proxy?
Do you use luci-app-https-dns-proxy?
I do, but the ports were not configurable through it, afaik, personally I just comment out list force_dns_port '853' in https-dns-proxy config.
I was looking into fixing an issue of my phone (with Private DNS over DoT [853]) not connecting through HTTPS DNS Proxy, because of the port [853] redirect/conflict.
uci add firewall rule uci set firewall.@rule[-1].name='Allow-DoT-Phone' uci set firewall.@rule[-1].src='lan' uci set firewall.@rule[-1].src_mac='AA:BB:CC:DD:EE:FF' uci set firewall.@rule[-1].dest_port='853' uci set firewall.@rule[-1].proto='tcp' uci set firewall.@rule[-1].target='ACCEPT' uci commit firewall /etc/init.d/firewall restartThis might do it.
I actually tried this for an Adguard home instance to bypass the enforced https-dns-proxy on port 853 but no luck. (I tried it using src.ip instead of src.mac)
