Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

[Request] pfSense-Friendly Darknet Access

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)
User avatar

Topic Author
parityboy
Site Admin
Posts: 1092
Joined: Wed Feb 05, 2014 3:47 am

[Request] pfSense-Friendly Darknet Access

Postby parityboy » Fri Dec 30, 2016 7:37 am

@df

[For background, see here]

Can you alter the DeepDNS policies on the exit nodes such that if you query a darknet FQDN from an out-of-tunnel address (including other exits), the result is NXDOMAIN? In other words, if I'm connected to the German node and my query for an Onion address is sent to the Netherlands DeepDNS instance, the result is NXDOMAIN rather than 10.x.x.x.

This would enable us pfSense users to spin up multiple clients and not only load balance between them, but also specify the DeepDNS servers for those exit nodes in System->General Setup->DNS Server Settings. With this in place, queries for darknet TLDs will result in NXDOMAIN until the query hits the right server.

Return to “general chat, suggestions, industry news”

Who is online

Users browsing this forum: Bing [Bot] and 23 guests

cron

Login