20
submitted 1 month ago* (last edited 1 month ago) by mat@jlai.lu to c/selfhosted@lemmy.world

Hi people. I am running pihole under podman and its dedicated system account on my NAS. Now, from the NAS, I get a connection refused on ip.of.the.nas:53 but everywhere else in my network, pihole works perfectly. To run pihole as a rootless container, i made it listen on 1053 and I have a firewall redirection from 53 to 1053 for both udp and tcp. Any pointer to where (and how) I can debug this ?

Edit: Small precision about my current setup : ISP router (so I can't really do anything on it) and NAS running opensuse leap

you are viewing a single comment's thread
view the rest of the comments
[-] BluescreenOfDeath@lemmy.world 2 points 1 month ago

I agree.

So the solution, OP, is to set the DNS settings on your NAS to your router's internal IP so the firewall can redirect the traffic to your new port.

[-] IsoKiero@sopuli.xyz 1 points 1 month ago

As it's only single device I'd suggest configuring DNS server for that to :1053. Port forwarding rule on the nas firewall most likely applies only to 'incoming' traffic to the nas and as locally generated DNS request isn't 'incoming' (you can think it as 'incoming' traffic is everything coming via ethernet cable into the nas) then the port redirection doesn't trigger as you're expecting.

[-] BluescreenOfDeath@lemmy.world 2 points 1 month ago* (last edited 1 month ago)

An inbound only DNS forwarding rule would be pointless. All DNS queries should be originating from within the network.

EDIT

I think I see what you're getting at. Assuming that the firewall is running on the NAS vs on the router.

The OP doesn't specify, but I would assume the firewall rule would be on the router, as that makes the most sense to force all DNS requests on the network to go through the pihole.

[-] mat@jlai.lu 1 points 1 month ago

I am still using my ISP's router, so the firewall rule is on the NAS (for now it is almost a do it all server), otherwise I would run the pihole on the router I think

load more comments (3 replies)
load more comments (3 replies)
load more comments (3 replies)
this post was submitted on 17 Oct 2024
20 points (88.5% liked)

Selfhosted

40406 readers
314 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS