[Pfsense-pt] pfSense como DNS Recursivo

Discussion:

Fábio Rodrigues Ribeiro

2018-03-01 18:30:02 UTC

Olá boa tarde!

Estou com problemas do pfSense para somente servir DNS (recursivo).

No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.

Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
pela rede LAN e recebo o erro DNS_PROBE_FINISHED_NXDOMAIN:

Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a internet.

VMware Virtual Machine - Netgate Device ID:

*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***

WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24

0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell (sshd)
6) Halt system 15) Restore recent configuration
7) Ping host 16) Restart PHP-FPM
8) Shell

Enter an option: 8

[2.4.2-RELEASE][***@pfSense.localdomain]/root: tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP,
length 136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP, length 136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
ff15::efc0:988f.6771: UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP,
length 136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP, length 136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
ff15::efc0:988f.6771: UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP,
length 133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel

Abraços

Fábio Rodrigues Ribeiro

2018-03-05 19:38:53 UTC

Permalink

Fábio Rodrigues Ribeiro

2018-03-05 19:40:55 UTC

Permalink

Perdão por enviar duas vezes, não estava localizando a mensagem

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!
Estou com problemas do pfSense para somente servir DNS (recursivo).
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan)       -> em0        -> v4/DHCP4: 192.168.48.132/24
LAN (lan)       -> em1        -> v4: 192.168.226.129/24
0) Logout (SSH only)                  9) pfTop
1) Assign Interfaces                 10) Filter Logs
2) Set interface(s) IP address       11) Restart webConfigurator
3) Reset webConfigurator password    12) PHP shell + pfSense tools
4) Reset to factory defaults         13) Update from console
5) Reboot system                     14) Disable Secure Shell (sshd)
6) Halt system                       15) Restore recent configuration
7) Ping host                         16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP,
length 136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP, length 136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
ff15::efc0:988f.6771: UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP,
length 136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP, length 136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
ff15::efc0:988f.6771: UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP,
length 133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

fabio moraes

2018-03-05 20:34:17 UTC

Permalink

Boa tarde,
Na paz?
Ja pensou em colocar o dns fixo do google? na WAN 8.8.8.8 primario e
8.8.4.4 secundario e depois de instalar um proxy ou pelo proprio IGP do
PFSense.
Fazer um ping www.google.com, no terminal?

Fábio B. Moraes

*Fones: (53) 98112.1173 (51) **99835.1283*

--------------------------------------------------------------------------------

Em 5 de março de 2018 16:40, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
Perdão por enviar duas vezes, não estava localizando a mensagem
Olá boa tarde!

Post by FÃ¡bio Rodrigues Ribeiro
Estou com problemas do pfSense para somente servir DNS (recursivo).
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24
0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell (sshd)
6) Halt system 15) Restore recent configuration
7) Ping host 16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP, length 136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP, length 136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP, length
133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

Fábio Rodrigues Ribeiro

2018-03-05 20:36:33 UTC

Permalink

Sabe o que é... o sense não está respondendo consulta, só nslookup

Post by fabio moraes
Boa tarde,
Na paz?
Ja pensou em colocar o dns fixo do google? na WAN 8.8.8.8 primario e
8.8.4.4 secundario e depois de instalar um proxy ou pelo proprio IGP do
PFSense.
Fazer um ping www.google.com, no terminal?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
--------------------------------------------------------------------------------
Em 5 de março de 2018 16:40, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
Perdão por enviar duas vezes, não estava localizando a mensagem
Olá boa tarde!

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

fabio moraes

2018-03-05 20:39:20 UTC

Permalink

Ja revisou toda a parte de gateway, dns forwarder? Qual a versão do PF?

Fábio B. Moraes

*Fones: (53) 98112.1173 (51) **99835.1283*

--------------------------------------------------------------------------------

Em 5 de março de 2018 17:36, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
Sabe o que é... o sense não está respondendo consulta, só nslookup

Post by fabio moraes
Boa tarde,
Na paz?
Ja pensou em colocar o dns fixo do google? na WAN 8.8.8.8 primario e
8.8.4.4 secundario e depois de instalar um proxy ou pelo proprio IGP do
PFSense.
Fazer um ping www.google.com, no terminal?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 16:40, Fábio Rodrigues Ribeiro <
Perdão por enviar duas vezes, não estava localizando a mensagem

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!

Post by FÃ¡bio Rodrigues Ribeiro
Estou com problemas do pfSense para somente servir DNS (recursivo).
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24
0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell (sshd)
6) Halt system 15) Restore recent configuration
7) Ping host 16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP, length 136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP, length 136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP, length
133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

fabio moraes

2018-03-05 20:40:03 UTC

Permalink

Tem acesso teamviewer em uma estação, ou manda print da tua config?
Que te ajudo..

Fábio B. Moraes

*Fones: (53) 98112.1173 (51) **99835.1283*

--------------------------------------------------------------------------------

Post by fabio moraes
Ja revisou toda a parte de gateway, dns forwarder? Qual a versão do PF?
Fábio B. Moraes
*Fones: (53) 98112.1173 <(53)%2098112-1173> (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 17:36, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
Sabe o que é... o sense não está respondendo consulta, só nslookup

Post by fabio moraes
Boa tarde,
Na paz?
Ja pensou em colocar o dns fixo do google? na WAN 8.8.8.8 primario e
8.8.4.4 secundario e depois de instalar um proxy ou pelo proprio IGP do
PFSense.
Fazer um ping www.google.com, no terminal?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 16:40, Fábio Rodrigues Ribeiro <
Perdão por enviar duas vezes, não estava localizando a mensagem

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!

Post by FÃ¡bio Rodrigues Ribeiro
Estou com problemas do pfSense para somente servir DNS (recursivo).
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24
0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell (sshd)
6) Halt system 15) Restore recent
configuration
7) Ping host 16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP, length
133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

Fábio Rodrigues Ribeiro

2018-03-05 20:56:31 UTC

Permalink

PVT-ME

farribeiro sabeláoque gmail tambémsabené

Abraços

Post by fabio moraes
Tem acesso teamviewer em uma estação, ou manda print da tua config?
Que te ajudo..
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
--------------------------------------------------------------------------------

Post by FÃ¡bio Rodrigues Ribeiro
Sabe o que é... o sense não está respondendo consulta, só nslookup

Post by fabio moraes
Boa tarde,
Na paz?
Ja pensou em colocar o dns fixo do google? na WAN 8.8.8.8 primario e
8.8.4.4 secundario e depois de instalar um proxy ou pelo proprio IGP do
PFSense.
Fazer um ping www.google.com, no terminal?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 16:40, Fábio Rodrigues Ribeiro <
Perdão por enviar duas vezes, não estava localizando a mensagem

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!

Post by FÃ¡bio Rodrigues Ribeiro
Estou com problemas do pfSense para somente servir DNS (recursivo).
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24
0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell (sshd)
6) Halt system 15) Restore recent configuration
7) Ping host 16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP, length
133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

fabio moraes

2018-03-07 11:50:10 UTC

Permalink

Bom dia!!!

Conseguiu?

Fábio B. Moraes

*Fones: (53) 98112.1173 (51) **99835.1283*

--------------------------------------------------------------------------------

Em 5 de março de 2018 17:56, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
PVT-ME
farribeiro sabeláoque gmail tambémsabené
Abraços

Post by fabio moraes
Fábio B. Moraes
*Fones: (53) 98112.1173 <(53)%2098112-1173> (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 17:36, Fábio Rodrigues Ribeiro <
Sabe o que é... o sense não está respondendo consulta, só nslookup

Post by fabio moraes
Boa tarde,

Post by fabio moraes
Na paz?
Ja pensou em colocar o dns fixo do google? na WAN 8.8.8.8 primario e
8.8.4.4 secundario e depois de instalar um proxy ou pelo proprio IGP do
PFSense.
Fazer um ping www.google.com, no terminal?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 16:40, Fábio Rodrigues Ribeiro <
Perdão por enviar duas vezes, não estava localizando a mensagem

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!

Post by FÃ¡bio Rodrigues Ribeiro
Estou com problemas do pfSense para somente servir DNS (recursivo).
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24
0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell (sshd)
6) Halt system 15) Restore recent configuration
7) Ping host 16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP, length
133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

Fábio Rodrigues Ribeiro

2018-03-07 18:30:01 UTC

Permalink

Não... continua na mesma, Mesmo na vm que estou testando.

Post by fabio moraes
Bom dia!!!
Conseguiu?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
--------------------------------------------------------------------------------
Em 5 de março de 2018 17:56, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
PVT-ME
farribeiro sabeláoque gmail tambémsabené
Abraços

Post by fabio moraes
Boa tarde,

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!

Post by FÃ¡bio Rodrigues Ribeiro
Estou com problemas do pfSense para somente servir DNS (recursivo).
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24
0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell (sshd)
6) Halt system 15) Restore recent configuration
7) Ping host 16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP, length
133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo request, id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

fabio moraes

2018-03-08 04:39:20 UTC

Permalink

Me manda um id e senha de teamviewer que te ajudo a revisar, sem
compromisso, me add no whats.. 53 981121173

Fábio B. Moraes

*Fones: (53) 98112.1173 (51) **99835.1283*

--------------------------------------------------------------------------------

Em 7 de março de 2018 15:30, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
Não... continua na mesma, Mesmo na vm que estou testando.

Post by fabio moraes
Bom dia!!!
Conseguiu?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 17:56, Fábio Rodrigues Ribeiro <
PVT-ME

Post by FÃ¡bio Rodrigues Ribeiro
farribeiro sabeláoque gmail tambémsabené
Abraços
Tem acesso teamviewer em uma estação, ou manda print da tua config?

Post by fabio moraes
Que te ajudo..
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
------------------------------------------------------------
--------------------
Ja revisou toda a parte de gateway, dns forwarder? Qual a versão do PF?

Post by fabio moraes
Boa tarde,

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!
Estou com problemas do pfSense para somente servir DNS (recursivo).

Post by FÃ¡bio Rodrigues Ribeiro
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a
internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24
0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart
webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell (sshd)
6) Halt system 15) Restore recent configuration
7) Ping host 16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP, length
133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________
Pfsense-pt mailing list

http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

Fábio Rodrigues Ribeiro

2018-03-08 23:42:19 UTC

Permalink

Olá boa noite,

não tive tempo para me dedicar em fazer o pfSense trabalhar como DNS
recursivo. Tenta reproduzir aí... se conseguir coloque a solução aqui na
lista

Abraços

Post by fabio moraes
Me manda um id e senha de teamviewer que te ajudo a revisar, sem
compromisso, me add no whats.. 53 981121173
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
--------------------------------------------------------------------------------
Em 7 de março de 2018 15:30, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
Não... continua na mesma, Mesmo na vm que estou testando.

Post by fabio moraes
Bom dia!!!
Conseguiu?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 17:56, Fábio Rodrigues Ribeiro <
PVT-ME

Post by FÃ¡bio Rodrigues Ribeiro
farribeiro sabeláoque gmail tambémsabené
Abraços
Tem acesso teamviewer em uma estação, ou manda print da tua config?

Post by fabio moraes
Boa tarde,

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!
Estou com problemas do pfSense para somente servir DNS (recursivo).

Post by FÃ¡bio Rodrigues Ribeiro
No Unbound seto ACL 0.0.0.0/0 ... E nada.
Marco DNS Forwarder no Unbound... E nada.
Libero ou desativo o firewall (WAN OU LAN)... E nada.
Desmarco proteções, lockout, bogon e entre outros... E nada.
Consultas lookup passam normalmente, tanto no pfSense ou cliente.
Experimentei também com uma maquina real (placas intel) e tenho o mesmo
sintoma. No momento do dump faço uma consulta (DNS) pelo browser vindo
Atualmente a rede WAN está em modo NAT do vmware e a LAN está em modo
Host-Only. Ambas estão sendo alcançadas normalmente, inclusive a
internet.
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense ***
WAN (wan) -> em0 -> v4/DHCP4: 192.168.48.132/24
LAN (lan) -> em1 -> v4: 192.168.226.129/24
0) Logout (SSH only) 9) pfTop
1) Assign Interfaces 10) Filter Logs
2) Set interface(s) IP address 11) Restart webConfigurator
3) Reset webConfigurator password 12) PHP shell + pfSense tools
4) Reset to factory defaults 13) Update from console
5) Reboot system 14) Disable Secure Shell
(sshd)
6) Halt system 15) Restore recent
configuration
7) Ping host 16) Restart PHP-FPM
8) Shell
Enter an option: 8
tcpdump: verbose output suppressed, use -v or -vv for full protocol
decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:00:04.123856 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 613, length 8
15:00:04.124078 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 613, length 8
15:00:04.654853 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 614, length 8
15:00:04.654933 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 614, length 8
15:00:05.186598 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 615, length 8
15:00:05.186830 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 615, length 8
15:00:05.718139 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 616, length 8
15:00:05.718201 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 616, length 8
15:00:06.248989 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 617, length 8
15:00:06.249043 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 617, length 8
15:00:06.780552 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 618, length 8
15:00:06.780600 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 618, length 8
15:00:07.312296 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 619, length 8
15:00:07.312357 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 619, length 8
15:00:07.843499 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 620, length 8
15:00:07.843609 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 620, length 8
15:00:08.375041 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 621, length 8
15:00:08.375190 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 621, length 8
15:00:08.907069 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 622, length 8
15:00:08.907187 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 622, length 8
15:00:09.438780 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 623, length 8
15:00:09.438833 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 623, length 8
15:00:09.925200 IP 192.168.48.132.52096 > dns.quad9.net.domain: 63751+
[1au] A? google.com. (39)
15:00:09.967095 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 624, length 8
15:00:09.967143 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 624, length 8
15:00:10.180729 IP dns.quad9.net.domain > 192.168.48.132.52096: 63751
1/0/1 A 172.217.12.206 (55)
15:00:10.181001 IP 192.168.48.132.27048 > dns.quad9.net.domain: 50603+%
[1au] DS? com. (32)
15:00:10.441837 IP dns.quad9.net.domain > 192.168.48.132.27048: 50603$
2/0/1 DS, RRSIG (367)
15:00:10.442752 IP 192.168.48.132.6260 > dns.quad9.net.domain: 51511+%
[1au] DNSKEY? com. (32)
15:00:10.482996 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 625, length 8
15:00:10.483019 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 625, length 8
15:00:10.624300 IP dns.quad9.net.domain > 192.168.48.132.6260: 51511$
3/0/1 DNSKEY, DNSKEY, RRSIG (743)
15:00:10.624658 IP 192.168.48.132.10239 > dns.quad9.net.domain: 24068+%
[1au] DS? google.com. (39)
15:00:10.872239 IP dns.quad9.net.domain > 192.168.48.132.10239: 24068
0/6/1 (760)
15:00:10.873122 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:10.873798 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:10.874032 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:10.874257 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:11.014483 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 626, length 8
15:00:11.014552 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 626, length 8
15:00:11.545820 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 627, length 8
15:00:11.545840 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 627, length 8
15:00:12.077135 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 628, length 8
15:00:12.077228 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 628, length 8
15:00:12.608115 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 629, length 8
15:00:12.608173 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 629, length 8
15:00:12.875465 IP 192.168.48.1.64078 > 239.192.152.143.6771: UDP, length
136
15:00:12.875619 IP 192.168.48.1.6771 > 239.192.152.143.6771: UDP,
length
136
15:00:12.875673 IP6 fe80::e921:3395:299d:d61.64166 >
ff15::efc0:988f.6771: UDP, length 138
15:00:12.875901 IP6 fe80::e921:3395:299d:d61.6771 >
UDP, length 138
15:00:13.139386 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 630, length 8
15:00:13.139501 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 630, length 8
15:00:13.670592 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 631, length 8
15:00:13.670793 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 631, length 8
15:00:14.201479 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 632, length 8
15:00:14.201568 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 632, length 8
15:00:14.252141 IP 192.168.48.1.17500 > 192.168.48.255.17500: UDP, length
133
15:00:14.732367 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 633, length 8
15:00:14.732421 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 633, length 8
15:00:15.262757 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 634, length 8
15:00:15.262823 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 634, length 8
15:00:15.793398 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 635, length 8
15:00:15.793537 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 635, length 8
15:00:16.325225 IP 192.168.48.132 > 192.168.48.2: ICMP echo
request,
id
26811, seq 636, length 8
15:00:16.325334 IP 192.168.48.2 > 192.168.48.132: ICMP echo reply, id
26811, seq 636, length 8
^C
65 packets captured
65 packets received by filter
0 packets dropped by kernel
Abraços
_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________
Pfsense-pt mailing list

http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
_______________________________________________

Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

_______________________________________________
Pfsense-pt mailing list
http://lists.pfsense.org/mailman/listinfo/pfsense-pt

Glênio Côrtes Himmen

2018-03-05 20:44:43 UTC

Permalink

Lendo as mensagens, percebo que você está com problemas de dns.
Se você utiliza o modem da OI (aquele quadradinho preto ), e colocou um
segundo ip na lan, você não vai conseguir navegar.
Essa bomba desse modem não libera nada externo no segundo ip.

Post by fabio moraes
Ja revisou toda a parte de gateway, dns forwarder? Qual a versão do PF?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
--------------------------------------------------------------------------------
Em 5 de março de 2018 17:36, Fábio Rodrigues Ribeiro <

Post by FÃ¡bio Rodrigues Ribeiro
Sabe o que é... o sense não está respondendo consulta, só nslookup

Post by fabio moraes
Boa tarde,
Na paz?
Ja pensou em colocar o dns fixo do google? na WAN 8.8.8.8 primario e
8.8.4.4 secundario e depois de instalar um proxy ou pelo proprio IGP do
PFSense.
Fazer um ping www.google.com, no terminal?
Fábio B. Moraes
*Fones: (53) 98112.1173 (51) **99835.1283*
------------------------------------------------------------
--------------------
Em 5 de março de 2018 16:40, Fábio Rodrigues Ribeiro <
Perdão por enviar duas vezes, não estava localizando a mensagem

Post by FÃ¡bio Rodrigues Ribeiro
Olá boa tarde!

mesmo