How Can We Help?
Print

DNS Filtering

 

DNS FILTER

DNS filtering is an added feature in zWAN CPE to provide enhanced security and administrator control to prevent users from accessing unwanted/malicious websites. This feature makes use of Domain Name blocking when a client machine tries to resolve the DNS query for such a website. It also reduces network bandwidth usage by blocking ads if enabled.

Overview

DNS filtering is mainly used to block categories of domains to enhance security by preventing access to malicious or suspicious domains. Domain names are classified into categories pulled from various open and free databases. The filter categories are classified based on the type of website, database size, and purpose. The database needs regular updates and should be stored in a common repository accessible by all CPEs configured with DNS filtering.

The repository is currently hosted on MinIO or any web server authorized by the network administrator. External repositories that maintain domain name databases are also queried for updates. The domain names database is periodically downloaded onto a central repository in MinIO, and all CPEs pull updates daily. An API allows updating the time of day for downloads and the repository location from which domain names are fetched.

Functionality

Configure DNS Filter

Enabling the DNS filter requires configuring its status, repository path, and update hour. The repository must contain zWAN-formatted database files of all listed categories. A custom application downloads database files from various sources to generate the formatted zWAN database files.

The update hour specifies when each edge controller pulls its enabled categories. Options include ‘Default’ for daily updates, ‘No update’ to disable updates, and specific hours (0-23) for scheduled updates.

Users can view the repository path and last filter pull/reload time. Changes to DNS filter configuration, such as enabling/disabling filters, updating categories, or modifying allow/block lists, change the filter status color: ‘Amber’ for pending updates and ‘Green’ when applied.

Enable/Disable Filter Sources/Categories

Users can enable multiple categories or select a combination labeled as a “Compilation.” Categories vary in size and may contain hundreds to millions of domain names. Large databases may require more memory and CPU resources.

Users can view details of each category, including the source URL, database size, and memory requirements, before enabling it.

Hardware limitations and recommendations for enabling specific filter sources are available through the info icon.

Add/Delete Custom Allowlist

Users can allow specific domains even if they belong to a blocked category by adding them to the custom allowlist.

Admins can also import allowlists from .csv files.

Add/Delete Custom Blocklist

Users can add specific domain names to a custom blocklist to block sites not included in the enabled DNS filter categories.

Admins can also import blocklists from .csv files.

Uploading Latest Filter Database to MinIO

Follow the instructions in the link below to create the DNS filter database files:

GitLab DNS Filter Repository

Once the filter files are created, upload them to a common repository for all edge controllers to access. The files are located in /usr/share/dnsfilter/formattedsources on the machine where the DNS filter utility was run.

After logging into MinIO, create a bucket for uploading the filter files and set its access policy to ‘Public.’


Update the repository path in the edge controller using the following format:

    https://<provider-ip>:7080/minio/<bucket-name>/<folder-name>

Result

With DNS Filter configured, the filter config page displays configuration details and enabled categories. The status color will be “Green.”

The system logs will display blocked DNS queries and issue alerts for blocked domains.

Was this article helpful?
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
5
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.
Table of Contents
Top