|
|
|
|
|
|
by low_key
2026 days ago
|
|
|
I'm not sure what the commenter's setup is, but I have one that (at least mostly) achieves the same thing. It is a combination of a few things: 1. Redirect all outbound DNS traffic to your own local DNS server (as described in the link in this post)
2. Return NXDOMAIN for well-known DoH domains [1] (as well as "use-application-dns.net" for well-behaving software like Firefox [2])
3. Block traffic to well-known DoH providers by destination IP address [1] [1] https://github.com/bambenek/block-doh
[2] https://support.mozilla.org/en-US/kb/configuring-networks-di... |
|
|
I mentioned Mikrotik previously - I use them myself.