|
|
|
|
|
|
by KozmoNau7
1734 days ago
|
|
|
You can block all outgoing requests to ports 53 and 853 for DNS and DoT respectively. That's the easy part. For DoH, you either have to block port 443 (bad idea), or block the IPs of all known DoH providers. Then you can run for example a Pi-Hole and add a firewall rule to allow outgoing DNS traffic only for that. And of course that will not stop device/app makers from using nonstandard ports or even tunnelling their DNS traffic through other protocols. |
|
|