DNS is a messy thing and I've found multiple clients on my network with hardcoded DNS which makes DNS level adblocking, malware blocking and content unlocking very difficult. Samsung TVs and Android phones are among the worst offenders I have seen. I run two PiHole instances which I use for all my networked devices, and this is a guide to redirect these hardcoded DNS requests to my servers instead. This happens completely transparently to the client retaining any and all DNS-based functions without the crap.
I am using USG with a hosted Unifi controller on the same machine that runs my DNS server, running Debian 10:
Then force provision your USG via the controller.
I am using USG with a hosted Unifi controller on the same machine that runs my DNS server, running Debian 10:
Code:
cd /usr/lib/unifi/data/sites/[your controller site ID]
nano config.gateway.jason
Code:
{
"service": {
"nat": {
"rule": {
"1": {
"description": "Redirect DNS requests",
"destination": {
"port": "53"
},
"inbound-interface": "eth1",
"inside-address": {
"address": "197.81.132.171",
"port": "53"
},
"source": {
"address": "!197.81.132.171"
},
"log": "disable",
"protocol": "tcp_udp",
"type": "destination"
},
"6000": {
"description": "MASQ DNS requests to LAN",
"destination": {
"address": "197.81.132.171",
"port": "53"
},
"log": "disable",
"outbound-interface": "eth1",
"protocol": "tcp_udp",
"type": "masquerade"
}
}
}
}
}
Code:
chown unifi:unifi config.gateway.json
Then force provision your USG via the controller.
Sources:
UniFi - How to View Log Files
This article will show users where to find their log files and how to view them for the different UniFi elements: Access Points, Switches, Security Gateways, and UniFi OS Console. Log files are ess...help.ui.comUniFi - Where is ?
Overview You will see <unifi_base> in many of our configuration instructions. When asked to place a file in a folder within <unif_base> use the method you would usually use when moving ...help.ui.comUniFi - USG Advanced Configuration Using config.gateway.json
Overview This article describes how to perform advanced configurations on the UniFi Security Gateway (USG and USG-PRO-4) using the config.gateway.json file. This article is not applicable to the Un...help.ui.comunifi-linux-utils/config.gateway.json/force-dns-to-pihole.json at master · stevejenkins/unifi-linux-utils
Helpful Linux / Unix scripts for admins of Ubiquiti (UBNT) UniFi wireless products - stevejenkins/unifi-linux-utilsgithub.com
Last edited: