Options

DNS Invalid Response

Hello,
in the log files i see a Deny Message for the DNS Request.

ProxyMatch, ProxyDeny: DNS invalid response, pri=6, disp=Deny, policy=DNS-proxy-OUT-00, protocol=dns/udp, src_ip=Internal-Server, src_port=60002, dst_ip=DNS-from-ISP, dst_port=53

I can't see which Request Type is blocked.

Have anyone an idea?

Thanks,
Oliver

Comments

  • Options

    You could set the Default action to log for the Query Types or the Query Names.
    Either will show the Type.

    I log Query Names:
    rule_name="Default" query_type="A" question="client.wns.windows.com" geo_dst="USA"

  • Options

    Hello Bruce,
    thanks for the feedback.
    I try it.

Sign In to comment.