We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see https://campus.barracuda.com/doc/71862301/ for further information on our EoS policy.

How to Configure DNS Blacklisting

  • Last updated on

To redirect blacklisted domains on the firewall level, use DNS blacklisting. The Barracuda NG Firewall scans replies from the DNS servers and manipulate the replies if blacklisted hostnames are found. DNS blacklisting only works for UDP DNS queries. If the DNS queries use TCP, the blacklist is not applied.

  • The DNS query is intercepted and the A record is replaced with a replacement IP address.
  • The DNS query is intercepted and answered with NXDOMAIN, signaling the hostname does not exist.

Webbrowsers or the operating systems local DNS cache, may use the DNS replies stored in their local caches, circumventing DNS blacklisting. 

Configure DNS Blacklisting

Configure domains that should be blocked or redirected.

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Settings.
  2. In the left navigation, click DNS Blacklist.
  3. Click Lock.
  4. Enable DNS Blacklisting.
  5. Configure an IPv4 and or IPv6 address which will be returned for blacklisted domains.
  6. Enter a list of hostnames in the Hostname Blacklist area. These domains will be blacklisted. You can use the following wildcards: *  and ? to block multiple domains.
    Example: *.google.com will filter all subdomains of google.com, while www.google.?e will filter domains, such as www.google.de and www.google.se.  
  7. Enter exempted domains in the Hostname Whitelist area. These domains will not be blocked, even if they are included in the Hostname Blacklist.

    DNS_Backlisting.png

  8. Click Send Changes and Activate.

If queries are blocked/replaced due to blacklisting, an entry is added in the IPS section of the Threat Scan Page.

FW_DNS_Blacklist.png

Last updated on