Networking question: How does a default-deny firewall handle clients attempting to contact domains looked up via DNS-over-HTTPS? The firewall can’t see the DNS lookup, so it can’t populate its tables. Is the traffic blocked? Am I missing something here?
48
20
2
145
Replying to @SwiftOnSecurity
The firewall sees the destination IP of the connection, if that's not in a whitelisted rule then a deny is sent. Firewall, DNS, and HTTP are filtered independently of each other in my network

Jan 23, 2020 · 9:25 AM UTC