Default Gateway

[Suporte]

Hello Good Afternoon, NxFilter has a place to configure the default gateway we have many subnets and I notice that NxFilter does not respond to queries from other subnets

[Jahastech]

Are you sure that they can access NxFilter from the subnets? Enable debugging and look into /nxfilter/log/nxfilter.log.

This is about how to enable debugging,

  https://nxfilter.org/tutorial/i-faq.php#enable-debug

[Suporte]

After many attempts I found out why the connections do not happen the connections are not conserving the destination address in the response which causes the packets to be discarded this is because it is a connectionless udp protocol, after configuring the ubuntu kernel as routing table or packet marking I was not successful nxfilter insists on responding in the default route, I would like to know if nxfilter can work this way?
I redid some tests with bind9 dns server and to my surprise it works it responds conserving the input interface on which the packet was received, responding on the same interface, conserving the destination address from which the packet originated

[Jahastech]

I don't know what you are trying to do. If it's about filtering multiple subnets try NxRelay. That'd be easier.

Tutorial,

  https://nxfilter.org/tutorial/d-nxrelay-for-whole-network.php

Some guy asked about filtering bultiple branch offices with AD integration,

  https://nxfilter.org/forum/tech-support/669-nxfilter-and-multiple-sites

Some Brazilian guy using NxFilter + NxRelay for that,

  https://nxfilter.org/forum/usage-reports/743-usage-report-from-etec-prof-massuyuki-kawano-for-march2022

This is a lot easier than your routing table modification approach.

[Suporte]

What I need that nxfilter responds to a request on the same destination interface that the packet does not originate, because we have VPN tunnels, this problem is occurring because Nxfilter is installed in PfSense with multiple vlan interfaces which is causing the problem of routing that always exists of udp connectionless protocol, but I identified that it is possible to change the Nxfilter listening IP addresses in /conf/cfg.properties after changing from 0.0.0.0 all interfaces to a single interface it starts to respond on the same interface where the packet originated providing the connections between the subnets thanks very much 

[Jahastech]

Yeah, multiple subnets. Try NxRelay. Whatever you do, you will have problems if you try to use multiple network interfaces.

And I don't understand why you talk about gateway here. NxFilter is not a gateway. It's a DNS server. And I don't know what's with bind9 thing. Usually, you can't set multiple listen IPs for a UDP server. Some guy asked about that and at first we thought it's a Java thing but later we tested with otehr softwares and they made the same result. UDP is basically connectionless. It doesn't know where it comes from if you have multiple listening IPs.