Last night I did a mass update from 9.210 to 9.315002. This morning DNS resolution is broken. I have a the google DNS 8.8.8.8 and 8.8.4.4 defined as DNS fowarders. I have my internal network and vpn networks defined as allowed. I have DNSSEC validation turned on (I also tried turning off DNSSEC). I am on a static IP subnet from my ISP so there are no provided "assigned by ISP". DHCP is assigning to clients my firewall's internal IP address as the only DNS server. I have disable Web protection, Intrusion detection, and advanced threat detection. I have an allow any to any at the top of my firewall rules list. I can manually assign DNS in my client machines and DNS work, but I cannot get the firewall to service DNS requests. The firewall itself is not able to resolve names when testing "Support-->Tools-->DNS Lookup. I have restarted the firewall several times.
In the bootlog I see alot of the following which is a DNS attempt from my PC to the firewall:
2015:08:16-11:54:50 fw [daemon:info] ulogd[3656]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth3" srcmac="3c:97:0e:72:72:ad" dstmac="00:12:3f:20:ef:89" srcip="10.9.240.130" dstip="10.9.240.1" proto="17" length="69" tos="0x00" prec="0x00" ttl="128" srcport="64071" dstport="53"
And from my firewall logs I'm seeing:
2015:08:16-03:59:18 fw ulogd[15888]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="br0" mark="0x307c" app="124" srcmac="00:22:2d:75:95:1b" dstmac="00:12:3f:20:ef:88" srcip="8.8.8.8" dstip="75.145.26.201" proto="17" length="119" tos="0x00" prec="0x20" ttl="48" srcport="53" dstport="58811"
This thread was automatically locked due to age.
