I have an old router and am trying to get it to limp along whilst awaiting a new one. The UPD DNS requests from browsers/web pages fill up the NAT table and each one has to wait for the inactivity timer of 5 minutes (can't change this). Once the table is full (and it doesn't take much to fill this table) I pretty much can't do a thing until said timeouts. SO, I decided to experiment with blocking outgoing UDP requests from my PC(s) so the table won't fill up so quickly. To this end I submitted the following:
netsh advfirewall firewall add rule name=noudpdns dir=out action=block remoteip=75.75.75.75 remoteport=53 protocol=udp enable=yes
The following shows the rule was accepted:
netsh advfirewall firewall show rule name=noudpdns
Rule Name: noudpdns
---------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: 75.75.75.75/32
Protocol: UDP
LocalPort: Any
RemotePort: 53
Edge traversal: No
Action: Block
Rule Name: noudpdns
---------------------------------------------------------------
Enabled: Yes
Direction: Out
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: 75.75.75.75/32
Protocol: UDP
LocalPort: Any
RemotePort: 53
Edge traversal: No
Action: Block
Ok.
So it looks good. I boot the router to have a clean NAT table, fire up a browser and then check the NAT table. There are dozens! of entries for 75.75.75.75:53. Certainly not what I expected :huh:. What am I doing (or thinking) wrong?
Running Win7 Pro 64-bit.
↧