Simplewall: rules with hostnames are not working (>v2.0)

I just want to add:

in the log it reads:
DnsQuery() failed with error code 0x0000232a (spiegel.de) [2.1.4]
i looked up the error code:
0x0000232A | DNS server failure. | DNS_ERROR_RCODE_SERVER_FAILURE

I don't know why there is a dns server failure.. my dns and nslookups are working, what could be the cause?

I just found a nother line in the log:
ParseNetworkString() failed with error code 0x00000057 (spiegel.de) [2.1.4]
???

spiegel.de is resolved as well in 2.1.4 and 2.2 Beta for me, something changed in your question in new 2.2 Beta?

I added a custom rule to firefox.exe process which blocks "spiegel.de" in/out *
I started a random website, it works.
i went to www.spiegel.de and it supposed to timeout, but again, it is loading, no packets from spiegel.de get dropped.

Error in the Log:
[‎03.‎2018] DnsQuery() failed with error code 0x0000232a (spiegel.de) [2.2.1]

how is simplewall resolving dns? is it using the "system" process to resolve dns? because I'm currently blocking system process except some IPs (I'm not blocking all on svchost though). or any other idea why simplwall could fail resolving dns?

again, if i make a nslookup spiegel.de (128.65.210.8), and create a block rule for that IP, it works exactly as supposed: entering spiegel.de in the browser produces a timeout.

0x0000232a is a DNS server error.

You can set custom DNS server like Google DNS (or another) for domain names resolution, add line DnsServerV4=8.8.8.8 to simplewall.ini and restart simplewall.

Okay, that is strange.
When i add DnsServerV4=8.8.8.8 to simplewall.ini it works. That's good.
However, then I wonder why it doesn't work with default settings? I'm behind a router, gateway and dns is both 192.168.1.1 and DNS is generally working.
When I add DnsServerV4=192.168.1.1 to simplewall.ini it doesn't work either, the router points to the correct working DNS server(s) from my ISP.

I just looked at my router what it currently uses as DNS server. it's: 217.237.151.115
When I add DnsServerV4=217.237.151.115 to simplewall.ini it still does not work. However other programs on my system are able to resolve DNS over 192.168.1.1 standard query (which currently leads to 217.237.151.115)

Could there be anything on simplewalls side which makes it not work with Routers/DNS?

check 2.2.2

Same behaviour here. DNSquery() error in ErrorLog AND HostName filters seemed to be ignored.
In my case adding 'DnsServerV4=8.8.8.8' to simplewall.ini didn't help with the hostname rules to be visible, but it did get rid of the dnsquery errors.
Also the rules with the hostnames appear with a background color of red: https://i.imgur.com/8rs7PjD.png
I am guessing this is because of them not being resolved to ips.

Same behaviour in 2.2.2 beta .

I am on Windows 8.1 .

I FIGURED IT OUT!

system process was blocked. Added 2 rules to allow ICMP and ICMPv6 requests by the system process. and now even the DnsServerV4 isn't required..

Here is a screenshot of one of the rule: https://s9.postimg.org/isj5fgjfz/image.png

Hth

Scratch that. Same error and problem exists. No idea why ..

@henrypp nope sorry, still the same problem on latest version.
it's not even working now when adding
DnsServerV4=172.104.136.243
to simplewall.ini
where this is an openNIC dns server and not the ISP dns. at least last time the nic server worked when added to simplewall.ini

check 2.2.5

@henrypp sorry, no change. I also reset my config file and app rules to test.

when i add DnsServerV4=172.104.136.243 to the config file, simplewall blocks spiegel.de when I ping it in a cmd window. when I don't add a 3rd party DNS server, the ping just goes through despite the global block rule.

another thing to note: when a 3rd party DNS server like DnsServerV4=172.104.136.243 is added to the config file, the firewall blocks the pings of the blocked host in the command prompt. However, when I try to browse the host with firefox, it is still working despite the blocking. firefox in this case is a whitelisted program.

So this lets me assume, that program-specific allow/block rules overwrite global allow/block rules, because despite having a global block rule for spiegel.de, firefox can connect to it, while pinging it in cmd-prompt gets blocked.

I assumed global block rules would overrule any program specific rules made. But it looks like program specific rules have higher priority than global rules.

that being said: changing the global block rule of spiegel.de to a firefox-program-specific block rule (allow everything in firefux BUT spiegel.de) still doesn't work, it is loadable..

I'm sorry I have no idea what causes the problem.

#173 maybe related issue, your dns server configuration on router or where?

@henrypp yes, like i said, I'm using a router and the router has configured the dns server it gets from the internet service provider.

i tested a bit further again
and one problem was my fault: blocking spiegel.de does not work in the browser because it always instantly redirects to www.spiegel.de, which is a different IP. blocking www.spiegel.de correctly blocks the host in the command prompt AND the browser. HOWEVER, this only works when I specify DnsServerV4=172.104.136.243 in the simplewall.ini.

Without having this line in simplewall.ini i get this error:
DnsQuery() failed with error code 0x0000232a (www.spiegel.de) [2.2.5]

what works:

• specify DnsServerV4=172.104.136.243 (or any other 3rd party dns) in the simplewall.ini.

what works NOT:

• setting the OS' wlan/lan interface DNS Server to something like 8.8.8.8.
• let the interface automatically configure IP/DNS so it uses the DNS from the Router which uses the DNS from the ISP

System rule for DNS allows 53 port only for "svchosts.exe" and "System", try to allow 53 port for ALL and test again.

@henrypp I completely uninstalled simplewall and deleted all config files. then I installed simplewall with all default settings. I added a global rule to allow port 53 for everything.

the outcome is the same as in my post before and everytime there is an error called:
DnsQuery() failed with error code 0x0000232a (www.spiegel.de) [2.2.7]

still the only way to make it work is to add a DnsServerV4=172.104.136.243 (or any other 3rd party dns) in the simplewall.ini.