[Dnsmasq-discuss] opcode: QUERY, status: REFUSED

Carlos Carvalho carlos at fisica.ufpr.br
Wed Jan 23 15:56:21 GMT 2008


Mike Wright (mike.wright at mailinator.com) wrote on 22 January 2008 12:24:
 >Running dnsmasq-2.38-1.fc6.i386.rpm on fedora core 6.
 >
 >I'm trying to block adservers.  I think I have the config file setup 
 >correctly but dnsmasq is not acting as I expect.
 >
 >I've made these changes to dnsmasq.conf:
 >
 >   interface=lo
 >   log-queries
 >   address=/mediaplex.com/127.0.0.1
 >
 >iptables is not running on the local machine
 >
 >Examples (for brevity only status shown):
 >
 >1)  dig @lo www.yahoo.com. any
 >
 >       opcode: QUERY, status: NOERROR
 >
 >2)  dig @lo mediaplex.com. any
 >
 >       opcode: QUERY, status: REFUSED
 >
 >3)  dig @dns mediaplex.com. any
 >
 >       opcode: QUERY, status: NOERROR
 >
 >example 1 acts as expected, passing the query through to the recursive 
 >name server.
 >
 >example 2 should be answered with NOERROR and address 127.0.0.1 but 
 >instead is refused.

Hasn't this been corrected in a later version? From the changelog for v2.41:

      Fix a bug where NXDOMAIN could be returned for a query
      even if the name's value was known for a different query
      type. This bug could be prodded with 
      --local=/domain/ --address=/name.domain/1.2.3.4 
      An IPv6 query for name.domain would return NXDOMAIN, and
      not the correct NOERROR. Thanks to Lars Nooden for
      spotting the bug and Jima for diagnosis of the problem.



More information about the Dnsmasq-discuss mailing list