[Dnsmasq-discuss] DNS pattern response
richardvoigt at gmail.com
richardvoigt at gmail.com
Fri Dec 4 16:03:17 GMT 2009
On Thu, Dec 3, 2009 at 10:06 PM, Perette Barella <perette at barella.org> wrote:
> I think there's a misunderstanding on how the WPAD DNS version operates. The "wpad.domain.localnet" is used by the browser at startup to locate the proxy configuration file which applies to all domains. You don't need a separate wpad.google.com and wpad.amazon.com for every domain users are trying to connect to.
> If for some reason your local hosts are configured with different domain names (and therefore looking up wpad.google.com or wpad.amazon.com), I think we need more explanation on just what strangeness you've got going on.
In general, I think we can say that users who have ignored the
DHCP-provided domain and configured their own intend to opt-out of
wpad. Browser proxy settings are at the discretion of the user
anyway, if you want a mandatory proxy setup you'll need to use
iptables to accomplish that, not DNS.
There's no need to wildcard match wpad hostnames, which are subject to
user-side DNS caching anyway (a user who has configured for
domain=google.com probably already has wpad.google.com cached and
won't get information from dnsmasq).
Any solution to this which involves DNS is inherently broken.
> You can do the same thing by
> On 2009年12月03日, at 22:45, Eric Laganowski wrote:
>> Well, while legal advice is always appreciated that was not what I was
>> asking for.
>> I was asking about a specific feature of dnsmasq and I am still at a
>> loss whether it is possible to accomplish what I was looking for or not.
>> On a side note, DHCP option 252 is not supported by Firefox, that is way
>> I am forced to explore other options.
>> richardvoigt at gmail.com wrote:
>>> I think you're going about this the wrong way. Use the DHCP option
>>> "auto-proxy-config" to control the URL browsers use for auto-proxy.
>>> Spoofing addresses in other domains doesn't solve any problems, it
>>> only creates more (and is borderline illegal in many areas).
>>> On Thu, Dec 3, 2009 at 4:48 PM, Eric Laganowski <eric at laganowski.net> wrote:
>>>> I guess I am not communicating this well.
>>>> The desired dnsmasq behavior would be to reply, say, with 192.168.1.1 to any request starting with "wpad.", not just local domain, so if, say my domain is domain.local, dnsmasq responds with 192.168.1.1 to both wpad.domain.local and wpad.google.com
>>>> Date: Wed, 2 Dec 2009 12:52:35 -0430
>>>> From: Santiago Zarate <santiago at zarate.net.ve>
>>>> Subject: Re: [Dnsmasq-discuss] DNS pattern response
>>>> To: dnsmasq-discuss at lists.thekelleys.org.uk
>>>> Message-ID: <200912021252.35536.santiago at zarate.net.ve>
>>>> Content-Type: Text/Plain; charset="us-ascii"
>>>> i guess you can use a cname record...
>>>> tho... i'm pretty sure that cname=wpad,10.40.60.90 will also work...
>>>> -- Santiago Zarate santiago at zarate.net.ve (+58) 4129864175 (+58) 4241073905
>>>> Date: Wed, 2 Dec 2009 11:45:57 -0500
>>>> From: Eric Laganowski <elaganowski at hotmail.com>
>>>> Subject: [Dnsmasq-discuss] DNS pattern response
>>>> To: <dnsmasq-discuss at lists.thekelleys.org.uk>
>>>> Message-ID: <SNT130-w394FD18999D0797477ACB7A6950 at phx.gbl>
>>>> Content-Type: text/plain; charset="iso-8859-1"
>>>> I am playing with browser proxy autodiscovery feature and would like dnsmasq to reply with a certain IP address to any DNS query starting with "wpad.", any domain might follow.
>>>> Is it possible to accomplish this with dnsmasq?
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
More information about the Dnsmasq-discuss