[Dnsmasq-discuss] rebind-domain-ok bug? Not whitelisiing 4 word domain.
morac99-dnsmasq at yahoo.com
Tue Oct 15 03:35:59 BST 2019
So it is only kind of working. I’m still seeing the following in the logs now then:
Oct 14 20:06:18 dnsmasq: possible DNS-rebind attack detected: universal-web-internal.production.gannettdigital.com
This is with the following set:
When I specifically try to go to universal-web-internal.production.gannettdigital.com in a web browser though or do DNS lookup, I’m not seeing anything in the logs which is odd.
On Monday, October 14, 2019, 7:51 PM, Michael <morac99-dnsmasq at yahoo.com> wrote:
Someone tried it and they used the following and said it worked. When I tried it, it also worked. I have no idea why that did, but using /gannettdigital.com/ by itself did not.
On Monday, October 14, 2019, 6:05 PM, Michael <morac99-dnsmasq at yahoo.com> wrote:
I'm using ASUS Merlin 384.13, which is compiled with dnsmasq 2.80-44-g608aa9f, on my router. I have rebind protection on and want to whitelist "universal-web-internal.production.gannettdigital.com" as for some reason after upgrading to iOS 13 on my iOS devices that domain is getting hit very often.
I added the following to the dnsmasq.conf file, but the domain is still being logged:rebind-domain-ok=/universal-web-internal.production.gannettdigital.com/I also tried:rebind-domain-ok=/.gannettdigital.com/That white lists "production.gannettdigital.com" (which also has a private ip address), but not "universal-web-internal.production.gannettdigital.com".As such, this appears to be a bug. I'm not sure if dnsmasq doesn't like the dashes or the fact that there are 4 parts to the domain.
Any idea why this isn't working?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dnsmasq-discuss