[Dnsmasq-discuss] ipset action doesn't work in 2.69

Wang Jian larkwang at gmail.com
Thu Apr 17 04:11:33 UTC 2014 

In my home network and company network (150 people), it works fine.

2014-04-14 17:31 GMT+08:00 Wang Jian <larkwang at gmail.com>:
> Seems good now. I will keep it running for a while and report back.
>
> Regards
>
> 2014-04-14 3:53 GMT+08:00 Simon Kelley <simon at thekelleys.org.uk>:
>> I think the problem is that the ipset code simply assumes that the query
>> domain will be in daemon->namebuff, which isn't in general true, but
>> happened to be by chance before. When DNSSEC is compiled in,
>> daemon->namebuf gets used as workspace for DNSSEC and the invalid
>> assumption of the ipset code is no longer true.
>>
>> I've pushed a possible (but untested) fix to the git repo. Does that
>> help for you?
>>
>>
>>
>>
>> Cheers,
>>
>> Simon.
>>
>>
>>
>> On 12/04/14 17:39, Wang Jian wrote:
>>> Simply 'make' within git tree (checkout v2.69), I get a binary which works.
>>>
>>> # ./dnsmasq -v
>>> Dnsmasq version 2.69-1-g97dce08  Copyright (c) 2000-2014 Simon Kelley
>>> Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP
>>> DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC
>>>
>>>
>>> Running 'git-buildpackage --git-debian-tag=v2.69
>>> --git-upstream-tag=v2.69' in git tree, I get a binary which doesn't
>>> work
>>>
>>> # /usr/sbin/dnsmasq -v
>>> Dnsmasq version 2.69-1-g97dce08  Copyright (c) 2000-2014 Simon Kelley
>>> Compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua
>>> TFTP conntrack ipset auth DNSSEC
>>>
>>>
>>> The 2.69 binary from sid repository doesn't work, either.
>>>
>>>
>>> 2014-04-12 21:06 GMT+08:00 Wang Jian <larkwang at gmail.com>:
>>>> Hi,
>>>>
>>>> I build 2.69 deb package from git tree to use the new ipset action
>>>> log. To my surprise, ipset action stops working.
>>>>
>>>> I traced the process_reply() and found some strange behavior, but I am
>>>> not familiar with util.c, so I can only provide what I found. (break
>>>> at process_reply() then break at hostname_isequal(). )
>>>>
>>>> I use 'host 6pm.com' to trigger the break point.  In the output, you
>>>> can see 6pm.com should be matched but actually not.
>>>>
>>>> ---- snip ----
>>>>
>>>> Breakpoint 1, process_reply (header=header at entry=0x85cb278,
>>>> now=now at entry=1397305916, server=server at entry=0x85d70a8,
>>>>     n=n at entry=267, check_rebind=check_rebind at entry=0,
>>>> no_cache=no_cache at entry=0, cache_secure=0, ad_reqd=0, do_bit=0,
>>>>     added_pheader=0, check_subnet=0,
>>>> query_source=query_source at entry=0x85d2e68) at forward.c:545
>>>> 545     forward.c: No such file or directory.
>>>> (gdb) display ipset_pos->domain
>>>> 1: ipset_pos->domain = 0x85d5040 "6pm.com"
>>>> (gdb) break hostname_isequal
>>>> Breakpoint 2 at 0x8059410: file util.c, line 288.
>>>> (gdb) c
>>>> Continuing.
>>>>
>>>> Breakpoint 2, hostname_isequal (a=a at entry=0x85c9859 "6pm\003com",
>>>> b=b at entry=0x85d5040 "6pm.com") at util.c:288
>>>> 288     util.c: No such file or directory.
>>>> (gdb) display a
>>>> 2: a = 0x85c9859 "6pm\003com"
>>>> (gdb) display b
>>>> 3: b = 0x85d5040 "6pm.com"
>>>> (gdb) c
>>>> Continuing.
>>>>
>>>> Breakpoint 1, process_reply (header=header at entry=0x85cb278,
>>>> now=now at entry=1397305916, server=server at entry=0x85d70a8,
>>>>     n=n at entry=267, check_rebind=check_rebind at entry=0,
>>>> no_cache=no_cache at entry=0, cache_secure=0, ad_reqd=0, do_bit=0,
>>>>     added_pheader=0, check_subnet=0,
>>>> query_source=query_source at entry=0x85d2e68) at forward.c:545
>>>> 545     forward.c: No such file or directory.
>>>> 1: ipset_pos->domain = 0x85d4e68 "zlib.net"
>>>> (gdb)
>>>> Continuing.
>>>>
>>>> Breakpoint 2, hostname_isequal (a=a at entry=0x85c9858
>>>> "\003\066pm\003com", b=b at entry=0x85d4e68 "zlib.net") at util.c:288
>>>> 288     util.c: No such file or directory.
>>>> 3: b = 0x85d4e68 "zlib.net"
>>>> 2: a = 0x85c9858 "\003\066pm\003com"
>>>> (gdb)
>>>> Continuing.
>>>>
>>>> Breakpoint 1, process_reply (header=header at entry=0x85cb278,
>>>> now=now at entry=1397305916, server=server at entry=0x85d70a8,
>>>>     n=n at entry=267, check_rebind=check_rebind at entry=0,
>>>> no_cache=no_cache at entry=0, cache_secure=0, ad_reqd=0, do_bit=0,
>>>>     added_pheader=0, check_subnet=0,
>>>> query_source=query_source at entry=0x85d2e68) at forward.c:545
>>>> 545     forward.c: No such file or directory.
>>>> 1: ipset_pos->domain = 0x85d47c8 "hulu.com"
>>>> (gdb)
>>>> Continuing.
>>>>
>>>> Breakpoint 2, hostname_isequal (a=a at entry=0x85c9858
>>>> "\003\066pm\003com", b=b at entry=0x85d47c8 "hulu.com") at util.c:288
>>>> 288     util.c: No such file or directory.
>>>> 3: b = 0x85d47c8 "hulu.com"
>>>> 2: a = 0x85c9858 "\003\066pm\003com"
>>>> (gdb)
>>>> Continuing.
>>>>
>>>> Breakpoint 2, hostname_isequal (a=a at entry=0x85c9858 "6pm.com",
>>>> b=b at entry=0x85d69b0 "6pm.com") at util.c:288
>>>> 288     in util.c
>>>> 3: b = 0x85d69b0 "6pm.com"
>>>> 2: a = 0x85c9858 "6pm.com"
>>>> (gdb)
>>>> Continuing.
>>>>
>>>> Breakpoint 2, hostname_isequal (a=0x85d69b0 "6pm.com", b=0x85d7240
>>>> "wiki.nginx.org") at util.c:288
>>>> 288     in util.c
>>>> 3: b = 0x85d7240 "wiki.nginx.org"
>>>> 2: a = 0x85d69b0 "6pm.com"
>>>> (gdb)
>>>
>>

More information about the Dnsmasq-discuss mailing list