[Dnsmasq-discuss] filter-AAAA is breaking dnsmasq

Mufasa dgutierr at pride-rock.com
Mon Oct 11 08:10:22 UTC 2021 

A few things still outstanding and more observations.

From Geert Stappers:

	@E  Consider to subscribe to this mailinglist
	Fixing your email program so it honors 'In-Reply-To: ‘
	would also solve a problem you are emmitting.

Doing this would make it easier to reply to your messages.  As is, I’m manually updating the reply to line to be the mailing list and not sending mail directly to you only (removing the CC because I use reply not reply all).

Also from Geert:

	>What does "where dnsmasq" say?
	>Are you actually running the binary you just built?

	That information is indeed missing.

A subtle, but correct observation.  Your output included “which” not “where” (whereis?).  I believe the goal was show all the copies of dnsmasq are on your system, not just the default run by the current shell’s PATH by priority of that environmental variable.

From me:

Where is the results of renaming /usr/sbin/dnsmasq and using the service script afterward?  I assume the error message would have changed and the mv command would have been in the latest command list.  I still find using the git compiled version of dnsmasq and the package version concurrently installed into system locations as dirty and believe you have a package installed dnsmasq binary on the system.

For the compiled dnsmasq running in your PATH, its complaining about line 12 which you have as “dnssec-check-unsigned=no”.  Referring to dnsmasq.conf.example from the source repository, the option is just set not “=no” or yes.  I also wonder if simply commenting out the offending line would get your manual command line run to work.

Also noteworthy that this config doesn’t appear to be based on the example configuration with comments.  Several lines raise an eyebrow and look like copied and pasted examples from web searching that weren’t updated—particularly the “=path-to/“ entries that I suspect don’t exist in a directory called “path-to”.

I have an automated build setup that takes HEAD of dnsmasq into a fresh ubuntu docker container along with my configuration file.  I do wonder why your --version output doesn’t show the compile time options like mine does.  This would help if you use options that are required to be compiled in.

	dnsmasq --version
	Dnsmasq version UNKNOWN  Copyright (c) 2000-2021 Simon Kelley
	Compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset no-nftset auth no-cryptohash no-DNSSEC loop-detect inotify dumpfile

-Daniel

> On Oct 11, 2021, at 12:58 AM, E <encoding at riseup.net> wrote:
> 
> Now that's what I need. Thanks for another useful reply.
> 
> 
> # vi /usr/local/etc/dnsmasq.conf
> ( No File - I did not use this. I use only /etc/dnsmasq.conf )
> 
> # vi /etc/dnsmasq.conf
> 
> --- --- --- --- ---
> interface=lo
> listen-address=127.0.0.1
> bind-interfaces
> ## AAAAtestver
> server=1.2.3.4#53
> server=1.2.3.4#53
> server=1.2.3.4#53
> server=1.2.3.4#53
> rev-server=1.2.3.4/24,1.2.3.4
> bogus-priv
> cache-size=1337
> dnssec-check-unsigned=no
> dnssec-no-timecheck
> domain-needed
> filterwin2k
> min-cache-ttl=1337
> neg-ttl=1337
> dns-forward-max=1337
> no-poll
> no-resolv
> stop-dns-rebind
> addn-hosts=path-to/path-to.txt
> conf-file=path-to/path-to.conf
> filter-AAAA
> --- --- --- --- ---
> 
> # dnsmasq --version
> Dnsmasq version 2.87test4-1-g37a70d3
> 
> # dnsmasq
> dnsmasq: unsupported option at line 12 of /etc/dnsmasq.conf
> 
> # sed '12!d' /etc/dnsmasq.conf
> dnssec-check-unsigned=no
> 
> # service dnsmasq restart;systemctl status dnsmasq.service
> Job for dnsmasq.service failed because the control process exited with
> error code.
> bad option at line 24 of /etc/dnsmasq.conf
> 
> # sed '24!d' /etc/dnsmasq.conf
> filter-AAAA
> 
> # dpkg --list|grep dnsmasq
> ii  dnsmasq                               2.85-1                        
> all          Small caching DNS proxy and DHCP/TFTP server
> ii  dnsmasq-base                          2.85-1                        
> amd64        Small caching DNS proxy and DHCP/TFTP server
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20211011/075736e7/attachment-0001.htm>

More information about the Dnsmasq-discuss mailing list