So it is only kind of working. I’m still seeing the following in the logs now then: Oct 14 20:06:18 dnsmasq[15781]: possible DNS-rebind attack detected: universal-web-internal.production.gannettdigital.com
This is with the following set: rebind-domain-ok=/mcafee.com/amazonmusiclocal.com/gannettdigital.com/ When I specifically try to go to universal-web-internal.production.gannettdigital.com in a web browser though or do DNS lookup, I’m not seeing anything in the logs which is odd. On Monday, October 14, 2019, 7:51 PM, Michael <morac99-dnsm...@yahoo.com> wrote: Someone tried it and they used the following and said it worked. When I tried it, it also worked. I have no idea why that did, but using /gannettdigital.com/ by itself did not. rebind-domain-ok=/mcafee.com/amazonmusiclocal.com/gannettdigital.com/ On Monday, October 14, 2019, 6:05 PM, Michael <morac99-dnsm...@yahoo.com> wrote: Hi Simon, I'm using ASUS Merlin 384.13, which is compiled with dnsmasq 2.80-44-g608aa9f, on my router. I have rebind protection on and want to whitelist "universal-web-internal.production.gannettdigital.com" as for some reason after upgrading to iOS 13 on my iOS devices that domain is getting hit very often. I added the following to the dnsmasq.conf file, but the domain is still being logged:rebind-domain-ok=/universal-web-internal.production.gannettdigital.com/I also tried:rebind-domain-ok=/.gannettdigital.com/That white lists "production.gannettdigital.com" (which also has a private ip address), but not "universal-web-internal.production.gannettdigital.com".As such, this appears to be a bug. I'm not sure if dnsmasq doesn't like the dashes or the fact that there are 4 parts to the domain. Any idea why this isn't working? Thanks,Michael
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
