Peter,
From the resolv.conf man page:
http://www.openbsd.org/cgi-bin/man.cgi?query=resolv.confsektion=5
The domain and search keywords are mutually exclusive. If more than one
instance of these keywords is present, the last instance will
override.
I believe what is happening is the search keyword is sticking
centroid.euto probably everything. This isn't a issue with the code,
its a
miss-configuration.
Of course I could be horribly wrong and someone might come over and kick my
dog to teach me a lesson
~Jeff
On Tue, Dec 24, 2013 at 9:33 AM, Peter J. Philipp p...@centroid.eu wrote:
On Tue, Dec 24, 2013 at 10:25:06AM -0500, Kenneth R Westerback wrote:
On Mon, Dec 23, 2013 at 02:37:47PM +0100, Peter J. Philipp wrote:
I'm trying to track down the code in the libasr that causes this
behaviour:
Whenever I go to a IPv4 site and IPv6 query is made for domain+mydomain
like a search. So with logging turned on, on my nameserver I get this:
pjp@americas$ grep canoe.ca.centroid.eu /var/log/all
Dec 20 17:00:37 americas wildcarddnsd[29850]: request on descriptor 17
interface em0 from 212.114.242.132 (ttl=54, region=255) for
chealth.canoe.ca.centroid.eu. type=(28) class=1, answering
NXDOMAIN
The problem is that my nameservers are in china and latin america and
I'M sorta worried about these leaks. This particular log came from my
nameserver in panama and the packet passes miami.
I'm not clear on what the leak you are worried about is.
Ken
Hi Ken, Merry Christmas!
I was browsing http://chealth.canoe.ca when I saw the above log. I'm
supposing
the resolver looks up chealth.canoe.ca, and then eventually does a lookup
for
chealth.canoe.ca.centroid.eu. centroid.eu is the domain I configured in
resolv.conf by means of DHCP.
I'm wondering why it does that though? Someone in the US, like the NSA,
can
then sit back and see my browsing habits, which I call a leak. I'm hoping
on
finding the knob that turns this off. The leak wouldn't happen if my
centroid.eu nameservers were just in .de but then you can just replace NSA
with BND the german intelligence sniffers (s/NSA/BND).
I'd really just rather replace the function that allows
chealth.canoe.ca.centroid.eu lookup to exit my DSL as all that should
exit is
a lookup for just chealth.canoe.ca, which takes a different lookup path
in the
Internet.
Regards,
-peter
My resolv.conf file looks like this on the workstation here in germany:
jupiter$ more /etc/resolv.conf
# Generated by re0 dhclient
search centroid.eu
nameserver 192.168.34.1
domain centroid.eu
lookup file bind
family inet6 inet4
The leak only happens with queries, like said. Any hints on
tracking this down and squelching it?
Regards,
-peter