Discussion:
[Dnsmasq-discuss] disabling reverse dns lookup in dnsmasq
green krypton
2016-02-17 12:57:31 UTC
Permalink
sorry i mean recursive lookups :)
Hi is there any way i can stop dnsmasq from doing reverse dns lookups. I
am trying not to use a firewall instead block at application layer.Can any
one help me with that?
using dnsmasq-2.68-5
Albert ARIBAUD
2016-02-17 14:55:03 UTC
Permalink
Hi,

Le Wed, 17 Feb 2016 18:27:31 +0530
Post by green krypton
sorry i mean recursive lookups :)
On Wed, Feb 17, 2016 at 6:25 PM, green krypton
Hi is there any way i can stop dnsmasq from doing reverse dns
lookups. I am trying not to use a firewall instead block at
application layer.Can any one help me with that?
using dnsmasq-2.68-5
Can you give a detailed description of the behavior you would like to
prevent in terms of client queries, dnsmaq upstream queries, upstream
answsers to dnsmasq and dnsmasq answers to the client?

Amicalement,
--
Albert.
Simon Kelley
2016-02-17 16:27:47 UTC
Permalink
You mean you don't want dnsmasq to forward any DNS queries and only
answer stuff locally? Just don't configure any upstream servers, and use
--no-resolv to stop dnsmasq find upstream servers in /etc/resolv.conf.

cheers,

Simon
Post by green krypton
sorry i mean recursive lookups :)
Hi is there any way i can stop dnsmasq from doing reverse dns lookups. I
am trying not to use a firewall instead block at application layer.Can any
one help me with that?
using dnsmasq-2.68-5
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Guy Wijnants
2016-02-17 20:12:29 UTC
Permalink
Hi Simon,

Is there a way to enable reverse lookup for a certain type of network in dnsmasq? Like requests comming from 192.168.0.0/24 and disable reverse lookup for the rest?

Best Regards,

Guy
Post by Simon Kelley
You mean you don't want dnsmasq to forward any DNS queries and only
answer stuff locally? Just don't configure any upstream servers, and use
--no-resolv to stop dnsmasq find upstream servers in /etc/resolv.conf.
cheers,
Simon
Post by green krypton
sorry i mean recursive lookups :)
Hi is there any way i can stop dnsmasq from doing reverse dns lookups. I
am trying not to use a firewall instead block at application layer.Can any
one help me with that?
using dnsmasq-2.68-5
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
/dev/rob0
2016-02-17 21:41:42 UTC
Permalink
Post by Guy Wijnants
Is there a way to enable reverse lookup for a certain type of
network in dnsmasq? Like requests comming from 192.168.0.0/24 and
and disable reverse lookup for the rest?
$Subject notwithstanding, note that the OP in this thread was not
really asking about REVERSE lookup; it was about disabling RECURSIVE
queries.

Nevertheless we can't gripe at you for thread hijacking when your
question actually brings the thread in line with its Subject. :)

I can't speak authoritatively (pardon the pun) on this, but I am
pretty sure you'd need a feature like BIND's view feature for this;
dnsmasq is about simple configuration and commonly-used features.
Most sites don't need views (and many who do set up views have
overcomplicated things. ;) )

In BIND you'd have one view which is authoritative for all of the
in-addr.arpa zone:

...
view "no-reverse" {
match-clients { 192.168.0.0/24; };
...
zone "in-addr.arpa" IN {
type master;
file "in-addr.arpa";
};
};
view "default" {
match-clients { "any"; };
...
};
...

...where the "in-addr.arpa" zone file has only SOA and NS with no
other records such as PTR.
--
http://rob0.nodns4.us/
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Simon Kelley
2016-02-18 17:06:52 UTC
Permalink
--server=/0.168.192.in-addr.arpa/#
--server=/in-addr.arpa/


should do it. It would make more sense to use --rev-server, but that
doesn't support empty server-ip or '#' to specify the standard server.


Cheers,

Simon.
Post by Guy Wijnants
Hi Simon,
Is there a way to enable reverse lookup for a certain type of network in dnsmasq? Like requests comming from 192.168.0.0/24 and disable reverse lookup for the rest?
Best Regards,
Guy
Post by Simon Kelley
You mean you don't want dnsmasq to forward any DNS queries and only
answer stuff locally? Just don't configure any upstream servers, and use
--no-resolv to stop dnsmasq find upstream servers in /etc/resolv.conf.
cheers,
Simon
Post by green krypton
sorry i mean recursive lookups :)
Hi is there any way i can stop dnsmasq from doing reverse dns lookups. I
am trying not to use a firewall instead block at application layer.Can any
one help me with that?
using dnsmasq-2.68-5
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Loading...