[iodine-users] iodine mangling passthrough DNS queries?
Erik Ekman
yarrick at kryo.se
Mon Mar 2 12:08:10 CET 2015
On Sun, Mar 1, 2015 at 10:37 PM, Rick van Rein <rick at vanrein.org> wrote:
> Hello Erik,
>
>> Recommended way of running together with a 'real' nameserver is to
>> filter based on packet content in the firewall,
>> see this tip: http://dev.kryo.se/iodine/wiki/TipsAndTricks#Runningiodineside-by-sidewithanotherDNSserver
>
> Ah, I missed that page, but since general netfilters appear to be possible, it’s a much better way. Thanks!
>
>>> Am I mistaken, or is my normal DNS traffic incorrectly being mangled here? Or did I goof up anywhere?
>>
>> I don't fully remember how the forwarding thing works, but I can take a look.
>> Please send me a packet capture of all 4 stages of the request (to
>> iodined, to nameserver, from nameserver, from iodined) off-list and I
>> will check.
>
> It sounds like you’d do it specifically for my question, which you solved in a better way. I’m assuming
> you don’t need these traces anymore then — otherwise let me know and I’ll try to reconstruct and chase
> the traces for you.
Since the feature is there, it should work. If you can repeat the
fault and send me logs I will see if I can locate and fix the problem.
/Erik
>
> Cheers,
> -Rick
More information about the iodine-users
mailing list