Bug #2540
Table entries added by filterdns can clobber overlapping hardcoded entries during DNS changes
| Status: | Resolved | Start date: | 07/05/2012 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% |
|
| Category: | Rules/NAT | |||
| Target version: | 2.1 | |||
| Affected version: | Affected Architecture: |
Description
If filterdns resolves a record to an IP that exists in a table, and then later switches away, the hardcoded IP will be lost.
A practical example, have an alias with this:
1.2.3.4
myhost.dyndns.org
Initially, myhost.dyndns.org would resolve to something else, say 5.6.7.8. The table now contains:
1.2.3.4
5.6.7.8
Then the myhost.dyndns.org user visits the site with 1.2.3.4, which filterdns picks up. The table now contains:
1.2.3.4
The myhost.dyndns.org user leaves again, and myhost.dyndns.org resolves to 5.6.7.8. The table now contains:
5.6.7.8
The original hardcoded 1.2.3.4 is lost because filterdns removed it during the last switch.
Associated revisions
Resolves #2540. Fetch addresses present in a table when starting to avoid removing entries not configured from us
History
#1
Updated by Ermal Luçi 4 months ago
- Status changed from New to Feedback
#2
Updated by Ermal Luçi 4 months ago
- % Done changed from 0 to 100
Applied in changeset pfsense-tools:6f436e9ddf46e64e9b6d87d587a63242b4063d0d.
#3
Updated by Chris Buechler 14 days ago
- Status changed from Feedback to Resolved
confirmed fixed. and the other filterdns issues we've been discussing the last few days are fixed too now Ermal.