Actions
Bug #12460
closed
Unbound falls back to using all outgoing network interfaces if manually selected outgoing interface(s) are unavailable
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
22.01
Release Notes:
Default
Affected Version:
2.5.2
Affected Architecture:
Description
How to reproduce:
1) Configure OpenVPN client and assign OpenVPN interface
2) Select OpenVPN interface in `Outgoing Network Interfaces`
3) Now if OpenVPN client is disconnected, DNS Resolver creates unbound.conf without outgoing-interface: entries, i.e. outgoing interfaces = All
4) This can lead to a DNS leak
Possible solution:
- Disable forwarding and recursion ( local-zone: "." refuse ) in such case
Updated by Viktor Gurov about 3 years ago
Updated by Jim Pingle about 3 years ago
- Status changed from New to Pull Request Review
- Assignee set to Viktor Gurov
- Target version set to 2.6.0
- Plus Target Version set to 22.01
Updated by Jim Pingle about 3 years ago
- Subject changed from unbound fallback to `All` outgoing network Interface if outgoing interfaces are not found to Unbound falls back to using all outgoing network interfaces if manually selected outgoing interface(s) are unavailable
Updated by Jim Pingle almost 3 years ago
- Status changed from Pull Request Review to Feedback
New MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/544
Merged.
Updated by Jim Pingle almost 3 years ago
- % Done changed from 0 to 100
Applied in changeset 283f9e8cbe7274db84aeb31e0c6166608c2ff087.
Updated by Jim Pingle almost 3 years ago
- Status changed from Feedback to Resolved
Actions