Bug #4444
closed
Reverse lookup domain overrides and "Do not forward private reverse lookups"
100%
Description
If you enable "Do not forward private reverse lookups" and then have domain override(s) that cover whole chunk(s) of the private IPv4 address space, then those domain override(s) are not effective.
e.g. domain override for 10.in-addr.arpa
This is because the code to implement "Do not forward private reverse lookups" has already effectively blocked off the IPv4 private address space in chunks that exactly match those.
Reported in forum: https://forum.pfsense.org/index.php?topic=88814.0
and I think also previously in forum, but I never got around to looking closely at it.
Make the code that implements "Do not forward private reverse lookups" smarter so it does not do its thing for chunks of IPv4 private address space that have matching reverse lookup domain overrides.
Pull request: https://github.com/pfsense/pfsense/pull/1498
Updated by Renato Botelho over 9 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Merged
Updated by Chris Buechler over 9 years ago
- Category changed from DNS Forwarder to DNS Resolver
- Status changed from Feedback to Resolved
fixed