View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002167 | GNUnet | DNS service | public | 2012-02-23 00:13 | 2012-03-02 20:34 |
| Reporter | schanzen | Assigned To | schanzen | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Platform | Intel 32/64bit | OS | Fedora Linux | ||
| Summary | 0002167: DNS hijacking not working on fedora 15/16 | ||||
| Description | For some reason dns responses are not forwarded to the application that sent the request (nslookup etc). I can observe the correct packets in wireshark on the dns device but they get discarded. ip forwarding is enabled. Tried with kernel 2.6 (F15) and 3.2 (F16) | ||||
| Tags | No tags attached. | ||||
|
|
Just tested the code on Fedora 15 inside a qemu-VM and it did work there fine. |
|
|
We determined that the problem was having the "normal" user in the "gnunetdns" group, which is not supposed to ever be the case (as our firewall rules filter by that group ID). |
|
|
Unfortunately it still doesn't work after some more thorough testing. I think the dns service was not initialized yet when I thought it was. Packets still visible in wireshark... not forwarded to the app. I tried iodine as well again and it works just fine which leads me to believe that it is not hardware or routing related but a gnunet setup/permissions problem. |
|
|
Modern paranoid OSes set reverse path filtering. Unset for profit: echo 0 > /proc/sys/net/ipv4/conf/gnunet-dns/rp_filter closing |
|
|
Modern paranoid OSes set reverse path filtering. Unset for profit: echo 0 > /proc/sys/net/ipv4/conf/gnunet-dns/rp_filter closing |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2012-02-23 00:13 | schanzen | New Issue | |
| 2012-02-23 00:13 | schanzen | Status | new => assigned |
| 2012-02-23 00:13 | schanzen | Assigned To | => Christian Grothoff |
| 2012-02-23 20:27 | Christian Grothoff | Note Added: 0005498 | |
| 2012-02-24 15:02 | Christian Grothoff | Assigned To | Christian Grothoff => schanzen |
| 2012-02-25 02:26 | Christian Grothoff | Note Added: 0005509 | |
| 2012-02-25 02:26 | Christian Grothoff | Status | assigned => closed |
| 2012-02-25 02:26 | Christian Grothoff | Target Version | Git master => |
| 2012-02-25 02:26 | Christian Grothoff | Resolution | open => no change required |
| 2012-02-25 09:22 | schanzen | Note Added: 0005516 | |
| 2012-02-25 09:22 | schanzen | Status | closed => feedback |
| 2012-02-25 09:22 | schanzen | Resolution | no change required => reopened |
| 2012-02-26 21:50 | Christian Grothoff | Severity | major => minor |
| 2012-03-01 22:57 | schanzen | Note Added: 0005552 | |
| 2012-03-01 22:57 | schanzen | Status | feedback => assigned |
| 2012-03-01 22:57 | schanzen | Status | assigned => feedback |
| 2012-03-01 22:57 | schanzen | Resolution | reopened => fixed |
| 2012-03-01 22:58 | schanzen | Note Added: 0005553 | |
| 2012-03-01 22:58 | schanzen | Status | feedback => assigned |
| 2012-03-01 22:58 | schanzen | Status | assigned => resolved |
| 2012-03-02 20:34 | Christian Grothoff | Status | resolved => closed |
