OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: "proxy" for dns requests
From: Truman Boyes (trumanresearch.suspicious.org)
Date: Thu Dec 28 2000 - 13:52:20 CST

On Thu, 28 Dec 2000, Olivier Kaloudoff wrote:

> Hi,
>
> on our local lan, we're using pdnsd
> to cache dns requests.
>
> at this time, we need to reconfigure
> clients in order to benefit from this local server.
>
> Is there a way to do "transparent proxy"
> for requests on port 53 to our gateway ?
>
> Here is what I tried, but it didn't work:
>
> /sbin/ipchains -I input -p tcp -d 0/0 53 -j REDIRECT 53
>
> [root ge] ipchains -L | grep domain:
> REDIRECT tcp ------ anywhere anywhere any ->
> domain => domain

yes i have done this before with ipf. at one point i had all my clients
configured to use the firewall and the dns server (which is was running
named internally). when i reinstalled a stripped down copy of OpenBSD that
did not have named, all my clients were going to have to manually be
changed. i decided to redirect all port 53 queries with a destination of
the firewall to my ISPs dns server.

the rules looks like this:

rdr vr0 192.168.10.1/32 port 53 -> 209.236.128.128 port 53 udp
rdr vr0 192.168.10.1/32 port 53 -> 209.236.128.128 port 53 tcp

i am now running internal DNS again, but for the time being it worked. i
think you are going to have to specify your caching dns server as the
destination. good luck!

cheers,
.truman.boyes.

-
[To unsubscribe, send mail to majordomolists.gnac.net with
"unsubscribe firewalls" in the body of the message.]