I have come across a few situations where I have wanted to be able to
add wildcard dns entries to a pfsense box. Dnsmasq does support this
through it's config file, dnsmasq.conf with an entry like this.
address=/proxy.dns.net/192.168.1.1
or on the command line.
-A, --address=/domain/ipaddr Return ipaddr for all hosts in
specified domains.
-A /proxy.dns.net/192.168.1.1
This would return 192.168.1.1 for every request for *.proxy.dns.net.
The reason I would find this useful is so that users behind a pfsense
firewall that are not using reflection can use a dns based rewriting
proxy that is inside the firewall from inside the firewall. See
http://www.usefulutilities.com/support/rewrite.html for a description of
that type of proxy.
The situation in our case is that we use our ISP's dns servers for the
the entries that the world can access, so we have a wildcard dns entry
setup with them, which points to the external address of a pfsense box,
which forwards it to an internal server. The url rewriting works fine
from a remote location, but from inside the firewall dnsmasq passes the
long dns names to the external dns server,
proquest.com.proxy.example.com gets translated to the external ip
address, which doesn't work from inside the firewall.
I think the setup would be very similar to the
/usr/local/www/services_dnsmasq_domainoverride_edit.php setup, since it
could just add a command line argument.
Is this something that would be considered for inclusion?
Thanks
Josh
--
--
Lake Agassiz Regional Library - Moorhead MN larl.org
Josh Stompro | Office 218.233.3757 EXT-139
LARL Network Administrator | Mobile 701.371.3857
