On 24/09/15 17:54, Steven Barth wrote: > Okay, we can do this, however we need to figure 3 things out first. > > 1. Disable boguspriv, doing both is unintuitive. ok, so extra lines for .10, 16-32.172, 168.192 - an extra 18 lines in total. And an update to luci to remove the bogus priv tick box? > 2. Make sure it doesn't broke reverse resolving locally known hosts, > i.e. those in the hostfiles and those that have a DHCP lease. It doesn't. nslookups for my local boxes on 192.168.n.x configured either as known hosts or as dhcp leases work fine. I'd like to think I would have noticed if it didn't. > 3. Make sure that doesn't break applications that sub-delegate some of > those addresses (i.e. I have an application that delegates certain > private reverse zones to another server/router in the lan), it does > this by placing similar entries into /tmp/dnsmasq.d/ for the > respective zones. May I suggest that is a 'special use' case and requires sensible, extra configuration just like many other uses. I'm suggesting an Internet friendly default, admittedly one that requires extra effort to disable if a use case requires.
Kevin
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
