Re: [pfSense-discussion] dnsmasq config file support
On 10/18/06, Josh Stompro <[EMAIL PROTECTED]> wrote: I have come across a few situations where I have wanted to be able to add wildcard dns entries to a pfsense box. Dnsmasq does support this through it's config file, dnsmasq.conf with an entry like this. address=/proxy.dns.net/192.168.1.1 or on the command line. -A, --address=/domain/ipaddrReturn ipaddr for all hosts in specified domains. -A /proxy.dns.net/192.168.1.1 This would return 192.168.1.1 for every request for *.proxy.dns.net. The reason I would find this useful is so that users behind a pfsense firewall that are not using reflection can use a dns based rewriting proxy that is inside the firewall from inside the firewall. See http://www.usefulutilities.com/support/rewrite.html for a description of that type of proxy. The situation in our case is that we use our ISP's dns servers for the the entries that the world can access, so we have a wildcard dns entry setup with them, which points to the external address of a pfsense box, which forwards it to an internal server. The url rewriting works fine from a remote location, but from inside the firewall dnsmasq passes the long dns names to the external dns server, proquest.com.proxy.example.com gets translated to the external ip address, which doesn't work from inside the firewall. I think the setup would be very similar to the /usr/local/www/services_dnsmasq_domainoverride_edit.php setup, since it could just add a command line argument. Is this something that would be considered for inclusion? Thanks Absolutely. If you want to provide diff -rub format patches, we will commit. Scott
[pfSense-discussion] dnsmasq config file support
I have come across a few situations where I have wanted to be able to add wildcard dns entries to a pfsense box. Dnsmasq does support this through it's config file, dnsmasq.conf with an entry like this. address=/proxy.dns.net/192.168.1.1 or on the command line. -A, --address=/domain/ipaddrReturn ipaddr for all hosts in specified domains. -A /proxy.dns.net/192.168.1.1 This would return 192.168.1.1 for every request for *.proxy.dns.net. The reason I would find this useful is so that users behind a pfsense firewall that are not using reflection can use a dns based rewriting proxy that is inside the firewall from inside the firewall. See http://www.usefulutilities.com/support/rewrite.html for a description of that type of proxy. The situation in our case is that we use our ISP's dns servers for the the entries that the world can access, so we have a wildcard dns entry setup with them, which points to the external address of a pfsense box, which forwards it to an internal server. The url rewriting works fine from a remote location, but from inside the firewall dnsmasq passes the long dns names to the external dns server, proquest.com.proxy.example.com gets translated to the external ip address, which doesn't work from inside the firewall. I think the setup would be very similar to the /usr/local/www/services_dnsmasq_domainoverride_edit.php setup, since it could just add a command line argument. Is this something that would be considered for inclusion? Thanks Josh -- -- Lake Agassiz Regional Library - Moorhead MN larl.org Josh Stompro | Office 218.233.3757 EXT-139 LARL Network Administrator | Mobile 701.371.3857
[pfSense-discussion] dnsmasq?
I really like the feature where it serves up the DHCP names of clients via DNS. Unfortunately, it doesn't apply to traffic sourced from the firewall, so if I have a client named 'foo' which gets a lease via DHCP, from that client (or anyone else on LAN), pinging 'foo' does what I want, but sadly, pinging 'foo' from the firewall itself gets an error due to the name not resolving. Any way around this?
[pfSense-discussion] DNSMasq
It there awy way to make use DNSMasq while I am replacing my DNS server? For that matter, is there an easy way to install bind on pfsense... -- When It Absolutely, Positively has to be Destroyed Overnight!!! 1-(800) MARINES ___ Kim C. Callis [EMAIL PROTECTED]