Running dnsmasq in docker currently requires explicitly granting the
NET_ADMIN capability for the container, or dnsmasq fails to start if
configured to drop root.
The failure is due to a capset() call that includes NET_ADMIN when dnsmasq
attempts to keep capabilities before dropping root. If the c
Hi,
I've read through the manual page several times, and read around online a
fair amount, and I'm struggling to find an answer to this.
I am using DNSMasq for just IPv6 IP allocation. I am using the following
config:
domain-needed
bogus-priv
no-resolv
filterwin2k
expand-hosts
domain=localnet
lo
Hi All,
I have the following DNS topology (In my Openstack deployment):
VM --> DNSMASQ --> external DNS server
domain name= shiftstack.com, and Dnsmasq 2.76 is used at this Openstack
deployment.
I run the following test:
1. Define CNAME record at external DNS server
ostest-etcd-5.shiftstack.com.
Hi Simon,
Thanks for the reply. Attached is the pcap file that contains malformed packet.
Extra byte is added to client MAC address to make it malformed.
This behavior was tested using a tool called Defensics generally used to find
security vulnerability.
Regards,
Sree
-Original Message-
I run the same test with Dnsmasq 2.80 (2.80-32-g28cfe36) - and got the
similiar results.
10.0.2.200 is the VM's IP address
10.46.4.43 - is the IP address of the external DNS server
The dnsmasq log as response to ' dig +noedns ostest-etcd-5.shiftstack.com.
A'
Jan 20 12:54:37 dnsmasq[711308]: que
It's a known limitation. The actual limitation is that a CNAME and it's
target must both either originate from an upstream server, or both
originate from the dnsmasq local configuration. Mixing sources (ie CNAME
from upstream and target from dnsmasq, or vice-versa) is not allowed.
The commonest s