Re: [Dnsmasq-discuss] Debugging dnsmasq on Ubuntu

2017-03-30 Thread Joel Whitehouse 



I had tried dbus-monitor but message sniffing was disabled on my system 
and it gave me no useful information.


I also considered tcpdump/wireshark to watch for outbound traffic on 
port 53 but I also wanted to know when queries were being resolved from 
cache, not just when they were resolved through external dns servers.


Syslog was exactly what I needed.

Thanks Pali!

-Joel

On 03/29/2017 10:11 AM, Pali Rohár wrote:

On Wednesday 29 March 2017 09:43:33 Joel Whitehouse wrote:

Both the file /var/run/NetworkManager/dnsmasq.conf and the directory
/etc/NetworkManager/dnsmasq.d/ are empty, so it's likely that dnsmasq is
receiving its resovlers from Network Manager over the dbus interface.


Right.


Is there any way to get dnsmasq to log when it issues a new query to a
resolver?


I have all information in syslog.

dhclient: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 21
dhclient: DHCPREQUEST of X.X.X.X on wlan0 to 255.255.255.255 port 67
dhclient: DHCPOFFER of X.X.X.X from X.X.X.X
dhclient: DHCPACK of X.X.X.X from X.X.X.X
dhclient: bound to X.X.X.X -- renewal in X seconds.
NetworkManager[1977]:  (wlan0): DHCPv4 state changed preinit -> bound
NetworkManager[1977]:address X.X.X.X
NetworkManager[1977]:prefix X (X.X.X.X)
NetworkManager[1977]:gateway X.X.X.X
NetworkManager[1977]:nameserver 'X.X.X.X'
NetworkManager[1977]:domain name 'X'
NetworkManager[1977]:  Activation (wlan0) Stage 5 of 5 (IPv4 Configure 
Commit) scheduled...
NetworkManager[1977]:  Activation (wlan0) Stage 5 of 5 (IPv4 Commit) 
started...
NetworkManager[1977]:  (wlan0): writing resolv.conf to /sbin/resolvconf
dnsmasq[4160]: setting upstream servers from DBus
dnsmasq[4160]: using nameserver X.X.X.X#53

So when NetworkManager via dbus reconfigure list of nameservers then
dnsmasq logs them into syslog.




___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Debugging dnsmasq on Ubuntu

2017-03-29 Thread Risto Suominen 
Hi Joel,

2017-03-29 17:43 UTC+03.00, Joel Whitehouse :
>
> Is there any way to get dnsmasq to log when it issues a new query to a 
> resolver?
>
You can run tcpdump on upstream interface and port 53.

Risto

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Debugging dnsmasq on Ubuntu

2017-03-29 Thread Chris Green 
On Wed, Mar 29, 2017 at 09:43:33AM -0500, Joel Whitehouse wrote:
> I'm running ubuntu 14, which uses dnsmasq as a local resolver on 127.0.1.1.
> When I issue a dig query, dig informs me it's using 127.0.1.1 as its
> resolver:
> 
> ;; Query time: 3 msec
> ;; SERVER: 127.0.1.1#53(127.0.1.1)
> ;; WHEN: Wed Mar 29 09:36:06 CDT 2017
> ;; MSG SIZE  rcvd: 63
> 
> 
> However, I would like to know what host dnsmasq is using as its resolver.
> On my system, `ps ax' shows that dnsmasq is started with the command:
> 
> /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts
> --bind-interfaces
> --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid
> --listen-address=127.0.1.1 --conf-file=/var/run/NetworkManager/dnsmasq.conf
> --cache-size=0 --proxy-dnssec
> --enable-dbus=org.freedesktop.NetworkManager.dnsmasq
> –conf-dir=/etc/NetworkManager/dnsmasq.d
> 
> 
> Both the file /var/run/NetworkManager/dnsmasq.conf and the directory
> /etc/NetworkManager/dnsmasq.d/ are empty, so it's likely that dnsmasq is
> receiving its resovlers from Network Manager over the dbus interface.
> 
> 
> Is there any way to get dnsmasq to log when it issues a new query to a
> resolver?
> 
This is basically the same question that I asked a few weeks ago, the
answer was to look in syslog for dnsmasq messages.  You should be able
to find messages like:-

syslog.1:Mar 28 09:08:53 t430 dnsmasq[1501]: setting upstream servers from 
DBus
syslog.1:Mar 28 09:08:53 t430 dnsmasq[1501]: using nameserver 
192.168.1.2#53(via wlan0)
 
(On my LAN there's a Raspberry Pi at 192.168.1.2 running dnsmasq for
local name resolution)

What I see on the Raspberry Pi at startup is:-

Mar 29 16:48:35 pi dnsmasq[2086]: using local addresses only for domain 
zbmc.eu
Mar 29 16:48:35 pi dnsmasq[2086]: reading /etc/resolv.conf
Mar 29 16:48:35 pi dnsmasq[2086]: using nameserver 208.67.220.220#53
Mar 29 16:48:35 pi dnsmasq[2086]: using nameserver 216.146.36.36#53
Mar 29 16:48:35 pi dnsmasq[2086]: using nameserver 212.159.13.49#53

However I think in your case you should be looking for the 'setting
upstream servers' message.

-- 
Chris Green

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Debugging dnsmasq on Ubuntu

2017-03-29 Thread Pali Rohár 
On Wednesday 29 March 2017 09:43:33 Joel Whitehouse wrote:
> Both the file /var/run/NetworkManager/dnsmasq.conf and the directory
> /etc/NetworkManager/dnsmasq.d/ are empty, so it's likely that dnsmasq is
> receiving its resovlers from Network Manager over the dbus interface.

Right.

> Is there any way to get dnsmasq to log when it issues a new query to a
> resolver?

I have all information in syslog.

dhclient: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 21
dhclient: DHCPREQUEST of X.X.X.X on wlan0 to 255.255.255.255 port 67
dhclient: DHCPOFFER of X.X.X.X from X.X.X.X
dhclient: DHCPACK of X.X.X.X from X.X.X.X
dhclient: bound to X.X.X.X -- renewal in X seconds.
NetworkManager[1977]:  (wlan0): DHCPv4 state changed preinit -> bound
NetworkManager[1977]:address X.X.X.X
NetworkManager[1977]:prefix X (X.X.X.X)
NetworkManager[1977]:gateway X.X.X.X
NetworkManager[1977]:nameserver 'X.X.X.X'
NetworkManager[1977]:domain name 'X'
NetworkManager[1977]:  Activation (wlan0) Stage 5 of 5 (IPv4 Configure 
Commit) scheduled...
NetworkManager[1977]:  Activation (wlan0) Stage 5 of 5 (IPv4 Commit) 
started...
NetworkManager[1977]:  (wlan0): writing resolv.conf to /sbin/resolvconf
dnsmasq[4160]: setting upstream servers from DBus
dnsmasq[4160]: using nameserver X.X.X.X#53

So when NetworkManager via dbus reconfigure list of nameservers then
dnsmasq logs them into syslog.

-- 
Pali Rohár
pali.ro...@gmail.com

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Debugging dnsmasq on Ubuntu

2017-03-29 Thread Albert ARIBAUD 
Hi Joel,

Le Wed, 29 Mar 2017 09:43:33 -0500
Joel Whitehouse  a écrit:

> I'm running ubuntu 14, which uses dnsmasq as a local resolver on 
> 127.0.1.1.  When I issue a dig query, dig informs me it's using 
> 127.0.1.1 as its resolver:
> 
> ;; Query time: 3 msec
> ;; SERVER: 127.0.1.1#53(127.0.1.1)
> ;; WHEN: Wed Mar 29 09:36:06 CDT 2017
> ;; MSG SIZE  rcvd: 63
> 
> 
> However, I would like to know what host dnsmasq is using as its 
> resolver.  On my system, `ps ax' shows that dnsmasq is started with
> the command:
> 
> /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts 
> --bind-interfaces 
> --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid 
> --listen-address=127.0.1.1 
> --conf-file=/var/run/NetworkManager/dnsmasq.conf --cache-size=0 
> --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq 
> –conf-dir=/etc/NetworkManager/dnsmasq.d
> 
> 
> Both the file /var/run/NetworkManager/dnsmasq.conf and the directory 
> /etc/NetworkManager/dnsmasq.d/ are empty, so it's likely that dnsmasq
> is receiving its resovlers from Network Manager over the dbus
> interface.
> 
> 
> Is there any way to get dnsmasq to log when it issues a new query to
> a resolver?

You can spy on DBus -- I think that's what Network Manager uses to
configure dnsmasq on the fly.

> -Joel

Amicalement,
-- 
Albert.

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Debugging dnsmasq on Ubuntu

2017-03-29 Thread Beniamino Galvani 
On Wed, Mar 29, 2017 at 09:43:33AM -0500, Joel Whitehouse wrote:
> I'm running ubuntu 14, which uses dnsmasq as a local resolver on 127.0.1.1.
> When I issue a dig query, dig informs me it's using 127.0.1.1 as its
> resolver:
> 
> ;; Query time: 3 msec
> ;; SERVER: 127.0.1.1#53(127.0.1.1)
> ;; WHEN: Wed Mar 29 09:36:06 CDT 2017
> ;; MSG SIZE  rcvd: 63
> 
> 
> However, I would like to know what host dnsmasq is using as its resolver.
> On my system, `ps ax' shows that dnsmasq is started with the command:
> 
> /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts
> --bind-interfaces
> --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid
> --listen-address=127.0.1.1 --conf-file=/var/run/NetworkManager/dnsmasq.conf
> --cache-size=0 --proxy-dnssec
> --enable-dbus=org.freedesktop.NetworkManager.dnsmasq
> –conf-dir=/etc/NetworkManager/dnsmasq.d
> 
> 
> Both the file /var/run/NetworkManager/dnsmasq.conf and the directory
> /etc/NetworkManager/dnsmasq.d/ are empty, so it's likely that dnsmasq is
> receiving its resovlers from Network Manager over the dbus interface.

Correct. You should find in system logs the list of name servers pushed
by NM to dnsmasq through D-Bus:

 dnsmasq[6620]: setting upstream servers from DBus
 dnsmasq[6620]: using nameserver 192.168.10.1#53(via ens3)

With NM > 1.6 name servers in use are also printed in the 'nmcli'
output.

> Is there any way to get dnsmasq to log when it issues a new query to a
> resolver?

Try:

 echo log-queries > /etc/NetworkManager/dnsmasq.d/log-queries

and restart NetworkManager.

Beniamino


signature.asc
Description: PGP signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Debugging dnsmasq on Ubuntu

2017-03-29 Thread Joel Whitehouse 
I'm running ubuntu 14, which uses dnsmasq as a local resolver on 
127.0.1.1.  When I issue a dig query, dig informs me it's using 
127.0.1.1 as its resolver:


;; Query time: 3 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Wed Mar 29 09:36:06 CDT 2017
;; MSG SIZE  rcvd: 63


However, I would like to know what host dnsmasq is using as its 
resolver.  On my system, `ps ax' shows that dnsmasq is started with the 
command:


/usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts 
--bind-interfaces 
--pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid 
--listen-address=127.0.1.1 
--conf-file=/var/run/NetworkManager/dnsmasq.conf --cache-size=0 
--proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq 
–conf-dir=/etc/NetworkManager/dnsmasq.d



Both the file /var/run/NetworkManager/dnsmasq.conf and the directory 
/etc/NetworkManager/dnsmasq.d/ are empty, so it's likely that dnsmasq is 
receiving its resovlers from Network Manager over the dbus interface.



Is there any way to get dnsmasq to log when it issues a new query to a 
resolver?


-Joel

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss