Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#4160 - Leaking host IP addresses to unrelated dnsmasq instances #9145

Open
openwrt-bot opened this issue Nov 27, 2021 · 1 comment
Open
Labels

Comments

@openwrt-bot
Copy link

sanchosk:

Supply the following if possible:

  • Device problem occurs on
    All openWRT devices with version 20+. Tested on raspberry pi, x86_64 and xiaomi mi aiot router

  • Software versions of OpenWrt/LEDE release, packages, etc.
    Multiple, including snapshot r18191-b92a9f607b

  • Steps to reproduce

  1. Create multiple dnsmasq instances by creating 'main' and 'guest' configs in /etc/config/dhcp
  2. in the 'main' instance, create static host, set the option 'dns' to '1' and the option 'instance' to 'main'
  3. restart the dnsmasq
  4. both dnsmasq instances will run, but they will include configuration option "addn-hosts /tmp/hosts"
  5. the file /tmp/hosts/dhcp.guest will have no static records, the /tmp/hosts/dhcp.main will have the record from step 2
  6. connect to the guest network, try to resolve the record from step 2 (e.g. server.mainlan)

Problem: the resolver will work as the addn-hosts folder is shared with both instances. This "leaks" the dns responses to the guest lan from the main lan and vice-versa, despite this is not wanted.
I created a pull request with dirty workaround - changed the HOSTFILE variable in a way that it will create a separate directory (/tmp/hosts/dhcp/main/main and /tmp/hosts/dhcp/guest/guest), working around the problem - no more shared folders.

@openwrt-bot
Copy link
Author

sanchosk:

This is the pull request
#4798

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant