Dnsmasq no longer working

maverik1

I have run into an issues where dnsmasq has apparently stopped working properly. I haven't made any changes to my pfsense box in months. In the advanced section under dns forwarder I have setup some redirects to google's safe search. For example:

address=/aol.com/216.239.38.120
address=/ask.com/216.239.38.120
address=/webcrawler.com/216.239.38.120
address=/bing.com/216.239.38.120

It worked fine up until a few days ago. Again, nothing has changed on the box. I have restarted the machine several times. dnsmasq service is running fine. However, when I browse to aol.com or one of the above urls I get a 404 Not Found error.  However, if I change the urls above to redirect to 157.166.226.26 (CNN), it works fine.  Moreover, the following work without any issues:

address=/google.es/216.239.38.120
address=/google.ca/216.239.38.120
address=/google.com/216.239.38.120

Also, if I take a look at Squid Proxy Server -> RealTime I can see this:

Date         IP              Status                        Address                  Destination   
31.01.2016 15:25:47 10.0.0.51        TCP_MISS/404  http://bing.com/    216.239.38.120

So I know the google safesearch ip isn't being blocked.

So why is the redirect from non-google domains not working?

johnpoz

if you are resolving it to the correct IP, then dnsmasq is working..

Simple query with nslookup or dig from your client would tell you that.  All dnsmasq does it serv up the IP to a query, the server where you end up is what either serves up a page or sends you a 404..

maverik1

@johnpoz:

if you are resolving it to the correct IP, then dnsmasq is working..

Simple query with nslookup or dig from your client would tell you that.  All dnsmasq does it serv up the IP to a query, the server where you end up is what either serves up a page or sends you a 404..

I understand how it works, but fail to see why it just stopped working as of a few days ago.  This is the output of nslookup.

C:\Users\Cameron>nslookup aol.com
Server:  admin.syndicate.com
Address:  10.0.0.1

Name:    aol.com
Address:  216.239.38.120

C:\Users\Cameron>nslookup excite.com
Server:  admin.syndicate.com
Address:  10.0.0.1

Name:    excite.com
Address:  216.239.38.120

C:\Users\Cameron>nslookup google.ca
Server:  admin.syndicate.com
Address:  10.0.0.1

Name:    google.ca
Address:  216.239.38.120

If I enter 216.239.38.120 into the address bar I am taken to Google. As mentioned above, the only time it works is if its a google domain.

address=/aol.com/216.239.38.120                Doesn't work
address=/ask.com/216.239.38.120                Doesn't work
address=/webcrawler.com/216.239.38.120    Doesn't work
address=/bing.com/216.239.38.120                Doesn't work

address=/google.es/216.239.38.120                WORKS
address=/google.ca/216.239.38.120                WORKS
address=/google.com/216.239.38.120            WORKS

Can anyone offer any suggestions?

johnpoz

well your browser is sending the host headers for what your wanting to go to that IP.. If that IP doesn't like the host header, then sure it would most likely send you a 404 for what your trying to look up.

You can't just change an IP that is looked up for a site to something else and expect it to work – depends on how the other site serves up the page.  If your saying it use to work, I would take that they changed something on their end.  As you can see from your query dnsmasq is serving up what you setup..