Blocking certain websites
-
Yeah I would expect it to be more noticeable but....
-
@johnpoz
Here is my output:; <<>> DiG 9.12.2-P1 <<>> www.mychartlink.com +trace
;; global options: +cmd
. 4102 IN NS m.root-servers.net.
. 4102 IN NS b.root-servers.net.
. 4102 IN NS c.root-servers.net.
. 4102 IN NS d.root-servers.net.
. 4102 IN NS e.root-servers.net.
. 4102 IN NS f.root-servers.net.
. 4102 IN NS g.root-servers.net.
. 4102 IN NS h.root-servers.net.
. 4102 IN NS i.root-servers.net.
. 4102 IN NS a.root-servers.net.
. 4102 IN NS j.root-servers.net.
. 4102 IN NS k.root-servers.net.
. 4102 IN NS l.root-servers.net.
. 4102 IN RRSIG NS 8 0 518400 20190722170000 20190709160000 59944 . OxXTW2mBG0xBne1JCQ20D1tO/REVC1b44bW9h158UdoG+L2I5SH/+abe N3wkDxQuzaSeHDW3Xjzk6seAd1zOW8L5x80HL+Uy38W5MCfC6oSz5xK2 Wbu/mWh6GjC8cUjE91ktkxnTEb/sLUgSDGTSvPJfZzVBAfdZXRd7j54u b/EQuEE9X7h5vBmBWdGMK2aPEtAh7dQbf3ZatsIYQ/DiXKIvctwUS0QW 25ygWiDrFScnJDV04ug3EBo1xZGkBr/EbyQV2X3LUs3LuDht/yWpr388 Rk/ukKC93E4E4qfieFcvSQ4cq1UZKlfEqhNRrTIkwhblzxKfhEWmQDwl 0gEIJw==
;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 mscom. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20190723210000 20190710200000 59944 . aNKg8AniSo8Ol2TuO1+wmnOHI7fwrXt2UBYeH2tStOywKzey3AhIYQzA 5pzJMvs4VDjjkxZHMyWiHVdDzCEf6HWPtvk2Sto+DjImyxW4NRHfsxKD yqFD43q+fHJavu5p4Mbb4CxsA+xdrLd6yONTKz/YGFtKd5bkUjRJf8M2 JRyC4DU0ba2o80MTuc6pgSwc7S1bI1JDDrwX4fELeRiWnU80WqgLysxk U76tlgqjnK6UF8XPSneC969F9FjZXyX3FmbvdgDYwKGIoC+MC1uhqZwz Ahog2nKkCxftrYfEYflwx/3CZjRy/yjePDJSk1+3MjEru+Sc2ZCABeex +Mybjw==
;; Received 1207 bytes from 199.9.14.201#53(b.root-servers.net) in 78 msmychartlink.com. 172800 IN NS ns1.fmlh.edu.
mychartlink.com. 172800 IN NS ns2.fmlh.edu.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190714044431 20190707033431 3800 com. BKPFq/Z6OdQj3J/veD+Ty87mCyx1yfhuW3eFuZ4g6d6JOZ+CHghL6DEL y8ztytbZxVCMHrFRl5VkSrxM9buZ2MDJnHeZBqB/LwuCncLD9DRQ/5R3 tbvu8PIWFrwvpgfyez+h5/XVEKJqszN+rFlNEsOS4iaZDw+mIn3PYOt5 T2U=
7HLGFIBBSPLM37ONKBJ75NHBQ49V0RQU.com. 86400 IN NSEC3 1 1 0 - 7HLJEJVLMB9BBET77MV7CF2TPL09F9CH NS DS RRSIG
7HLGFIBBSPLM37ONKBJ75NHBQ49V0RQU.com. 86400 IN RRSIG NSEC3 8 2 86400 20190715050918 20190708035918 3800 com. Ud7b3fWAP0GEnJsv/gn/LhYF0pmXzFBg9x8mFbBD6KkgxxwJuRv0mY8A YvrRPp7tXeos+mUN8XJhn2qRs3zMPu7Gsi1qyn91fvmp5iNF/MFKVL81 lfLlZZvxqfG/cfZdiSnDSu7kZnp9LBwDHu9XBGidXXlFG5JPJVD5pAeT kHY=
couldn't get address for 'ns1.fmlh.edu': not found
couldn't get address for 'ns2.fmlh.edu': not found
dig: couldn't get address for 'ns1.fmlh.edu': no more -
Yes I use OpenVPN
-
@kendalja said in Blocking certain websites:
couldn't get address for 'ns1.fmlh.edu': not found
couldn't get address for 'ns2.fmlh.edu': not foundOk there is your problem your having a problem resolving the NS for the authoritative ns for for what your looking for..
do a dig +trace to ns1.fmlh.edu
-
; <<>> DiG 9.12.2-P1 <<>> +trace to ns1.fmlh.edu
;; global options: +cmd
. 394 IN NS m.root-servers.net.
. 394 IN NS b.root-servers.net.
. 394 IN NS c.root-servers.net.
. 394 IN NS d.root-servers.net.
. 394 IN NS e.root-servers.net.
. 394 IN NS f.root-servers.net.
. 394 IN NS g.root-servers.net.
. 394 IN NS h.root-servers.net.
. 394 IN NS i.root-servers.net.
. 394 IN NS a.root-servers.net.
. 394 IN NS j.root-servers.net.
. 394 IN NS k.root-servers.net.
. 394 IN NS l.root-servers.net.
. 394 IN RRSIG NS 8 0 518400 20190722170000 20190709160000 59944 . OxXTW2mBG0xBne1JCQ20D1tO/REVC1b44bW9h158UdoG+L2I5SH/+abe N3wkDxQuzaSeHDW3Xjzk6seAd1zOW8L5x80HL+Uy38W5MCfC6oSz5xK2 Wbu/mWh6GjC8cUjE91ktkxnTEb/sLUgSDGTSvPJfZzVBAfdZXRd7j54u b/EQuEE9X7h5vBmBWdGMK2aPEtAh7dQbf3ZatsIYQ/DiXKIvctwUS0QW 25ygWiDrFScnJDV04ug3EBo1xZGkBr/EbyQV2X3LUs3LuDht/yWpr388 Rk/ukKC93E4E4qfieFcvSQ4cq1UZKlfEqhNRrTIkwhblzxKfhEWmQDwl 0gEIJw==
;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 msto. 172800 IN NS newyork.tonic.to.
to. 172800 IN NS tonic.to.
to. 172800 IN NS frankfurt.tonic.to.
to. 172800 IN NS singapore.tonic.to.
to. 172800 IN NS colo.to.
to. 86400 IN NSEC today. NS RRSIG NSEC
to. 86400 IN RRSIG NSEC 8 1 86400 20190723210000 20190710200000 59944 . QqxLuc4QRHtd57oT296I27kW3YzwFCL2l8IZw+5rVoTjlwrFUCCxyQVE 8sQKhm8Bi/AMIES3cmRxQXYFonj2qnHmU3qcLt18/H6id8w+49SY7zs5 7hg4NUYegvF/uMX6cQBdZfHRn5XcZvO9aIUsFLnMkbfBi7qnhb8wsiw4 UiotzSByyQgYiwKjHfRHPVtsD0IhRPsDJngiEsXegbULF8ZOFy+7OLF1 aYL67pZPqvzcAHWCkouVy1Zdfv2QGnyXdpGPXuzeSVwBTrzykCXXJLxm b5paUF11ii/AJ4feQ+1ptK6dDNdVKD/gzRf8HvVt2SF2c933nQXLdu3S x6yG1Q==
;; Received 562 bytes from 192.112.36.4#53(g.root-servers.net) in 69 msto. 7200 IN SOA to. hostmaster.tonic.to. 2019071103 43200 7200 2592000 7200
;; Received 114 bytes from 216.74.32.100#53(tonic.to) in 85 ms. 392 IN NS m.root-servers.net.
. 392 IN NS b.root-servers.net.
. 392 IN NS c.root-servers.net.
. 392 IN NS d.root-servers.net.
. 392 IN NS e.root-servers.net.
. 392 IN NS f.root-servers.net.
. 392 IN NS g.root-servers.net.
. 392 IN NS h.root-servers.net.
. 392 IN NS i.root-servers.net.
. 392 IN NS a.root-servers.net.
. 392 IN NS j.root-servers.net.
. 392 IN NS k.root-servers.net.
. 392 IN NS l.root-servers.net.
. 392 IN RRSIG NS 8 0 518400 20190722170000 20190709160000 59944 . OxXTW2mBG0xBne1JCQ20D1tO/REVC1b44bW9h158UdoG+L2I5SH/+abe N3wkDxQuzaSeHDW3Xjzk6seAd1zOW8L5x80HL+Uy38W5MCfC6oSz5xK2 Wbu/mWh6GjC8cUjE91ktkxnTEb/sLUgSDGTSvPJfZzVBAfdZXRd7j54u b/EQuEE9X7h5vBmBWdGMK2aPEtAh7dQbf3ZatsIYQ/DiXKIvctwUS0QW 25ygWiDrFScnJDV04ug3EBo1xZGkBr/EbyQV2X3LUs3LuDht/yWpr388 Rk/ukKC93E4E4qfieFcvSQ4cq1UZKlfEqhNRrTIkwhblzxKfhEWmQDwl 0gEIJw==
;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 msedu. 172800 IN NS a.edu-servers.net.
edu. 172800 IN NS b.edu-servers.net.
edu. 172800 IN NS c.edu-servers.net.
edu. 172800 IN NS d.edu-servers.net.
edu. 172800 IN NS e.edu-servers.net.
edu. 172800 IN NS f.edu-servers.net.
edu. 172800 IN NS g.edu-servers.net.
edu. 172800 IN NS h.edu-servers.net.
edu. 172800 IN NS i.edu-servers.net.
edu. 172800 IN NS j.edu-servers.net.
edu. 172800 IN NS k.edu-servers.net.
edu. 172800 IN NS l.edu-servers.net.
edu. 172800 IN NS m.edu-servers.net.
edu. 86400 IN DS 28065 8 2 4172496CDE85534E51129040355BD04B1FCFEBAE996DFDDE652006F6 F8B2CE76
edu. 86400 IN RRSIG DS 8 1 86400 20190723210000 20190710200000 59944 . H/Y7cMxnOtc5tO3rWnvHVFvndTHcBtn7USzQJTuDknHuQaWVmpdX380S WyF2K2a2dEgQCpP0ad/zp9+iWRMZFLYVpGOiDs23F4UWj1/QZDx7umGW bfJjDgifMy8fqhrwHmj5NjCoDXYNvls0kp6tRrf/0xa595Siqq6hmJlS 2x3vF0yxs+CfrGZ5CXOfi2GJOgYsbBYgvuVhlNQebgCXHFW6bZcDedBD I63wmQJiIu8uXhYihqaJiMEoC0NlqgmCVezbFSjV5s/LJDudddFCsYKF g9aTBV642RfZwsJvF1NkLYZwrEgH586z9vxVQtLLZQIswFeas/1vwEOW a4KDWw==
;; Received 1171 bytes from 199.7.91.13#53(d.root-servers.net) in 54 msfmlh.edu. 172800 IN NS ns1.fmlh.edu.
fmlh.edu. 172800 IN NS ns2.fmlh.edu.
9DHS4EP5G85PF9NUFK06HEK0O48QGK77.edu. 86400 IN NSEC3 1 1 0 - 9DJ96HTERMR050IABU7M39VMPSQTFF5D NS SOA RRSIG DNSKEY NSEC3PARAM
9DHS4EP5G85PF9NUFK06HEK0O48QGK77.edu. 86400 IN RRSIG NSEC3 8 2 86400 20190718004815 20190710233815 1457 edu. Si7SdeAHaqnGrmLptPxDkHEKv4RBDEIQJo7x1WZ0PRacuQeMq9Dnb/zi Au8wZdSMYNWe6QRiiMOYkUOnFcpR29S4WLQR6MZM1TgdbG/AtBI03gKt DBRUB2JSOUrPR2nN/zUAbAoTzh6cwJZgNnbYviamKMY3dwopZLft+HT6 plISfW+TvVT5mrl5R2dArapI3PtZ8fck9BbrDq/ZtKDNEg==
LK0ACNHV51OEKKNI23QG9MIREOTG7JT2.edu. 86400 IN NSEC3 1 1 0 - LNS26L2SEVK54IL98C1GQ7SI2TBNTQOK NS DS RRSIG
LK0ACNHV51OEKKNI23QG9MIREOTG7JT2.edu. 86400 IN RRSIG NSEC3 8 2 86400 20190717220952 20190710205952 1457 edu. MWGNOD+Q+Z5SOq4hdDOjFrqa3sIdWZCiB/2E0JVLltp07ftoy6YS4F+c ZEXaxMMb93lt2DdJwKLmzy0nUkpvnOPFmfdckT/rPATfxy4+fZjfRza1 hmDP5deLPwSEiggUX+64WkJih68nFUiUFH865tbtNcyhkxoDFS+TA5fO +LiTPkOMqEtbxjDxh13CTHpHwpMJqVGlfiG+IjOLUrD2Ow==
couldn't get address for 'ns1.fmlh.edu': not found
couldn't get address for 'ns2.fmlh.edu': not found
dig: couldn't get address for 'ns1.fmlh.edu': no more -
@kendalja said in Blocking certain websites:
to. 172800 IN NS newyork.tonic.to.
to. 172800 IN NS tonic.to.
to. 172800 IN NS frankfurt.tonic.to.
to. 172800 IN NS singapore.tonic.to.
to. 172800 IN NS colo.to.Where are those coming from??
That is not right...
;; Received 562 bytes from 192.112.36.4#53(g.root-servers.net) in 69 ms
no not true...
$ dig @g.root-servers.net ns1.fmlh.edu ; <<>> DiG 9.14.3 <<>> @g.root-servers.net ns1.fmlh.edu ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37881 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 27 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: dae72160d492ad56dc6196a35d27128cbd7b561642df64ca (good) ;; QUESTION SECTION: ;ns1.fmlh.edu. IN A ;; AUTHORITY SECTION: edu. 172800 IN NS m.edu-servers.net. edu. 172800 IN NS k.edu-servers.net. edu. 172800 IN NS j.edu-servers.net. edu. 172800 IN NS d.edu-servers.net. edu. 172800 IN NS c.edu-servers.net. edu. 172800 IN NS f.edu-servers.net. edu. 172800 IN NS a.edu-servers.net. edu. 172800 IN NS b.edu-servers.net. edu. 172800 IN NS i.edu-servers.net. edu. 172800 IN NS h.edu-servers.net. edu. 172800 IN NS g.edu-servers.net. edu. 172800 IN NS e.edu-servers.net. edu. 172800 IN NS l.edu-servers.net. ;; ADDITIONAL SECTION: a.edu-servers.net. 172800 IN A 192.5.6.30 b.edu-servers.net. 172800 IN A 192.33.14.30 c.edu-servers.net. 172800 IN A 192.26.92.30 d.edu-servers.net. 172800 IN A 192.31.80.30 e.edu-servers.net. 172800 IN A 192.12.94.30 f.edu-servers.net. 172800 IN A 192.35.51.30 g.edu-servers.net. 172800 IN A 192.42.93.30 h.edu-servers.net. 172800 IN A 192.54.112.30 i.edu-servers.net. 172800 IN A 192.43.172.30 j.edu-servers.net. 172800 IN A 192.48.79.30 k.edu-servers.net. 172800 IN A 192.52.178.30 l.edu-servers.net. 172800 IN A 192.41.162.30 m.edu-servers.net. 172800 IN A 192.55.83.30 a.edu-servers.net. 172800 IN AAAA 2001:503:a83e::2:30 b.edu-servers.net. 172800 IN AAAA 2001:503:231d::2:30 c.edu-servers.net. 172800 IN AAAA 2001:503:83eb::30 d.edu-servers.net. 172800 IN AAAA 2001:500:856e::30 e.edu-servers.net. 172800 IN AAAA 2001:502:1ca1::30 f.edu-servers.net. 172800 IN AAAA 2001:503:d414::30 g.edu-servers.net. 172800 IN AAAA 2001:503:eea3::30 h.edu-servers.net. 172800 IN AAAA 2001:502:8cc::30 i.edu-servers.net. 172800 IN AAAA 2001:503:39c1::30 j.edu-servers.net. 172800 IN AAAA 2001:502:7094::30 k.edu-servers.net. 172800 IN AAAA 2001:503:d2d::30 l.edu-servers.net. 172800 IN AAAA 2001:500:d937::30 m.edu-servers.net. 172800 IN AAAA 2001:501:b1f9::30 ;; Query time: 27 msec ;; SERVER: 192.112.36.4#53(192.112.36.4) ;; WHEN: Thu Jul 11 05:42:20 Central Daylight Time 2019 ;; MSG SIZE rcvd: 864Do a dig direct to one of the roots, like I did -- what do you get back?
The roots wold not send you to some tonic.to NS?? Those are not the NS for the edu tld
these are
$ dig edu. NS ; <<>> DiG 9.14.3 <<>> edu. NS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57810 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;edu. IN NS ;; ANSWER SECTION: edu. 86400 IN NS i.edu-servers.net. edu. 86400 IN NS e.edu-servers.net. edu. 86400 IN NS f.edu-servers.net. edu. 86400 IN NS k.edu-servers.net. edu. 86400 IN NS c.edu-servers.net. edu. 86400 IN NS h.edu-servers.net. edu. 86400 IN NS l.edu-servers.net. edu. 86400 IN NS m.edu-servers.net. edu. 86400 IN NS b.edu-servers.net. edu. 86400 IN NS d.edu-servers.net. edu. 86400 IN NS a.edu-servers.net. edu. 86400 IN NS j.edu-servers.net. edu. 86400 IN NS g.edu-servers.net. ;; Query time: 56 msec ;; SERVER: 192.168.3.10#53(192.168.3.10) ;; WHEN: Thu Jul 11 05:46:49 Central Daylight Time 2019 ;; MSG SIZE rcvd: 255 -
@johnpoz said in Blocking certain websites:
dig @g.root-servers.net ns1.fmlh.edu
; <<>> DiG 9.12.2-P1 <<>> @g.root-servers.net ns1.fmlh.edu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45236
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 27
;; WARNING: recursion requested but not available;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 7d2f24065c060bbeb062fad05d27a51bf0486e957655399f (good)
;; QUESTION SECTION:
;ns1.fmlh.edu. IN A;; AUTHORITY SECTION:
edu. 172800 IN NS e.edu-servers.net.
edu. 172800 IN NS a.edu-servers.net.
edu. 172800 IN NS h.edu-servers.net.
edu. 172800 IN NS m.edu-servers.net.
edu. 172800 IN NS f.edu-servers.net.
edu. 172800 IN NS l.edu-servers.net.
edu. 172800 IN NS g.edu-servers.net.
edu. 172800 IN NS k.edu-servers.net.
edu. 172800 IN NS b.edu-servers.net.
edu. 172800 IN NS i.edu-servers.net.
edu. 172800 IN NS c.edu-servers.net.
edu. 172800 IN NS d.edu-servers.net.
edu. 172800 IN NS j.edu-servers.net.;; ADDITIONAL SECTION:
a.edu-servers.net. 172800 IN A 192.5.6.30
b.edu-servers.net. 172800 IN A 192.33.14.30
c.edu-servers.net. 172800 IN A 192.26.92.30
d.edu-servers.net. 172800 IN A 192.31.80.30
e.edu-servers.net. 172800 IN A 192.12.94.30
f.edu-servers.net. 172800 IN A 192.35.51.30
g.edu-servers.net. 172800 IN A 192.42.93.30
h.edu-servers.net. 172800 IN A 192.54.112.30
i.edu-servers.net. 172800 IN A 192.43.172.30
j.edu-servers.net. 172800 IN A 192.48.79.30
k.edu-servers.net. 172800 IN A 192.52.178.30
l.edu-servers.net. 172800 IN A 192.41.162.30
m.edu-servers.net. 172800 IN A 192.55.83.30
a.edu-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
b.edu-servers.net. 172800 IN AAAA 2001:503:231d::2:30
c.edu-servers.net. 172800 IN AAAA 2001:503:83eb::30
d.edu-servers.net. 172800 IN AAAA 2001:500:856e::30
e.edu-servers.net. 172800 IN AAAA 2001:502:1ca1::30
f.edu-servers.net. 172800 IN AAAA 2001:503:d414::30
g.edu-servers.net. 172800 IN AAAA 2001:503:eea3::30
h.edu-servers.net. 172800 IN AAAA 2001:502:8cc::30
i.edu-servers.net. 172800 IN AAAA 2001:503:39c1::30
j.edu-servers.net. 172800 IN AAAA 2001:502:7094::30
k.edu-servers.net. 172800 IN AAAA 2001:503:d2d::30
l.edu-servers.net. 172800 IN AAAA 2001:500:d937::30
m.edu-servers.net. 172800 IN AAAA 2001:501:b1f9::30;; Query time: 64 msec
;; SERVER: 192.112.36.4#53(192.112.36.4)
;; WHEN: Thu Jul 11 16:07:38 CDT 2019
;; MSG SIZE rcvd: 864 -
Yeah, ok, it works.
But what about the tonic.to guy ? Where did he came from ?
By any chance, you have a local network looking like 192./8 ?
-
yeah not understanding where that tonic.to stuff came from exactly..
-
Could it be because of my openVPN configuration? All my network traffic goes through the VPN on this pfsense machine.
-
Yeah you really need to mention this shit ;)
So your vpn is messing with your dns queries?
So why in 1 query its normal, and then in the first one you got back some tonic.to nonsense?
I would suggest you turn off your vpn shit, or atleast make sure that pfsense dns resolving just goes out your normal isp connecton and do a dig +trace.. those tonic.to are for 100% sure not part of the resolving process!!
-
-
@kendalja said in Blocking certain websites:
lucy poems by william wordsworth analysis</a><br />
huh? Think something went wrong in your post ;)
So your only letting your resolver go out your vpn??
You do understand you can attach images right? No reason to host them on some 3rd party site - makes it hard for some users reading where such sites might be blocked.
So set resolver to just use your normal wan, does that fix your issue?
edit: Now we are playing TAG ;) heheheh
I can tell you for freaking sure that that tonic.to stuff should not be showing up in your trace.. And if your vpn is going that - I would be really freaking concerned!!!
-
-
Setting the resolver through the wan does not fix the issue either.
-
so your still seeing the tonic.to stuff in your trace? Seems like your dns cache has been poisoned maybe?
-
@johnpoz said in Blocking certain websites:
do a dig +trace to ns1.fmlh.edu
LMFAO Here is where the to has been coming from. I've been executing the command "dig +trace to ns1.fmlh.edu"
-
; <<>> DiG 9.12.2-P1 <<>> +trace ns1.fmlh.edu ;; global options: +cmd . 36132 IN NS c.root-servers.net. . 36132 IN NS b.root-servers.net. . 36132 IN NS f.root-servers.net. . 36132 IN NS a.root-servers.net. . 36132 IN NS e.root-servers.net. . 36132 IN NS j.root-servers.net. . 36132 IN NS k.root-servers.net. . 36132 IN NS l.root-servers.net. . 36132 IN NS i.root-servers.net. . 36132 IN NS m.root-servers.net. . 36132 IN NS g.root-servers.net. . 36132 IN NS d.root-servers.net. . 36132 IN NS h.root-servers.net. . 36132 IN RRSIG NS 8 0 518400 20190724170000 20190711160000 59944 . a+EgUadrB/XpFNWGtCe7AO2WtMRJzUg2JYvAQTIDnejIsFidT/1hj5io BfDy7xa9r5JRVUtx5nBpbYs3zuWmOOAc030qR9+zOpB4+Sjb4LSNEQBd E3ejHXys3sUp01qgDsWtRCPYwdeTTzdtCIdxbkKJaZq4xvRLhaKhsCeF UGMTVLGXSMp5r8MIiTSioH6cb4Mz2B0U+nvPLhRmLxHA0ms3HqNKadtc CVqeka4VCWyeXlzr8E/tFN6hC5T7ap5cC33ruD2GHbc5LXzJNFn6qvtF qH8Ijy9VW/CuHxHMaCNP9RyiJi2u9lbeu7yiMqLruCT9QbRMVPvYTfug KdnCgg== ;; Received 525 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms edu. 172800 IN NS m.edu-servers.net. edu. 172800 IN NS c.edu-servers.net. edu. 172800 IN NS j.edu-servers.net. edu. 172800 IN NS i.edu-servers.net. edu. 172800 IN NS g.edu-servers.net. edu. 172800 IN NS e.edu-servers.net. edu. 172800 IN NS h.edu-servers.net. edu. 172800 IN NS f.edu-servers.net. edu. 172800 IN NS b.edu-servers.net. edu. 172800 IN NS l.edu-servers.net. edu. 172800 IN NS d.edu-servers.net. edu. 172800 IN NS a.edu-servers.net. edu. 172800 IN NS k.edu-servers.net. edu. 86400 IN DS 28065 8 2 4172496CDE85534E51129040355BD04B1FCFEBAE996DFDDE652006F6 F8B2CE76 edu. 86400 IN RRSIG DS 8 1 86400 20190724170000 20190711160000 59944 . SAAluo+g0osCYJ8tOteLKCYvBLnFsG1VN2wu1bI9mtUCCa7TBNLIwCV+ SheW+ktYulZsHvff6kSLSPX6y3IsiawOToItAOyo6GnokFGPpA99X73u HpXfFSpVDRgTbSRNLH2zneMW3FFvZNHbozfrKjXpa5O3lVaVvUyj5AQ7 AJ1T/LMaiTzwIGXUmZWzT464dU+7g7SQq0oi1Ki1rmk0N6cNPmCnZodF OkoBjyOwEwCfzCJQk+KsNVR+0y/o2xJ1rk/ScpRhAkzUMbK0OkE9reMP JzluFtl0nDIpaex1m8xANnVbiPHiEBl4V6d4yu2Rn2oQgQQ4Wvdk8qWC jT3Awg== ;; Received 1199 bytes from 192.112.36.4#53(g.root-servers.net) in 63 ms fmlh.edu. 172800 IN NS ns1.fmlh.edu. fmlh.edu. 172800 IN NS ns2.fmlh.edu. 9DHS4EP5G85PF9NUFK06HEK0O48QGK77.edu. 86400 IN NSEC3 1 1 0 - 9V5L4LUB1VNJ9EQQLIHEQCBREACL25O0 NS SOA RRSIG DNSKEY NSEC3PARAM 9DHS4EP5G85PF9NUFK06HEK0O48QGK77.edu. 86400 IN RRSIG NSEC3 8 2 86400 20190719013733 20190712002733 1457 edu. VjRMrqqilqb0fOIA/8Yt/0nQ1TRjmli+fbdWMHa10WjUdN48/R/Qigfp 0F5lnGhzWNL4MaWnWSTt3k0Lyv2aRdi25XEwBCzEK0WR1eQ2oL9lbtk5 cH0VUJtvbuj0DPREAd84kFujun/Te6lYRKx0svos0Hjfhv/02iLfWRnB QjY/EZc5BbLUDYcc11/722lQ8OP7ufyHhKi1+kGWR42SXg== LK0ACNHV51OEKKNI23QG9MIREOTG7JT2.edu. 86400 IN NSEC3 1 1 0 - LNS26L2SEVK54IL98C1GQ7SI2TBNTQOK NS DS RRSIG LK0ACNHV51OEKKNI23QG9MIREOTG7JT2.edu. 86400 IN RRSIG NSEC3 8 2 86400 20190719020905 20190712005905 1457 edu. q+hL9XLpzc93v5heZoi0xFdzlz63dsPX3E8ifxitY9A/0tFih1+z6V8D dCh5bNJl/vCTYbHFL3u2x+p1bowanxcY8irOpih5FGTTplJGjfFSM7di cvtp3jF1vg3bPeX+wE1ouNWfX7Ttml6w7xLsU57DGgqLKwNUqsABNHfG gd0PIxqK9XEP+0jO9u92pslWhLjbnjIATxb1T7eD/21ahA== ;; Received 654 bytes from 192.43.172.30#53(i.edu-servers.net) in 60 ms ;; connection timed out; no servers could be reached -
; <<>> DiG 9.12.2-P1 <<>> @g.root-servers.net ns1.fmlh.edu ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2123 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 27 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: bddfbfb9ca229c158e6871bc5d27ff2a4a8399b0a89aa88f (good) ;; QUESTION SECTION: ;ns1.fmlh.edu. IN A ;; AUTHORITY SECTION: edu. 172800 IN NS f.edu-servers.net. edu. 172800 IN NS g.edu-servers.net. edu. 172800 IN NS j.edu-servers.net. edu. 172800 IN NS l.edu-servers.net. edu. 172800 IN NS a.edu-servers.net. edu. 172800 IN NS b.edu-servers.net. edu. 172800 IN NS k.edu-servers.net. edu. 172800 IN NS h.edu-servers.net. edu. 172800 IN NS i.edu-servers.net. edu. 172800 IN NS e.edu-servers.net. edu. 172800 IN NS c.edu-servers.net. edu. 172800 IN NS d.edu-servers.net. edu. 172800 IN NS m.edu-servers.net. ;; ADDITIONAL SECTION: a.edu-servers.net. 172800 IN A 192.5.6.30 b.edu-servers.net. 172800 IN A 192.33.14.30 c.edu-servers.net. 172800 IN A 192.26.92.30 d.edu-servers.net. 172800 IN A 192.31.80.30 e.edu-servers.net. 172800 IN A 192.12.94.30 f.edu-servers.net. 172800 IN A 192.35.51.30 g.edu-servers.net. 172800 IN A 192.42.93.30 h.edu-servers.net. 172800 IN A 192.54.112.30 i.edu-servers.net. 172800 IN A 192.43.172.30 j.edu-servers.net. 172800 IN A 192.48.79.30 k.edu-servers.net. 172800 IN A 192.52.178.30 l.edu-servers.net. 172800 IN A 192.41.162.30 m.edu-servers.net. 172800 IN A 192.55.83.30 a.edu-servers.net. 172800 IN AAAA 2001:503:a83e::2:30 b.edu-servers.net. 172800 IN AAAA 2001:503:231d::2:30 c.edu-servers.net. 172800 IN AAAA 2001:503:83eb::30 d.edu-servers.net. 172800 IN AAAA 2001:500:856e::30 e.edu-servers.net. 172800 IN AAAA 2001:502:1ca1::30 f.edu-servers.net. 172800 IN AAAA 2001:503:d414::30 g.edu-servers.net. 172800 IN AAAA 2001:503:eea3::30 h.edu-servers.net. 172800 IN AAAA 2001:502:8cc::30 i.edu-servers.net. 172800 IN AAAA 2001:503:39c1::30 j.edu-servers.net. 172800 IN AAAA 2001:502:7094::30 k.edu-servers.net. 172800 IN AAAA 2001:503:d2d::30 l.edu-servers.net. 172800 IN AAAA 2001:500:d937::30 m.edu-servers.net. 172800 IN AAAA 2001:501:b1f9::30 ;; Query time: 63 msec ;; SERVER: 192.112.36.4#53(192.112.36.4) ;; WHEN: Thu Jul 11 22:31:54 CDT 2019 ;; MSG SIZE rcvd: 8 -
A simple thing to test : when you shut down your VPN (client) : does the problem persists ?
-
@Gertjan I shutoff the vpn and it works! I set the dns resolver to wan, bring back up the vpn connection and it still works....wth?
-
)
Now I’m trying to post and seeing this lmfao
-
Well once you have the correct ns cached for the domain, you don't have to go ask again.. Which is why I mentioned poisoning..
Also how did you set resolver to only use wan?
Also are you pulling routes from your vpn? This makes your vpn default, even if not policy routed. Did you actually change the resolver to only use wan, or did you set it to all? etc..
Posting a lot of text can sometimes be seen as spam.
-
I went to services, DNS resolver, network interface was already set to ALL. I changed outgoing network interface from PIA_VPN to WAN.
-
@kendalja said in Blocking certain websites:
network interface was already set to ALL
No it wasn't - from your screenshot.
See here
Not talking about the inbound to unbound, only outbound.
I would restart unbound, set it back to the way you had it.. do the trace again - are you seeing those tonic.to in the trace again?
It could of been a red herring with your vpn - and just that you had cache poisoned already.. You need to make sure you flush your unbound cache.. A restart of unbound will do that for you - just need to make sure it actually restarts, etc.
-
Right there is also a section above that and it’s set to all. I now have the outgoing to WAN.
-
Well if everything is working that way - set it back to your vpn path for outgoing, and flush - are you seeing the problem with the tonic.to in the trace? If so something really wrong if your vpn connection!! And they are manipulating your dns queries.
-
Read above on my post about the “to” in my logs lmfao. User error.
-
huh?
Here is where the to has been coming from. I've been executing the command "dig +trace to ns1.fmlh.edu"
tonic.to should be no where in a trace to that..
Nor to your original fqdn..
-
While executing the command I actually typed in “dig +trace to ns1.fmlh.edu” instead of “dig +trace ns1.fmlh.edu”
