Trying to see if I can use mara for this small network, I
installed it
and I'm testing it as a purely recursive server.
I turned the verbosity level up and found this.. is this
correct?
Nov 13 14:05:50 smoothwall maradns: Query from:
192.168.1.218 Aslashdot.org.
Nov 13 14:05:50 smoothwall maradns: Log: Bad query
received: �01:
Nov 13 14:05:50 smoothwall maradns: Log: No reply from
remote servers
Nov 13 14:05:50 smoothwall maradns: Log: Bad query
received: �01:
Nov 13 14:05:50 smoothwall maradns: Log: No reply from
remote servers
Nov 13 14:05:55 smoothwall maradns: Log: Message received,
processing
Nov 13 14:05:55 smoothwall maradns: Query from:
192.168.1.218
Aimages.slashdot.org.
Nov 13 14:05:55 smoothwall maradns: Log: Bad query
received: 3778
Nov 13 14:05:55 smoothwall maradns: Log: No reply from
remote servers
Nov 13 14:06:01 smoothwall maradns: Log: Message received,
processing
Nov 13 14:06:02 smoothwall maradns: Query from:
192.168.1.218
Awww.google-analytics.com.
Nov 13 14:06:02 smoothwall maradns: Log: Bad query
received: |8
Nov 13 14:06:02 smoothwall maradns: Log: No reply from
remote servers
Nov 13 14:06:02 smoothwall maradns: Log: Bad query
received: |8
Nov 13 14:06:02 smoothwall maradns: Log: No reply from
remote servers
These were made from firefox 1.5.0.8
Also how does it know about my local network? I have not
populated
anything in the mararc telling it about my network, yet it
is able to
tell me things from my tinydns server..
sockstat -4 | grep :53
bind maradns 92306 4 udp4 192.168.1.3:53
*
bind maradns 92306 5 udp4 127.0.0.1:53
*
### mararc
cat mararc |grep -vE "^#|^$"
csv2 = {}
hide_disclaimer = "YES"
ipv4_bind_addresses = "192.168.1.3,127.0.0.1"
chroot_dir = "/usr/local/etc/maradns"
maradns_uid = 53
maradns_gid = 53
maxprocs = 96
no_fingerprint = 0
default_rrany_set = 3
max_chain = 8
max_ar_chain = 1
max_total = 20
verbose_level = 3
ipv4_alias = {}
ipv4_alias["icann"] = "198.41.0.4,
192.228.79.201, 192.33.4.12,
128.8.10.90,"
ipv4_alias["icann"] += "192.203.230.10,
192.5.5.241, 192.112.36.4,"
ipv4_alias["icann"] += "128.63.2.53,
192.36.148.17, 192.58.128.30,"
ipv4_alias["icann"] += "193.0.14.129,
198.32.64.12, 202.12.27.33"
ipv4_alias["opennic"] = "157.238.46.24,
209.104.33.250, 209.104.63.249,"
ipv4_alias["opennic"] += "130.94.168.216,
209.21.75.53, 64.114.34.119,"
ipv4_alias["opennic"] += "207.6.128.246,
167.216.255.199, 62.208.181.95,"
ipv4_alias["opennic"] += "216.87.153.98,
216.178.136.116"
ipv4_alias["localhost"] = "127.0.0.0/8"
ipv4_alias["adriance"] =
"192.168.1.0/24"
ipv4_alias["arlington"] =
"172.16.1.0/24"
ipv4_alias["public"] = "10.0.0.0/25"
recursive_acl = "localhost, adriance, arlington,
public"
random_seed_file = "/dev/urandom"
root_servers = {}
root_servers["."] = "icann"
ipv4_alias["azmalink"] =
"12.164.194.0/24"
ipv4_alias["hiddenonline"] =
"65.107.225.0/24"
spammers = "azmalink,hiddenonline"
[/usr/local/etc]# 212 > /usr/local/etc/rc.d/maradns.sh
restart && dig
 127.0.0.1 -t ns poklib.org
Stopping maradns.
Starting maradns.
; <<>> DiG 9.3.2 <<>> 127.0.0.1
-t ns poklib.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR,
id: 21499
;; flags: qr; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL:
0
;; QUESTION SECTION:
;poklib.org. IN NS
;; ANSWER SECTION:
poklib.org. 259200 IN NS
a.ns.poklib.org.
poklib.org. 259200 IN NS
b.ns.poklib.org.
poklib.org. 259200 IN NS
c.ns.poklib.org.
poklib.org. 259200 IN NS
d.ns.poklib.org.
;; Query time: 2034 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 13 14:36:22 2006
;; MSG SIZE rcvd: 95
I'm wondering how it got this.. I see that it took it a
while.. but how
did it get it? I don't specify this domain in my mararc..
and (as far
as I understand) mararc is only looking at root servers..
(icann) is it
using /etc/resolv.conf? after a certain ammount of time?
Or am I
missing something glaringly obvious?
For what it's worth this is on a FreeBSD 6.1 box..
Thanks in advance
- Brian
|