Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

[2.0.10] m_dnsbl sometimes doesn't always send all dns queries to all blacklists #431

Closed
killerrabbit opened this Issue Mar 1, 2013 · 2 comments

Comments

Projects
None yet
2 participants

Sometimes m_dnsbl doesn't send all the dns queries to all the blacklists. This seems to be caused by inspircd receiving a dns record before sending all the queries. The end result of this is that the user gets a registration timeout error.

Example tcpdump of a non-working connect with 3 dnsbls(udp only)
root@irc:~# tcpdump udp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
22:49:01.503980 IP irc.server > dns.server: 51924+ A? 1.2.3.4.blacklist.A. (51)
22:49:01.504146 IP irc.server > dns.server: 32546+ A? 1.2.3.4.blacklist.B. (44)
22:49:01.504515 IP dns.server > irc.server: 51924 NXDomain 0/1/0 (102)
22:49:01.504529 IP dns.server > irc.server: 32546 NXDomain 0/1/0 (91)
4 packets captured
4 packets received by filter
0 packets dropped by kernel

And an example of a working connect with same 3 dnsbls just a few seconds later.
root@irc:~# tcpdump udp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
22:50:09.659634 IP irc.server > dns.server: 6000+ A? 1.2.3.4.blacklist.A. (51)
22:50:09.659794 IP irc.server > dns.server: 37065+ A? 1.2.3.4.blacklist.B. (44)
22:50:09.659947 IP irc.server > dns.server: 30049+ A? 1.2.3.4.blacklist.C. (47)
22:50:09.681090 IP dns.server > irc.server: 6000 NXDomain 0/1/0 (102)
22:50:09.753322 IP dns.server > irc.server: 30049 NXDomain 0/1/0 (111)
22:50:09.762476 IP dns.server > irc.server: 37065 NXDomain 0/1/0 (91)
6 packets captured
6 packets received by filter
0 packets dropped by kernel

Owner

attilamolnar commented Mar 1, 2013

happens because of the dns cache, emptying the cache should work around the issue
i'll push a fix today or tomorrow

@satmd satmd added a commit to satmd/inspircd that referenced this issue Jun 1, 2014

@attilamolnar @satmd attilamolnar + satmd m_dnsbl Fix connecting users timeouting when a dnsbl result is in the…
… dns cache


Fixes #431 reported by @killerrabbit
22f84ca
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment