invalid domains

[dnmTX]

@lightswitch05 you have some INVALID once present.Mine as well remove them.
Close this when done.Thanks.

[lightswitch05]

@dnmTX hello. The wpad domains were added in response to this blog post https://pi-hole.net/2018/09/10/mitigate-a-new-cert-vulnerability-598349-with-an-entry-in-etc-hosts/

So unless someone complains that they are causing them issues, I intend to leave them. Any information why -x3.vindicosuite.com is being flagged?

[dnmTX]

The wpad domains were added in response to this blog post https://pi-hole.net/2018/09/10/mitigate-a-new-cert-vulnerability-598349-with-an-entry-in-etc-hosts/

Good job.Glad to know that you're on top of things 👍
@funilrys maybe it's a good idea to add those to the whitelist.
(sorry,not the whitelist as they would be removed but some kind of a exception maybe?)

Any information why -x3.vindicosuite.com is being flagged?

@funilrys is the one who can answer that but if i have to guess it's probably the dash - in the front and if you do just basic nslookup you got this:

C:\Windows\system32>nslookup -x3.vindicosuite.com
*** Invalid option: x3.vindicosuite.com
Default Server: DD-WRT
Address: 192.168.1.1
Therefore if dnsmasq can't read it i don't think that domain can do any harm on my end.

[lightswitch05]

In your command, nslookup is reading the - as an option instead of part of the domain. dig "-x3.vindicosuite.com" runs fine - although it doesn't get an answer. Its not an active domain, but as far as I can tell it is valid

[dnmTX]

Also com.tenjin.ios.api was rendered invalid previously,not sure why it was skipped on that last filtering.
Just FYI.

[funilrys]

@lightswitch05 @dnmTX
I asked the co-author of Bind9 long time ago how can I check those (cf) after I got some headache...

I get the following ....

$ dig -q -x3.vindicosuite.com
dig: '-x3.vindicosuite.com' is not a legal IDNA2008 name (string start/ends with forbidden hyphen), use +noidnin

[lightswitch05]

I guess my version was including the quotes in the lookup. I’ll update my validation regex to exclude domains starting with a -. Thanks @funilrys

[lightswitch05]

Closed by adb09a6

[funilrys]

@dnmTX com.tenjin.ios.api ==> .api not in Root Zone Database which we parse into iana-domains-db.json so INVALID.

[funilrys]

@lightswitch05 You can (also) program on top of PyFunceble and only run a Syntax check instead of an availability check .... 😸

Here is an example (from the documentation):

from PyFunceble import syntax_check as PyFuncebleDomainSyntax
from PyFunceble import ipv4_syntax_check as PyFuncebleIPv4Syntax

print("google.com", PyFuncebleDomainSyntax(domain="google.com"))
print("216.58.207.46", PyFuncebleIPv4Syntax(ip="216.58.207.46"))

print("forest-jump", PyFuncebleDomainSyntax(domain="forest-jump"))
print("257.58.207.46", PyFuncebleIPv4Syntax(ip="257.58.207.46"))

And the launch result/output: https://travis-ci.com/funilrys/PyFunceble/jobs/171919173#L1991-L1998

[dnmTX]

Looks like dnsmasq already implemented a FIX for the wpad issue so i guess i'm all set there 😄