DNS spoofing

[oti-tech]

Issue by dismantl
Friday Sep 13, 2013 at 18:44 GMT
Originally opened as opentechinstitute/luci-commotion-splash#4

---

re-try the DNS spoofing feature, but with a script that auto-detects internet connectivity and configures settings.

[oti-tech]

Comment by areynold
Thursday Sep 19, 2013 at 13:59 GMT

---

Could you clarify your request?

• Is this intended for DR2.1?
• Could you link to the procedures you want to retest?

[oti-tech]

Comment by jheretic
Friday Oct 11, 2013 at 19:59 GMT

---

Do we still require our own resolver, as in opentechinstitute/commotiond#34?

[oti-tech]

Comment by dismantl
Friday Oct 11, 2013 at 20:09 GMT

---

What I did was run a second instance of dnsmasq on the router, so yes, it does require a resolver to MITM DNS requests.

[dismantl]

My latest thinking on this is to write a small utility in C that receives DNS requests from clients and proxies them to DNSMasq. If DNSMasq responds with RCode=Refused (indicating no gateway to internet), respond with a fake A record to trigger the captive portal, otherwise return DNSMasqs response to the client.

[dismantl]

This solution would provide the benefit of not needing to run another instance of DNSMasq, and will also work with networks that have intermittent gateways to the Internet.

[jheretic]

Implemented per #460