Web-surfing logs show access to some undesirable locations.
Using Squid with redirectors works, but I thought that for the
sake of throughput, it would be more efficient to just have the
domain name map to an IP address I control. This turns out to
be problematic:
1. Squid goes directly to DNS for name lookup, bypassing lookupd
That demands one of
a. Don't use squid, and put a hosts file entry or equivalent
where lookupd will find it.
b. Go back to redirection
c. Change caching DNS server to a real server overriding
porno domains.
(a) or (c) provide additional problems:
i. Not hard to get the real IP address and use it instead of
host name (host, nslookup, and dig all go directly to DNS).
ii. lookupd doesn't behave as the man page says.
(ii) is the interesting point. I configured as follows:
- leave proxying on for first test
- put "192.168.x.y max-raunch.com" in /etc/hosts
- turned on Debug and Logging in lookupd
- tail -f /var/log/lookupd.log
lookupd -configuration shows
LookupOrder: Cache FF DNS NI DS
_config_name: Host Configuration
log shows that lookupd got a request for 192.168.x.y (due to proxy
redirection)
and Safari shows the dummy page.
Turn off proxying and refresh Safari. Log shows that lookupd got a
request for
max-raunch.com Safari shows that the instead of dummy page, the real
max-raunch.com
stands up (in more ways than one).
So lookupd is NOT going to /etc/hosts first ?
A bug, or something I am not understanding?
--
Wes Groleau
-----------
"Thinking I'm dumb gives people something to
feel smug about. Why should I disillusion them?"
-- Charles Wallace
(in _A_Wrinkle_In_Time_)
