OpenWrt Forum Archive

Topic: Weird DNS question (how to fake all DNS requests)

The content of this topic has been archived on 21 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
olivier
7 Oct 2007, 19:47

Hello to all. I'm quite new in this router hacking world and i'm having big fun, but i'm stuck with a problem.

I want to get my openwrt router do that:
Act as a wireless AP, with a dhcp server (OK for this one)
Has a web server running on it displaying a simple webpage (OK for this too, i've installed lighttpd to redirect all 404's to the main page)
Redirect all DNS requests to itself, so that every website a clien wants to visit, he will get the same page from the router.
The problem is that the server isn't actually connected to he WAN, otherwise i would do all that with a simple iptables redirection.

Any ideas?

Post #2
ScarEye
7 Oct 2007, 19:59

The only thing I can quickly think of is is setting up a transparent proxy (sqiud) and have it redirect any requests back
to the page of your choice.

Hope this helps.
ScarEye

Post #3
olivier
7 Oct 2007, 20:19

But i want my clients to be dhcp configured to use my router as a gateway. With a proxy i have to configure my clients manually, isn't it?

Post #4
ScarEye
8 Oct 2007, 12:55

Nope,  It can be DHCP.

Post #5
olivier
8 Oct 2007, 20:44

Thanx for your answer
Ok, i got documented about transparent proxying. Please remember that the router is actually disconnected form the WAN.
Tell me if i am wrong: normally the client asks for a page, he is transparently iptables-redirected to a proxy and the proxy takes the page for him. The problem is that even before asking the page, he client tries to resolve the address, and if the router isn't able to resolve it (and he really can't, as he is off the WAN) the page request will not actually start. It's a DNS problem as far as i understand (actually not very far).

Post #6
eleon216
8 Oct 2007, 21:44

Hi,

maybe you should take a look at dnsmasq
from the manpage:

-A, --address=/<domain>/[domain/]<ipaddr>
    Specify an IP address to return for any host in the given domains. Queries in the domains are never forwarded and always replied to with the specified IP address which may be IPv4 or IPv6. To give both IPv4 and IPv6 addresses for a domain, use repeated -A flags. Note that /etc/hosts and DHCP leases override this for individual names. A common use of this is to redirect the entire doubleclick.net domain to some friendly local web server to avoid banner ads. The domain specification works in the same was as for --server, with the additional facility that /#/ matches any domain. Thus --address=/#/1.2.3.4 will always return 1.2.3.4 for any query not answered from /etc/hosts or DHCP and not sent to an upstream nameserver by a more specific --server directive.

Post #7
olivier
8 Oct 2007, 21:51

YOU ARE MY SAVIOR!
Rally: the documentation of dnsmasq was the first place i searched, but this one escaped to me! Thank you, i'm happy now.

Post #8
ScarEye
8 Oct 2007, 23:53

Cool,  Good information to know.

The discussion might have continued from here.