OpenWrt Forum Archive

Topic: DNS can't resolve https request

The content of this topic has been archived on 26 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Hi all,

I have a router with last version of Barrier Breaker running lighttpd web server on an external USB ext4 memory. (ext root done).

I have done a redirect like this (https://forum.openwrt.org/viewtopic.php … 54#p128354) and all works ok.

/etc/config/firewall

(add this)

config redirect
        option src              lan
        option proto            tcp
        option src_ip           !192.168.3.1
        option src_dport        80
        option dest_ip          192.168.3.1
        option dest_port        80
config redirect
        option src              lan
        option proto            tcp
        option src_ip           !192.168.3.1
        option src_dport        443
        option dest_ip          192.168.3.1
        option dest_port        80

And in /etc/config/dhcp i just add "

list address        '/#/192.168.3.1'"

in dnsmasq config like this:

config dnsmasq
    option domainneeded '1'
    option boguspriv '1'
    option filterwin2k '0'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/lan/'
    option domain 'lan'
    option expandhosts '1'
    option nonegcache '0'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases'
    option resolvfile '/tmp/resolv.conf.auto'
    list address        '/#/192.168.3.1'

To catch 404 error page in lighttpd i add this line in the config file

server.error-handler-404    = "/redirect.html"

and create this file to redirect the 404 errors:

<html>
<head>
    <title>Benvenuto su my site Wi-Fi</title>
    <meta HTTP-EQUIV="refresh" CONTENT="0;url=http://192.168.3.1/" />
</head>
<body bgcolor="#0101DF" text="#DDDDDD">
</body>
</html>

Seems that all works:

www.somesite.com ----->>>>> 192.168.3.1
somesite.com/somefile.html -->>>>>192.168.3.1

But when i need to reach some https website DNS can't resolve the name!

https://facebook.com ------>>>> nothig

instead if i do: 8.8.8.8:443 ------------->>>> 192.168.3.1 (on port 80)

So the problem seems to be linked to DNS resolve system...
How can i solve this problem?
THanx!

(Last edited by <Lork> on 15 Mar 2014, 15:16)

NO one can help me? i'm getting mad with these DNS resolving problem...

Does not look related to your network config or setup. I guess its the browser doing special DNS treatment when accessing HTTPS resources. Capture the traffic with wireshark and see exactly what it does.

No, i've tried with all kind of browser: chrome, firefox, expelorer and android...same problem.
I think that is a problem related to dnsmasq resolving https!!! What can i try to do?

DNS is not resolved via HTTPS, in fact HTTPS has nothing to do with it.

And so show can you explain The problem? Is the same with all the browser ...it's frustrating

For my point of view it's a problem due to HTTPS secure connection that DNSMASQ can't resolve.

I bricked a router and i spent 5 hours on another this morning but i can't solve it out. Even using nodogsplash

Date and time are correct?

try install ssl support for uhttpd, and redirect https connection to router ssl.

The discussion might have continued from here.