Problems with `dig` and `host` under transparently torified user
Robert Ransom
rransom.8774 at gmail.com
Sun Sep 12 08:42:06 UTC 2010
On Sun, 12 Sep 2010 08:32:20 +0000
James Brown <jbrownfirst at gmail.com> wrote:
> I have a transparently torified user setting up as described there
> https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TransparentProxy
> When I run command `dig somedomainname mx` or `dig somedomainname ns` or
> `host -t mx somedomainname` , `host -t ns somedomainname` under that
> user I have the result that that "somedomainname' have no records in mx
> or ns. But it really have.
> I can receive only correct record "A" not records "ns" or "mx".
> Why?
Tor's DNSPort does not provide support for the full DNS standard.
You can try “dig +tcp @8.8.8.8 YOUR-QUERY-HERE” to retrieve the other
records. (I think the @SERVER option belongs before the query, but it
may belong at the end of the command line; run “dig --help” for
details.)
Are you really running Tor as root? It seems to me that those
instructions should be changed to have Tor run with DNSPort 9053 in a
Tor-only user account, and have iptables redirect DNS requests to port
9053.
Robert Ransom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20100912/e9390c6f/attachment.pgp>
More information about the tor-talk
mailing list