Hello,
Need some assistance setting up dnsmasq to forward DNS requests through the tor network.
System:
x64 openSUSE 12.2
tor installed, is configured running as a service
dnsmasq installed, is configured running as a service
General Idea:
From the guides I’ve been reading, looking at this top-down sysconfig.network should be modified to point to dnsmasq instead of resolver, and dnsmasq should then point to TorDNS.
Building from the ground up,
these are the steps which have been taken…
Believe I have verified that TorDNS is running and available, with the service configured for port 9053, telnet to localhost:9053 does not return an error saying something like “Connection refused” which I would expect if no service responds - It simply times out saying that an IP address cannot be found for the name. If someone knows how to do an nslookup on a non-default port, that would be helpful.
dnsmasq.conf changes
Have configured /etc/dnsmasq.conf with the following essential changes(other recommended changes were also made but not relevant)
The following change is supposed to configure dnsmasq not to read resolv.conf for server information, forcing only what is in dnsmasq.conf
no-resolv
The following change is supposed to specify the address dnsmasq listens on. I configured both the IP address by itself(without specifying a port) and also specifying the port as follows
listen-address=127.0.0.1#9053
sysconfig changes
Although I edited the file manually earlier, I have been using the YAST sysconfig editor instead with same results, modifying the following
Network > General > DNS Forwarder (Change resolver to dnsmasq)
Although should not be necessary (I believe), I have also been running after every resolv.conf and various other changes
netconfig update
Result:
Unfortunately, anything I run that requires name resolution times out, with “server unreachable” error.
Running nslookup, I can see that by default I am querying 127.0.0.1 as my DNS server, but using ithe default port 53. I don’t know if this indicates a machine mis-configuration or is simply a shortcoming of the nslookup utility in this scenario.
Observation1:
Although my main objective is for dnsmasq to point directly to TorDNS, I noticed that dnsmasq.conf modifies resolv.conf, but only specifying the server IP address. Have been unable to make dnsmasq.conf also specify a non-default DNS port in resolver.conf.
Oberservation2:
An anomaly… It appears that /etc/resolver.conf is still being read. Regardless how the sysconfig editor specifies resolver or dnsmasq, I can edit or regenerate the resolver.config file, and the contents are what determines what works or not.
.
So, my problem likely is rooted in being unable to to enable dnsmasq using sysconfig despite the sysconfig forwarder entry.
Alternative workaround requested:
Although I would prefer to get sysconfig working properly, both for educational purposes and as a possible real workaround it would be nice to know if it’s possible to specify a non-default server port in resolv.conf.
TIA,
TSU