Binding to non-local IP addresses
Bruno Blanes
bruno.blanes at outlook.com
Thu Mar 21 18:31:34 UTC 2024
Hi folks,
I've seen a lot of home routers, mainly ZTE and D-Link, being attacked and having their LAN DNS changed to random servers with malicious intent. I am redirecting requests to those servers into my Unbound machine and I can see the requests flow through tcpdump, however I can't get Unbound to reply.
I've set ip-freebind, but I can only get Unbound to reply if I also set the address in an interface, but this isn't practical given that I'd have to know all malicious DNS on the web and maintain a list of them on my interfaces.
Have anyone done anything similar and got it working?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20240321/ea72e18d/attachment.htm>
More information about the Unbound-users
mailing list