dnscap icon indicating copy to clipboard operation
dnscap copied to clipboard
verified publisher icon DNS-OARC

In anonymization plugins, specify addresses that should not be anonymized or modified

Open wessels opened this issue 3 years ago • 3 comments

In anonymization plugins, determining client vs server by port can lead to unanonymized packets.

For example, this code:

        if (only_clients && sport == dns_port) {
            from = 0;
            break;
        }

means that if only_clients is set (-c option) and a query comes from source port 53, the source IP address will not be anonymized.

wessels avatar Jan 13 '23 22:01 wessels

Hmm, yeah that's not good.

Does it make sense to change this so that if both ports are dns_port then both addresses gets anonymized? Or should it break and report a fatal error?

jelu avatar Jan 20 '23 13:01 jelu

My preferences would be:

  1. Provide a way to specify addresses that should not be anonymized or modified. This would have to be a list. For an authoritative name server we would specify the server's addresses here. This might be a significant amount of code change.
  2. If both ports are dns_port then both addresses get anonymized.
  3. Existing behavior, but with a warning or error. A command line option should specify if the condition is fatal and causes the program to exit.

wessels avatar Jan 20 '23 22:01 wessels

I'm skipping warning/fatal, think it's more important to not leak addresses so the fix will be released soon and the list option can be implemented later.

jelu avatar Jan 23 '23 09:01 jelu