Posted: Thu Nov 25, 2010 20:55 Post subject: Flash Buffalo
I'm sorry. I wasn't very clear on that point. I was able to get it to revert using the Buffalo orignal firmware (1.72) found on this site. From there, I could do additional flashes, just not from DD-wrt. I always had to go back to the Buffalo firmware.
After reading this thread and doing some research, I think the solution to disable the --stop-dns-rebind option is heavy-handed.
From the DNSMasq man pages:
Reject (and log) addresses from upstream nameservers which are in the private IP ranges. This blocks an attack where a browser behind a firewall is used to probe machines on the local network.
Exempt 127.0.0.0/8 from rebinding checks. This address range is returned by realtime black hole servers, so blocking it may disable these services.
Do not detect and block dns-rebind on queries to these domains. The argument may be either a single domain, or multiple domains surrounded by '/', like the --server syntax, eg. --rebind-domain-ok=/domain1/domain2/domain3/
So the reason it is enabled by default in the first place is for security purposes. It appears that exceptions can be made very easily by adding "--rebind-localhost-ok" and "--rebind-domain-ok=<domain>" to the "Additional DNSMasq Options" box in the GUI, while maintaining recommended protection against the exploit described in the man page.
Sorry for digging up an old thread, but I am experiencing same difficulties as you are. I need dnsmasq to forward xxx.subdomain.example.com type requests to another DNS-server. Those hosts have privnet IP-addresses, so just adding line:
won't do the trick. I've tried to add also line:
and the same line without those slashes, but dnsmasq will not start if that line is added. I've also tried to start dnsmasq from commandline with command: