ULX

Author Topic: DNSMASQ, anyone?  (Read 908 times)

0 Members and 1 Guest are viewing this topic.

Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 7998
  • Karma: 375
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
DNSMASQ, anyone?
« on: November 04, 2018, 07:07:44 PM »
Hello fellow netizens. I have a question needing an experienced reply, and additionally, suggestions of potential (easy) work-arounds if my theory is correct.
I use a server application.
For examples below, let's say mainsite.com is the primary commercial site of the application.
And, tracking.com is the domain used to feed analytics and other tracking data, including subdomains such as 1.tracking.com, 2.tracking.com, etc...

Though I pay for this application, it attempts to track my, and my users who access, usage of the server.

Previously, I could block this tracking by blocking the tracking.com domain and subs by using this in my dnsmasq file.
address=/tracking.com/0.0.0.0

Now, though the tracking.com domain still exists, the server app devs, apparently realizing they weren't getting all the greedy data they wanted, now use an xml file hosted on mainsite.com with a list of ip addresses.
Instead of the server app checking in at tracking.com that used to have a rotating nslookup IP list, which would get blocked, it goes to mainsite.com/getlist.php, is returned the xml, and the app itself then calls out/checks in/shares data with any one of the IP addresses listed in the xml results.

All NSlookups of the XML file IP addresses come back as somesub.tracking.com, but I can of course still ping the IP, therefore meaning the server app can still contact them too.

Is there anyway to have dnsmasq block that functionality?
I can't block mainsite.com, as other server functions are necessary for it.
I can't block the entire IP range of the tracking.com, as they are a virtual server provider running far more than just this server app.

I may post this at another forum, perhaps dslreports.com Networking or similar, but wanted to start here first.
« Last Edit: November 04, 2018, 07:09:38 PM by JamminR »
The price one pays for pursuing any profession or calling is an intimate knowledge of its ugly side. - James Baldwin

Offline Megiddo

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 6207
  • Karma: 394
  • Project Lead
Re: DNSMASQ, anyone?
« Reply #1 on: January 03, 2019, 02:50:39 PM »
Is the list of IPs fairly static? You can null-route it using
Code: [Select]
route add. You should be able to add 1.2.3.4/32 (your 'bad' IP) to route through 10.0.0.1 (or whatever non-existent IP you need).
Experiencing God's grace one day at a time.

Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 7998
  • Karma: 375
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
Re: DNSMASQ, anyone?
« Reply #2 on: January 03, 2019, 08:24:07 PM »
Nope  :-\
They use a virtual hosting provider.  Spin up more ips than a witch has warts
The price one pays for pursuing any profession or calling is an intimate knowledge of its ugly side. - James Baldwin