LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-16-2015, 04:20 PM   #1
netpumber
Member
 
Registered: Sep 2007
Location: In My Box
Distribution: Arch Linux
Posts: 423

Rep: Reputation: 33
monitor/sniff DNS queries through DNSCrypt and DNSmasq


Hello.

I just installed DNSCrypt and DNSmasq on my linux machine. I checked if its works with command
Code:
dig google.com
which returns
Code:
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Nov 17 00:03:43 EET 2015
;; MSG SIZE  rcvd: 135
As you can see DNS server is the localhost with dnsmasq sending data to DNScrypt and then to the selected DNS server.

So i would like to create a script that will check (every now and then) if the DNS of the system remains 127.0.0.1 and didn't has changed. The first think i thought is to use tcpdump, but if i type as root
Code:
tcpdump -vvv -s 0 -l -n port 53
and create some internet traffic nothing is being recorded.

Any idea on why tcpdump doesn't return anything or another way to check if the DNS for queries that is used is the 127.0.0.1 ?

Thank you.
 
Old 11-17-2015, 09:48 AM   #2
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,748
Blog Entries: 11

Rep: Reputation: 233Reputation: 233Reputation: 233
I bet you will always have 127.0.0.1 as your dns server. Just cause you set it up to be. Judging that you have dnsmasq installed localy and configured /etc/resolv.conf to use it.

Not so deep into tcpdump options but i miss the interface option. Nother reason for nothing beeing recorded might be that the dns names were allready resolved. Did you try a real new address? Or restart dnsmasq so it clears it cache?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
DNSMASQ just partly replays DNS queries sisyphos Linux - Networking 1 10-19-2015 01:21 AM
Where can I look to see where dnsmasq is logging queries? Thaidog Arch 3 01-18-2015 12:37 AM
Managed DNS server lists and dnsmasq DNS cache nitrousoxide82 Linux - Networking 1 02-21-2014 10:34 PM
LXer: DNSCrypt, crypt your DNS request on Linux LXer Syndicated Linux News 0 07-10-2012 03:21 AM
DNSMASQ: Forward queries with no domain senorsnor Linux - Networking 1 10-30-2006 04:57 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration