Macbook becomes open resolver

[mdavids]

I configured (on OSX):

listen = [ "127.0.0.1:53", "[::1]:53",

To listen on both 0.0.0.0:53 and [::]:53, use the following line

# ":53",

]

I then ran it and got a firewall warning which I accepted, but which also raised some suspicion.

So, I checked with

lsof -i ":53"

To my surprise doh-client is listening to 0.0.0.0:53 and [::]:53 and has therefore become an open resolver when I am on an unprotected network (such as the one where I am right now).

Am I missing something here?

[m13253]

Hello,

Thank you for your bug report.

I have the same configuration as you on macOS. But I can't reproduce your problem.

Do you use my packaged launchd scripts or other methods to start dns-over-https? Would you please double check whether your configuration is located at /usr/local/etc/dns-over-https/doh-client.conf?

[mdavids]

Hi,

Yes, I use it just like that, with the right configuration file (according to a 'ps -ef').

I saw this (with lsof -i ":53"):

doh-clien 16274 root 3u IPv4 0xa1da5fd24928be3 0t0 TCP localhost:domain (LISTEN) doh-clien 16274 root 4u IPv4 0xa1da5fd0a8076eb 0t0 UDP *:domain

I have just unloaded and loaded it with:

launchctl [un] load /Library/LaunchDaemons/doh-client.plist

Now I get this:

doh-clien 55099 root 3u IPv4 0xa1da5fd2492821b 0t0 TCP localhost:domain (LISTEN) doh-clien 55099 root 4u IPv4 0xa1da5fd0a7e9113 0t0 UDP localhost:domain

So, after a reload it looks okay (again). Weird... It was also a bit weird that suddenly the firewall alert popped up. I did't expect it, because usually that happens right after starting a program, and the doh-client was running for days already.

So, this is a bit unclear to me. I will keep an eye on this and report if this happens again, ok?

[m13253]

Thank you for your reply.

So, this is a bit clear to me. I will keep an eye on this and report if this happens again, ok?

That's OK. Please let me know if the bug happens again.

[m13253]

Assuming the problem is fixed. Please reopen if it occurs again.