Closed bonuzzz closed 1 year ago
@bonuzzz Can you please help me understand how is it different from setting resolver_set
to none
?
It's not the same, because rules don't affect on subdomains there. But just noticed my script doesn't affect too.
The problem now is I want to use dnsmasq.ipset resolver, I have to use dnsmasq as primary dns server, otherwise dnsmasq doesn't received any requests from clients and ipset list doesn't populated. I tried to solve it with nslookup or dig to send request through dnsmasq speсially. But I forgot about subdomains.
Right, so to confirm you want pbr
to populate ipsets just line dnsmasq
does?
Yes. When I use adguardhome as upstream dns server, it has router's ip as source of requests. This is main problem, which I want to solve.
Right, so to confirm you want
pbr
to populate ipsets just linednsmasq
does?
Yeah, that's not something I would consider for pbr
.
If you can convince AdGuardHome people to populate ipsets or nft sets, given a specific file similar to dnsmasq, I can consider implementing support for AGH in the resolver_set
option.
I'm going to close this as won't fix
.
Like this one? https://github.com/AdguardTeam/AdGuardHome/commit/88812f05f56438151e70856250b1db6de62eaef6
And found another parameter in documentation
ipset_file (since v0.107.13): Same as ipset, but the rules are read from a file. If this property is set, property ipset is ignored.
Yes, that's a great discovery, exactly like that.
I can look into if you can provide a sample of working configuration -- the main yaml config file and the ipset_file.
UPDATE: please either change the subject to: "[wish] support adguardhome.ipset as resolver_set
option" and reopen this when AGH 107.13 has been backported to 22.03 or open a new issue with the subject above when this happens and you can provide working yaml files.
I have adguardhome as primary dns server, so dnsmasq doesn't populate ipset list, because it doesn't receive dns requests front clients. To populate ipset I have script, but probably pbr would have internal method to do it.
5553 is port of dnsmasq