From: SourceForge.net <no...@so...> - 2009-05-19 18:19:10
|
Feature Requests item #2700306, was opened at 2009-03-21 13:02 Message generated for change (Comment added) made by fabiankeil You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=361118&aid=2700306&group_id=11118 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Unix integration Group: version 3.0 >Status: Pending Resolution: None Priority: 5 Private: No Submitted By: macias (me-macias) Assigned to: Fabian Keil (fabiankeil) Summary: detect DNS changes Initial Comment: The problem: I switch connection from time to time which means changing /etc/resolv.conf which means changing DNS. However after change, privoxy is unaware of the change and reports for all possible addresses that this or that address is unavailable. Of course it is not true, because except for privoxy, entire system (browsers, mail clients, etc.) can access internet without any problem. So as workaround I need to restart privoxy after each switch of connection (modem, router, etc.). I suspect this is actually a bug, but since I am not sure --> a wish. Thank you for very useful program! ---------------------------------------------------------------------- >Comment By: Fabian Keil (fabiankeil) Date: 2009-05-19 18:19 Message: We don't provide such a list because it depends on factors like the operating system. Maybe we should mention that in the FAQ, though. Obviously Privoxy needs access to it's config file and all the files and directory referenced therein, additionally you might need various libraries and it's usually a good idea to have the files localtime, resolv.conf and hosts in the chroot's etc directory, but depending on the setup you might not need them. Making Privoxy's own files accessible should be easy, but the rest is a bit of trial and error. ---------------------------------------------------------------------- Comment By: macias (me-macias) Date: 2009-05-17 11:59 Message: Fabian, thank you very much -- so for chroot, could you please give me some link where it is described what files are needed before privoxy is chrooted? Or list them? I searched manual, but there is no such list mentioned there. The only bit of information I found is this: https://www.subspacefield.org/~travis/chrooting_daemons.html privoxy is mentioned at the bottom. ---------------------------------------------------------------------- Comment By: Fabian Keil (fabiankeil) Date: 2009-05-16 16:49 Message: Removing the --chroot option will probably work around the problem (at least it did for the other OpenSuse user), but populating the chroot directory correctly should fix the problem, too. ---------------------------------------------------------------------- Comment By: macias (me-macias) Date: 2009-05-16 07:40 Message: Thank you for great explanation Fabian! There is still one thing that is not working even with new option added -- normally I don't have connection when privoxy is starting (during boot time), so after I log in I have to restart privoxy manually. So in this case I should remove chroot and pre-chroot as well, right? Filter problem appeared to be another flaw of the opensuse package, already reported. ---------------------------------------------------------------------- Comment By: Fabian Keil (fabiankeil) Date: 2009-05-15 19:52 Message: The OpenSuse package should either populate the chroot directory correctly, or remove the --chroot option. Please update the bug report you filed at novel.com accordingly. The cause of your DNS problem is that the chroot directory lacks files the libc resolver needs to work properly. The --pre-chroot-nslookup option lets Privoxy access these files before entering the chroot directory, while it still can. This makes populating the chroot directory easier (as less files have to be moved into it). You can replace example.org with any domain you like, as long as it results in a DNS request. Anyway, your filter problem indicates that other files are missing, too, and those really have to be moved into the chroot directory if the --chroot option is used. ---------------------------------------------------------------------- Comment By: macias (me-macias) Date: 2009-05-15 17:50 Message: Thank you! Indeed the other bug looks like mine in 100%, I added --pre-chroot-nslookup example.org to the rc.d script of privoxy and it took only one restart (so it was started with this option added), I reconnected twice, and privoxy still worked. Despite reading man I am not sure what "example.org" :-) has to do with it, I just guess this option tries to track down this site and remembers some real DNS addresses. This would mean that developers of opensuse should add this option as default one in the script, right? The other report (with regexp) is not changed though, still no filtering occurs (but still privoxy sees www.google.pl as site good for filtering). Thank you once again! Closing as worksforme then? ---------------------------------------------------------------------- Comment By: Fabian Keil (fabiankeil) Date: 2009-05-15 17:07 Message: I'm sorry, but it just occurred to me that it is more likely that you are running into: https://sourceforge.net/tracker/index.php?func=detail&aid=2734671&group_id=11118&atid=211118 in which case the libc would be innocent. As a matter of fact, this would also explain your other problem report: https://sourceforge.net/tracker/index.php?func=detail&aid=2783703&group_id=11118&atid=211118 ---------------------------------------------------------------------- Comment By: macias (me-macias) Date: 2009-05-15 16:15 Message: Posted: https://bugzilla.novell.com/show_bug.cgi?id=504332 ---------------------------------------------------------------------- Comment By: macias (me-macias) Date: 2009-05-15 16:01 Message: Yes, listen-address 127.0.0.1:8118. I am not convinced, because the only program that shows problems is privoxy, and after restarting privoxy everything works fine again. But ok, I will report it for opensuse and point out this report. ---------------------------------------------------------------------- Comment By: Fabian Keil (fabiankeil) Date: 2009-05-15 15:23 Message: Is Privoxy listening on 127.0.0.1? Because if it is, the hostname should be resolved without involving your DNS server and the message "Error: Unable to get my own hostname" would be another indication that there's something wrong with your libc (provided it worked before the DNS server was changed). ---------------------------------------------------------------------- Comment By: macias (me-macias) Date: 2009-05-14 15:32 Message: I cannot see anything interesting in those logs -- privoxy log just states: May 14 17:15:21.653 Privoxy(7f04a4908950) Header: New HTTP Request-Line: GET / HTTP/1.1 May 14 17:15:21.653 Privoxy(7f04a4908950) Request: www.ietf.org/ May 14 17:15:21.653 Privoxy(7f04a4908950) Connect: to www.ietf.org May 14 17:15:41.669 Privoxy(7f04a4908950) Error: could not resolve hostname www.ietf.org May 14 17:15:51.678 Privoxy(7f04a4908950) Error: Unable to get my own hostname: Success And wireshark I see 4 request for www.ietf.org with destination (where the packet was sent, right?) 192.168.1.1 which is address from previous connection. The current connection (as I monitored the traffic) DNS addresses are different. So it tells us basically what I wrote before -- privoxy starts, reads system configuration and rely only on that. It ignores switching connections (and thus change of DNSs). Maybe on DNS failure it could check if the connection was change? Or maybe add itself to a system-wide queue of "connection change" event, if such thing exists. ---------------------------------------------------------------------- Comment By: Fabian Keil (fabiankeil) Date: 2009-03-25 19:23 Message: You could use tcpdump or wireshark to monitor the DNS traffic while reproducing the problem. Additionally you might want to increase Privoxy's debug level to see if there are any hints in the log. ---------------------------------------------------------------------- Comment By: macias (me-macias) Date: 2009-03-22 21:19 Message: > What operating system do you use? Opensuse 11.1. > What is the exact error message? " No such domain Your request for http://google.pl/ could not be fulfilled, because the domain name google.pl could not be resolved. This is often a temporary failure, so you might just try again. " Of course google.pl was just the test. > Privoxy simply uses the operating system's libc to > resolve DNS names to IP addresses. It has no knowledge > about your DNS settings because it doesn't need to. > > Therefore I think the problem is in your libc. There is such possibility of course, but... KMail, Kftpgrabber, Opera, FF, Konqueror, amule, lynx, you name it have no problem to connect to the internet after connection switch, the only program unable to see DNS addresses changed is privoxy. Of course this is not a proof of anything, I just say what I see. Is there any command at system level which could show what system "knows"? So this could help tracing where the problem begins -- inside system or privoxy. ---------------------------------------------------------------------- Comment By: Fabian Keil (fabiankeil) Date: 2009-03-21 17:33 Message: What operating system do you use? What is the exact error message? Privoxy simply uses the operating system's libc to resolve DNS names to IP addresses. It has no knowledge about your DNS settings because it doesn't need to. Therefore I think the problem is in your libc. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=361118&aid=2700306&group_id=11118 |