Interesting DNS Forwarding Problem

[Kevin Darcy]

If the PC is running only a "stub resolver", then it doesn't care what TTL is
in the response, and it's only going to use the nameservers that it is
hard-coded to use. You can't change that remotely (short of spoofing some
OS-specific configuration protocol, of course).

I'm not clear what you're trying to accomplish, but it certainly seems clear
that you're doing this the *WRONG* way. There are things called HTTP proxies
that take care of this function (and some of them can even operate
transparently). You shouldn't be doing evil stuff like spoofing DNS replies and
ICMP packets when there's already a well-understood, mature technology for
achieving the same result. Go back to the drawing board.


- Kevin

Monir wrote:

> What do I need to send a PC if I wanted the following to happen:
>
> 1. The PC tries to lookup the ip address of www.yahoo.com by sending a DNS
> request.
> 2. I intercept that request by sending a "fake" DNS reply to point to my own
> webserver before the request actually reaches the DNS server.
> 3. After some operations have been run I want the PC to send a NEW DNS
> request so that it could actually go to www.yahoo.com (I am trying to avoid
> proxying multiple IP addresses)
>
> The first two steps have already been implemented. The main problem I am
> facing is getting the PC to stop sending information using that "fake IP
> address" that I set up for it in the DNS reply and to actually query my real
> DNS server.
>
> I have tried to send it "ICMP Net Unreachable" messages but it still insists
> on sending information to the wrong IP address. I also set the TTL in the
> DNS reply to 0.
>
> Thanks,
> Monir Abdalla
> SSI Embedded Systems Programming