ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0019481ClearOSapp-wpadpublic2018-03-27 05:172018-03-29 10:49
ReporterNickH 
Assigned To 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionopen 
PlatformOSOS Version
Product Version7.4.0 
Target VersionFixed in Version 
Summary0019481: When the WPAD DNS setting is updated, the hosts file is written to but dnsmasq is not restarted; other hosts issue
DescriptionIn the WPAD app, if the DNS setting is enabled, the hosts file is added to but dnsmasq is not restarted so the changes don't take effect.

The same thing happens if you disable the setting.

BTW I am concerned at the effect of this setting as it sets the FQDN to resolve to each interface IP address in the hosts file, but in reality it only returns the the first one listed e.g. it is generating a hosts file for me:
172.17.2.5 wpad.test-7x.howitts.test
172.22.22.1 wpad.test-7x.howitts.test
172.17.222.1 wpad.test-7x.howitts.test

from a LAN machine 172.22.22.x, "nslookup wpad.test-7x.howitts.test" returns 172.17.2.5 but that is the WAN interface. If 172.17.2.5 were a HotLAN no communication to it from the LAN would be allowed and the WPAD process would fail.
In order for this to work correctly, you also need the "localise-queries" parameter in dnsmasq.conf (or run separate instances of dnsmasq per interface and use host-record= entries in each interface configuration - yuck).
TagsNo tags attached.
Attached Files

- Relationships
related to 0019581closedbchambers Open source wpad app 

-  Notes
(0007271)
NickH (developer)
2018-03-29 03:00

Sleepless night here and eureka moment.
I've just realised that the record written to the hosts file is incorrect for the DNS method but is necessary for the way the DHCP method has been implemented. For the DNS method, the record should be for wpad.howitts.test and not wpad.test-7x.howitts.test, i.e. should be for wpad.domain.com and not wpad.server.domain.com.

Unfortunately this still breaks the WPAD server which seems to be looking specifically for http://wpad.test-7x.howitts.test/wpad.dat [^] and serving it out of /var/clearos/wpad/wpad.dat. If you create a symlink /var/www/html/wpad.dat pointing to /var/clearos/wpad/wpad.dat then the DNS method works.

Again, just documenting for posterity.
(0007331)
bchambers (administrator)
2018-03-29 10:48

Won't fix for now...see tracker 19581

- Issue History
Date Modified Username Field Change
2018-03-27 05:17 NickH New Issue
2018-03-29 03:00 NickH Note Added: 0007271
2018-03-29 10:45 bchambers Relationship added related to 0019581
2018-03-29 10:48 bchambers Note Added: 0007331
2018-03-29 10:49 bchambers Status new => closed

SYSTEM WARNING: 'file_get_contents(): SSL: Connection reset by peer' in '/var/www/virtual/newwrapper/cf_footer.inc' line 7

SYSTEM WARNING: 'file_get_contents(): Failed to enable crypto' in '/var/www/virtual/newwrapper/cf_footer.inc' line 7

SYSTEM WARNING: 'file_get_contents(https://www.clearos.com/?rendertype=json&get=footer): failed to open stream: operation failed' in '/var/www/virtual/newwrapper/cf_footer.inc' line 7