diff options
author | rofl0r <rofl0r@users.noreply.github.com> | 2021-01-08 19:59:50 +0300 |
---|---|---|
committer | rofl0r <rofl0r@users.noreply.github.com> | 2021-01-08 20:36:05 +0300 |
commit | 596f0028cb1d27e33beef7d77bc90144f7dd215f (patch) | |
tree | cccab5eddfd6aabdadfb289e44b70e092f465ea6 | |
parent | fa9644dc27ed040fb4abbd49b264caf51eb52cbb (diff) |
proxychains.conf: fix localnet documentation
localnet with hostnames/DNS is not compatible with remote dns - if remote dns
is activated we get an ip from the remote dns resolver in the connect() call,
so we don't know whether the destination would match any localnet - except
from the ANY localnet 0.0.0.0 - in which case we would need to do a real DNS
lookup with the remote DNS ip involving both the rdns resolver to get the
original hostname back and then call the native DNS resolver function - for
which there is only getaddrinfo() when we don't want to support the 5
different gethostbyname_r() variants in existence, or using getaddrinfo(),
which in turn requires memory allocation/free() - in other words a huge mess.
we also can't easily check in the resolver whether an ANY-destination localnet
is enabled and the port matches, because the resolver might only resolve the
hostname at this stage, but not the destination port.
addressing #358
-rw-r--r-- | src/proxychains.conf | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/proxychains.conf b/src/proxychains.conf index 52c0986..dc66400 100644 --- a/src/proxychains.conf +++ b/src/proxychains.conf @@ -94,6 +94,9 @@ tcp_connect_time_out 8000 ### Examples for localnet exclusion ## localnet ranges will *not* use a proxy to connect. +## note that localnet works only when plain IPv4 addresses are passed to the app, +## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used. + ## Exclude connections to 192.168.1.0/24 with port 80 # localnet 192.168.1.0:80/255.255.255.0 |