-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: dnsmasq Version: 2.40-1 Severity: important
dnsmasq's filterwin2k option suppresses *all* SRV queries. These aren't only used by Windows to find domain controllers - they're increasingly commonly used for, for instance, SIP and XMPP. For instance, connecting to Google Talk correctly requires either making a successful SRV lookup, or explicitly specifying the server's real hostname. Since this is all meant to work automatically, and in the absence of indiscriminate SRV blocking it *does* work, we'd prefer to be able to relegate the server hostname to some sort of "advanced options" rather than forcing users to care about it. See also: https://dev.openwrt.org/ticket/2566 Because dnsmasq is also used on consumer embedded hardware where it's hard or impossible to reconfigure, and in openwrt (which hasn't had a release since the ticket above was fixed), this is likely to haunt us for quite some time. Our suggested fix would be to define exactly which requests are "useless" and filter more specifically for those - perhaps checking specifically for the service that Windows periodically looks up. Regards, Simon telepathy.freedesktop.org - -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (101, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages dnsmasq depends on: ii adduser 3.105 add and remove users and groups ii libc6 2.7-6 GNU C Library: Shared libraries ii libdbus-1-3 1.1.2-2 simple interprocess messaging syst ii netbase 4.30 Basic TCP/IP networking system dnsmasq recommends no packages. - -- no debconf information -----BEGIN PGP SIGNATURE----- iD8DBQFHqamrWSc8zVUw7HYRArQHAJ4xLpgeD0Y7lI/a4lNzVwQXXc8xMACfZLYA I6T1aOS6fmNQZpGDwT3Vi1U= =4hON -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
