Quoting Hendrik Boom (hend...@topoi.pooq.com): > On Sat, Oct 13, 2018 at 11:52:34PM -0700, Rick Moen wrote: > > > > If you look in /etc/resolv.conf, you'll see one or more 'nameserver' > > lines. Mine on my server is like this: > > > > $ cat /etc/resolv.conf > > search linuxmafia.com deirdre.org unixmercenary.net > > nameserver 127.0.0.1 > > nameserver 198.144.192.2 > > nameserver 198.144.192.4 > > #nameserver 198.144.195.186 > > $ > > > > (If you are getting your IP address using DHCP, you are extremely likely > > to be getting passed nameserver IP addresses with your IP address lease, > > resulting in the DHCP client software overwriting /etc/resolv.conf with, > > among other things, 'nameserver nnn.nnn.nnn.nnn' information. > > Is there any practical way of suppressing this overwriting?
Yes, absolutely. (Not a complaint, but there was recent discussion of that matter on Dng.) Write-up here: http://linuxmafia.com/faq/Network_Other/resolvconf.html (Note, in particular, item #3, 'Tweaking Your DHCP Client's Operation without Resolvconf.' > Or is it essential for the usual coffee-shop mode? Is the > coffee-shop's DNS service is how my http: requests are hijacked to give > me an advertising and agree-to-not-show-nudity page without which they > cut me off? {sigh} This is where things _sometimes_ become a little complex. Many coffee-shop (and hotel, and similar) wifi networks rely on something called a 'captive portal' to direct and force users to visit a specific Web page immediately and either prove entitlement/payment or formally consent to terms of service or both. In the cases I have in mind, the WAP sends a DHCP lease with nameserver IP information that it requests the client overwrite to /etc/resolv.conf . The initial purpose of that nameserver is to categorically resolve any FQDN to the portal Web site IP, pending customer authentication. If you are travelling with a laptop and, say, object to /etc/resolv.conf being overwritten every time there's a DHCP lease and take steps to prevent that happening (as detailed in my write-up), you would silently fail to reach the hotel (etc.) sign-in Web site and wonder why you're neither seeing it nor any other remote destination, until you figure it out and say to yourself 'Oh, right, I need to use _their_ cursed and peculiar nameserver for the first two minutes so I can enter my Marriott Rewards number, then I can switch back to nameservers I prefer.' > And whih causes my browser to cut me off if it's https:? I'm guessing: A nosy company that with a gateway designed to deny privacy? _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
