On 2018/11/13 10:15, Andrew wrote: > On 11/13/18 11:08, Stuart Henderson wrote: > > On 2018-11-11, Andrew <and...@quickstick.net> wrote: > > > ~: doas pfctl -t cidr_typo -T add 1.2.3.4*5 > > > 1 table created. > > > 1/1 addresses added. > > > > This would normally fail right here. > > > > > ~: doas pfctl -t cidr_typo -T show > > > 127.0.0.1 > > > > I think your name resolver may be giving out 127.0.0.1 as an address > > in response to a query for "1.2.3.4*5". Test with dig(1) / host(1) / > > "getent hosts 1.2.3.4*5". > > Great insight Stuart !!! unbound on my patched 6.3 gateway is returning: > > > getent hosts 1.2.3.4*5 > 127.0.0.1 1.2.3.4*5 > ::1 1.2.3.4*5 > > Both laptops use the gateway as a name resolver. > > Hope that helps !!!
It doesn't happen with a standard unbound setup, so this is either something non-standard in your unbound config, or you are forwarding and it's something non-standard in your upstream resolver.
