[GH-ISSUE #297] merge rebinding protection and block plugin #130

New issue

Closed

opened 2026-03-04 01:35:02 +03:00 by kerem · 2 comments

kerem commented 2026-03-04 01:35:02 +03:00

Owner

Copy link

Originally created by @lts-rad on GitHub (Mar 13, 2024).
Original GitHub issue: https://github.com/spr-networks/super/issues/297

Originally assigned to: @lts-rad on GitHub.

right now an override does not allow an ip under rebinding protection to be permitted. this is not intuitive behavior.

to fix this, the rebinding plugin will be merged into the block plugin.

old behavior:

• domain override says yes
• rebinding happens next. does not know about override, blocks domain

new behavior:

• ui to enable/disable rebinding check under dns settings
• when a permit override happens, the rebinding check will not happen.

Originally created by @lts-rad on GitHub (Mar 13, 2024). Original GitHub issue: https://github.com/spr-networks/super/issues/297 Originally assigned to: @lts-rad on GitHub. right now an override does not allow an ip under rebinding protection to be permitted. this is not intuitive behavior. to fix this, the rebinding plugin will be merged into the block plugin. old behavior: - domain override says yes - rebinding happens next. does not know about override, blocks domain new behavior: - ui to enable/disable rebinding check under dns settings - when a permit override happens, the rebinding check will not happen.

kerem 2026-03-04 01:35:02 +03:00

• closed this issue
• added the
  bug
  enhancement
  labels

kerem commented 2026-03-04 01:35:03 +03:00

Author

Owner

Copy link

@lts-rad commented on GitHub (Mar 13, 2024):

another pain point is the https://coredns.io/plugins/cache/ plugin versus block.

right now it will cache with NXDOMAIN.

looking at the docs, https://coredns.io/plugins/cache/

there is an option to not cache SERVFAIL. but we return NXDOMAIN instead so cant leverage it. doesnt seem like any straight fordard way to evict from cache. one option is to fork the cache plugin and use our own fork for this purpose, and then try to merge the changes upstream.

<!-- gh-comment-id:1995459887 --> @lts-rad commented on GitHub (Mar 13, 2024): another pain point is the https://coredns.io/plugins/cache/ plugin versus block. right now it will cache with NXDOMAIN. looking at the docs, https://coredns.io/plugins/cache/ there is an option to not cache SERVFAIL. but we return NXDOMAIN instead so cant leverage it. doesnt seem like any straight fordard way to evict from cache. one option is to fork the cache plugin and use our own fork for this purpose, and then try to merge the changes upstream.

kerem commented 2026-03-04 01:35:03 +03:00

Author

Owner

Copy link

@lts-rad commented on GitHub (Mar 13, 2024):

this is now in the dev branch

<!-- gh-comment-id:1995909178 --> @lts-rad commented on GitHub (Mar 13, 2024): this is now in the dev branch

kerem referenced this issue 2026-03-04 01:36:21 +03:00

[PR #130] [MERGED] update GitHub Actions #337

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dev

wifi7_support

experimental

dyn_test

dev-android-ui

dns-graph

dev-apns

v1.0.28

clearfog-v1.0.28

v1.0.27

clearfog-v1.0.27

v1.0.26

clearfog-v1.0.26

v1.0.25

clearfog-v1.0.25

clearfog-v1.0.24

v1.0.24

v1.0.23

clearfog-v1.0.23

v1.0.22

clearfog-v1.0.22

v1.0.21

clearfog-v1.0.21

v1.0.20

clearfog-v1.0.20

v1.0.19

clearfog-v1.0.19

v1.0.18

clearfog-v1.0.18

clearfog-v1.0.17

v1.0.17

v1.0.15

clearfog-v1.0.15

v1.0.14

clearfog-v1.0.14

v1.0.13

clearfog-v1.0.13

v1.0.12

clearfog-v1.0.12

clearfog-v1.0.11

v1.0.11

clearfog-v1.0.10

v1.0.10

v1.0.9

clearfog-v1.0.9

v1.0.8

clearfog-v1.0.8

clearfog-v1.0.7

v1.0.7

v1.0.6

clearfog-v1.0.6

clearfog-v1.0.5

v1.0.5

ios-v1.0.4

v1.0.4

clearfog-v1.0.4

clearfog-v1.0.3

v1.0.3

v1.0.2

clearfog-v1.0.2

clearfog-v1.0.1

v1.0.1

v1.0.0-dev

clearfog-v1.0.0

v1.0.0

ios-v0.3.24

clearfog-v0.3.24

v0.3.24

clearfog-v0.3.23

v0.3.23

v0.3.22

clearfog-v0.3.22

clearfog-v0.3.21

v0.3.21

v0.3.20

clearfog-v0.3.20

v0.3.19

clearfog-v0.3.19

v0.3.18

clearfog-v0.3.18

clearfog-v0.3.17

v0.3.17

clearfog-v0.3.16

v0.3.16

v0.3.15

clearfog-v0.3.15

ios-v0.3.14

v0.3.14

clearfog-v0.3.14

clearfog-v0.3.13

v0.3.13

ios-v0.3.12

v0.3.12

clearfog-v0.3.12

ios-v0.3.11

clearfog-v0.3.11

v0.3.11

clearfog-v0.3.10

v0.3.10

v0.3.9

clearfog-v0.3.9

v0.3.8

clearfog-v0.3.8

clearfog-v0.3.7

v0.3.7

clearfog-v0.3.6

v0.3.6

clearfog-v0.3.5

v0.3.5

clearfog-v0.3.4

v0.3.4

v0.3.3

clearfog-v0.3.3

v0.3.2

clearfog-v0.3.2

v0.3.1

clearfog-v0.3.1

v0.3.0

clearfog-v0.3.0

clearfog-v0.2.28

v0.2.28

v0.2.27

clearfog-v0.2.27

clearfog-v0.2.26

v0.2.26

v0.2.25

clearfog-v0.2.25

v0.2.24

clearfog-v0.2.24

v0.2.23

clearfog-v0.2.23

v0.2.22

clearfog-v0.2.22

clearfog-v0.2.21

v0.2.21

v0.2.20

clearfog-v0.2.20

v0.2.19

clearfog-v0.2.19

v0.2.18

clearfog-v0.2.18

v0.2.17

v0.2.16

clearfog-v0.2.16

clearfog-v0.2.15

v0.2.15

v0.2.14

clearfog-v0.2.14

clearfog-v0.2.13

v0.2.13

clearfog-v0.2.12

v0.2.12

v0.2.11

clearfog-v0.2.11

v0.2.10

clearfog-v0.2.9

v0.2.9

clearfog-v0.2.8

v0.2.8

clearfog-v0.2.7

v0.2.7

v0.2.6

clearfog-v0.2.6

v0.2.5

v0.2.4

clearfog-v0.2.4

v0.2.3

clearfog-v0.2.3

v0.2.2

clearfog-v0.2.2

v0.2.1

clearfog-v0.2.1

v0.2.0

clearfog-v0.2.0

v0.1.33

clearfog-v0.1.33

v0.1.32

clearfog-v0.1.32

v0.1.31

clearfog-v0.1.31

v0.1.30

clearfog-v0.1.30

v0.1.29

clearfog-v0.1.29

clearfog-v0.1.28

v0.1.28

clearfog-v0.1.27

v0.1.27

v0.1.26

clearfog-v0.1.26

v0.1.25

clearfog-v0.1.25

v0.1.25-beta.6

v0.1.25-beta.5

v0.1.25-beta.4

v0.1.25-beta.3

v0.1.25-beta.2

v0.1.25-beta.1

v0.1.25-beta.0

v0.1.24

clearfog-v0.1.23

v0.1.23

clearfog-v0.1.22

v0.1.22

v0.1.21

clearfog-v0.1.21

v0.1.21-beta.1

v0.1.21-beta.0

v0.1.20

clearfog-v0.1.19

v0.1.19

clearfog-v0.1.18

v0.1.18

v0.1.17

clearfog-v0.1.17

clearfog-v0.1.16

v0.1.16-beta.3

v0.1.16-beta.2

v0.1.16-beta.1

v0.1.16-beta.0

v0.1.15

clearfog-v0.1.15

v0.1.14

v0.1.14-beta.0

v0.1.13

v0.1.12

v0.1.12-beta.7

v0.1.12-beta.6

v0.1.12-beta.5

v0.1.12-beta.4

v0.1.12-beta.3

v0.1.12-beta.2

v0.1.12-beta.1

v0.1.12-beta.0

v0.1.11

v0.1.11-beta.3

v0.1.11-beta.2

v0.1.11-beta.1

v0.1.11-beta.0

v0.1.10

v0.1.10-beta.0

v0.1.9

v0.1.9-beta.0

v0.1.8

v0.1.8-beta.0

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.4-beta.15

v0.1.4-beta.14

v0.1.4-beta.13

v0.1.4-beta.12

v0.1.4-beta.11

v0.1.4-beta.10

v0.1.4-beta.9

v0.1.4-beta.8

v0.1.4-beta.7

v0.1.4-beta.6

v0.1.4-beta.5

v0.1.4-beta.4

v0.1.4-beta.3

v0.1.4-beta.2

v0.1.4-beta.1

v0.1.4-beta.0

v0.1.3

v0.1.3-beta.2

v0.1.3-beta.1

v0.1.3-beta.0

v0.1.2

v0.1.2-beta.2

v0.1.2-beta.1

v0.1.2-beta.0

v0.1.1

v0.1.1-beta.26

v0.1.1-beta.25

v0.1.1-beta.24

v0.1.1-beta.23

v0.1.1-beta.22

v0.1.1-beta.21

v0.1.1-beta.20

v0.1.1-beta.19

v0.1.1-beta.18

v0.1.1-beta.17

v0.1.1-beta.16

v0.1.1-beta.15

v0.1.1-beta.14

v0.1.1-beta.13

v0.1.1-beta.12

v0.1.1-beta.11

v0.1.1-beta.10

v0.1.1-beta.9

v0.1.1-beta.8

v0.1.1-beta.7

v0.1.1-beta.6

v0.1.1-beta.5

v0.1.1-beta.4

v0.1.1-beta.3

v0.1.1-beta.2

v0.1.1-beta.1

v0.1.1-beta.0

v0.01-beta-pi-september-fixes

v0.01-beta-pi-september

v0.01-beta-pi-2

v0.01-beta-pi

Labels

Clear labels   

blocked

  

bug

  

documentation

  

enhancement

  

fixed

  

fixed ✅

  

hardening

  

implemented

  

installer

  

multicast

  

p1

  

p2

  

pending

  

podman

  

pull-request

Mirrored from GitHub Pull Request

  

security

  

testing

  

v1

No labels

blocked

bug

documentation

enhancement

fixed

fixed ✅

hardening

implemented

installer

multicast

p1

p2

pending

podman

pull-request

security

testing

v1

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/super#130

No description provided.