From 596f0028cb1d27e33beef7d77bc90144f7dd215f Mon Sep 17 00:00:00 2001 From: rofl0r Date: Fri, 8 Jan 2021 16:59:50 +0000 Subject: [PATCH] proxychains.conf: fix localnet documentation localnet with hostnames/DNS is not compatible with remote dns - if remote dns is activated we get an ip from the remote dns resolver in the connect() call, so we don't know whether the destination would match any localnet - except from the ANY localnet 0.0.0.0 - in which case we would need to do a real DNS lookup with the remote DNS ip involving both the rdns resolver to get the original hostname back and then call the native DNS resolver function - for which there is only getaddrinfo() when we don't want to support the 5 different gethostbyname_r() variants in existence, or using getaddrinfo(), which in turn requires memory allocation/free() - in other words a huge mess. we also can't easily check in the resolver whether an ANY-destination localnet is enabled and the port matches, because the resolver might only resolve the hostname at this stage, but not the destination port. addressing #358 --- src/proxychains.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/proxychains.conf b/src/proxychains.conf index 52c0986..dc66400 100644 --- a/src/proxychains.conf +++ b/src/proxychains.conf @@ -94,6 +94,9 @@ tcp_connect_time_out 8000 ### Examples for localnet exclusion ## localnet ranges will *not* use a proxy to connect. +## note that localnet works only when plain IPv4 addresses are passed to the app, +## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used. + ## Exclude connections to 192.168.1.0/24 with port 80 # localnet 192.168.1.0:80/255.255.255.0