[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

transparent forced dns-'proxy' on Exit-Node - is it ok?


for reasons that are not relevant to the question, my tor-node 'cannot' function as an exit-node. However I was thinking that it would be possible for me, to use iptables to force-route all outgoing dns-requests from the tor-IP to my local dns-server, who would then make outgoing queries to it's upstream dns-servers etc. Since we have a fast server and plenty of bandwidth and reliable DNS (that do not much around with things), I think this ould be helpful (in a small way) for improving DNS-resolution on the tor-network. 
However I can see how some people could see this as a negative thing, because in cases where tor-users wanted to specifically talk with certain DNS-Servers, or wanted to use non-dns udp-traffic on port 53, which for some reason happened to look very much like dns-traffic, well, those people would be annoyed, because they'd keep getting potentially "wrong" answers, possibly in a way that they wouldn't be aware of right away.

Is there a policy on this? If not, I'd be interested in hearing opinions (with arguments) about whether you'd find this helpful or hurtful; or whether I should just forget about the idea.

Thanks and Regards

Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! 
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer