DNS Rebind Attack - IP used

junicast · January 29, 2022, 09:09:32 PM

Hi,

I run an OPNsense device virtualized on proxmox and I try to connect to it via IPv6 address. When I do it shows the following message.

Code Select

Warning: array_pop() expects parameter 1 to be array, null given in /usr/local/etc/inc/authgui.inc on line 74

A potential DNS Rebind attack has been detected.
Try to access the router by IP address instead of by hostname. You can disable this check if needed under System: Settings: Administration.

As I'm accessing the device by IP I wonder what this is about.

tiermutter · January 29, 2022, 10:48:25 PM

Same here.
Connection to global LAN address is working, but gives me the php error.
Connection to ULA LAN address shows the rebind attack warning and also the php error.

I also noticed that it is no longer possible to connect to VPN server from LAN using the global WAN address.

debitux · February 10, 2022, 01:02:24 PM

Same for me. I had to manually disable the DNS rebind check in config.xml and reboot to regain webaccess to my OPNsense after upgrade.

Fright · February 10, 2022, 01:37:23 PM

seems fixed in 130ef3a
https://github.com/opnsense/core/commit/130ef3a6e73b7c211c8f9deec2401117e2245496

DNS Rebind Attack - IP used

junicast

January 29, 2022, 09:09:32 PM

tiermutter

January 29, 2022, 10:48:25 PM #1

debitux

February 10, 2022, 01:02:24 PM #2

Fright

February 10, 2022, 01:37:23 PM #3