QA:Testcase DNS-over-SSL

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(Created page with "{{QA/Test_Case |description=This test case cover DNS-over-SSL when standard DNS port 53 is blocked. |setup= Block DNS queries except to localhost to simulate restricted networ...")
 
 
Line 9: Line 9:
  
 
{{command|iptables -A OUTPUT -p udp --dport 53 -j REJECT --reject-with icmp-admin-prohibited}}
 
{{command|iptables -A OUTPUT -p udp --dport 53 -j REJECT --reject-with icmp-admin-prohibited}}
 +
 +
Right-click on dnssec-trigger applet and select "reprobe"
 +
 
|actions=
 
|actions=
 
# Run: {{command|dig @127.0.0.1 fedoraproject.org SOA +dnssec}}
 
# Run: {{command|dig @127.0.0.1 fedoraproject.org SOA +dnssec}}

Latest revision as of 14:23, 12 December 2012

Contents

Description

This test case cover DNS-over-SSL when standard DNS port 53 is blocked.

Setup

Block DNS queries except to localhost to simulate restricted network environment.

iptables -A OUTPUT -o lo -j ACCEPT

iptables -A OUTPUT -p tcp --dport 53 -j REJECT --reject-with icmp-admin-prohibited

iptables -A OUTPUT -p udp --dport 53 -j REJECT --reject-with icmp-admin-prohibited

Right-click on dnssec-trigger applet and select "reprobe"

How to test

  1. Run: dig @127.0.0.1 fedoraproject.org SOA +dnssec
  2. Browse web, open your favorite webpages.

Expected Results

  1. You should get output containing "ANSWER SECTION" without any error.
  2. Web should work flawlessly.