SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0001173: DNS lookups are not showing SRV records for underscore entries - MantisBT
MantisBT - Endian Firewall
View Issue Details
0001173Endian FirewallApplication Level Proxiespublic2008-07-28 18:462009-10-27 12:02
kfason 
peter-endian 
normalmajoralways
closedfixed 
2.2-rc1 
2.32.3 
0001173: DNS lookups are not showing SRV records for underscore entries
If you do a nslookup from a client for say '_sip._tls.microsoft.com" it returns nothing found, but if you use a specific DNS server such as 4.2.2.2 it resolves it correctly. This causes havoc for MS Communicator and possibly other AD items that lookup underscore DNS entries.

DNSMasq was 2.38 and latest is 2.43 I believe.
nslookup -type=all _sip._tls.microsoft.com
Server: EFW.my.domain.com
Address: 172.20.0.254

*** No all records (ANY) records available for _sip._tls.microsoft.com

---

nslookup -type=all _sip._tls.microsoft.com 4.2.2.2
Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

Non-authoritative answer:
_sip._tls.microsoft.com SRV service location:
          priority = 0
          weight = 0
          port = 443
          svr hostname = sip.microsoft.com
No tags attached.
Issue History
2008-07-28 18:46kfasonNew Issue
2008-08-09 06:08kfasonNote Added: 0001513
2008-08-09 06:23kfasonNote Added: 0001514
2008-08-11 08:57peter-endianStatusnew => acknowledged
2008-08-11 08:57peter-endianTarget Version => 2.2
2008-09-10 15:41chris-endianTarget Version2.2 => 2.3
2008-10-10 14:03peter-endianStatusacknowledged => new
2008-10-10 14:03peter-endianAssigned To => peter-endian
2008-10-21 14:57peter-endianNote Added: 0001733
2008-10-21 14:57peter-endianStatusnew => resolved
2008-10-21 14:57peter-endianFixed in Version => 2.3
2008-10-21 14:57peter-endianResolutionopen => fixed
2009-10-27 12:02peter-endianStatusresolved => closed

Notes
(0001513)
kfason   
2008-08-09 06:08   
Found the problem. in you have option filterwin2k enabled. It needs to be commented out for SRV records to resolve correctly. This affects not just Microsoft Communicator in my original ticket portion but also many SIP products use SRV records.

# Uncomment this to filter useless windows-originated DNS requests
# which can trigger dial-on-demand links needlessly.
# Note that (amongst other things) this blocks all SRV requests,
# so don't use it if you use eg Kerberos.
# This option only affects forwarding, SRV records originating for
# dnsmasq (via srv-host= lines) are not suppressed by it.
#filterwin2k
(0001514)
kfason   
2008-08-09 06:23   
forgot path.

/etc/dnsmasq.conf.tmpl I believe.
(0001733)
peter-endian   
2008-10-21 14:57   
i changed this to be default in 2.3