Securifi Community Forum
Securifi Products => Almond+ => Topic started by: sgfgator on September 12, 2016, 06:08:09 pm
-
I currently use a Qnap 451+ which has Plex server installed. Everything was working great for about 9 months and now I am unable to connect to the plex server anymore. I can connect to the Qnap ok but not when trying to connect to Plex. It seems as though the Almond+ router may be preventing the connection since the Almond+'s system logs state the following:
Sep 12 16:42:34 AlmondPlus daemon.warn dnsmasq[29875]: possible DNS-rebind attack detected: 10-10-10-152.8d99e7276bf843e4bdbe8ceafb1a5903.plex.direct
Sep 12 16:42:34 AlmondPlus daemon.warn dnsmasq[29875]: possible DNS-rebind attack detected: 10-10-10-82.8d99e7276bf843e4bdbe8ceafb1a5903.plex.direct
Sep 12 16:42:34 AlmondPlus daemon.warn dnsmasq[29875]: possible DNS-rebind attack detected: 10-0-3-1.8d99e7276bf843e4bdbe8ceafb1a5903.plex.direct
Sep 12 16:42:34 AlmondPlus daemon.warn dnsmasq[29875]: possible DNS-rebind attack detected: 10-0-3-1.8d99e7276bf843e4bdbe8ceafb1a5903.plex.direct
Sep 12 16:43:59 AlmondPlus daemon.warn dnsmasq[29875]: possible DNS-rebind attack detected: 10-10-10-82.8d99e7276bf843e4bdbe8ceafb1a5903.plex.direct
Sep 12 16:43:59 AlmondPlus daemon.warn dnsmasq[29875]: possible DNS-rebind attack detected: 10-10-10-152.8d99e7276bf843e4bdbe8ceafb1a5903.plex.direct
Sep 12 16:43:59 AlmondPlus daemon.warn dnsmasq[29875]: possible DNS-rebind attack detected: 10-0-3-1.8d99e7276bf843e4bdbe8ceafb1a5903.plex.direct
Has anyone else come across this issue or know how to fix it? :(
-
I can't imagine you've gone this long without Plex and have figured out some sort of workaround, but just in case you're still dead in the water (or as others come across this post) you may want to check out the following KB article from Plex: https://support.plex.tv/hc/en-us/articles/206225077-How-to-Use-Secure-Server-Connections. Scroll all the way to the bottom of the page where it starts talking about DNS rebinding. I don't currently have my A+ hooked up so I can't make a recommendation as to the best configuration to use, but hopefully it gives you an idea of what needs to be done in order to get Plex working again.
-
A little more poking at this and I think I've figured out at least one method of allowing the Plex domain to bypass rebind protection. You'll need to ssh into the A+ for most of these steps so I've outlined the same process twice below, one for seasoned veterans and another for command line newcomers. Hopefully both are helpful.
[If you're comfortable with the command line and vi]
- edit /etc/config/dhcp
- - add the following line to the end of the 'config 'dnsmasq'' section:
option 'rebind_domain' '/plex.direct/'
- Save and close the config file. Restart dnsmasq (or the entire router).
- You may also want to restart the Plex service/server, wherever it may be running, if you want to nudge connections along.
[If you're not familiar with the command line and vi]
- Grab a program like putty (Windows) or open Terminal (Mac)
- SSH to the IP of your router (SSH may need to be enabled/configured via the A+ webUI first)
- Once connected, type the following:
vi /etc/config/dhcp
- Press the 'i' key (to enter edit mode)
- Move the cursor to the end of the last line in the 'config 'dnsmasq'' section and press enter/return (basically create a new line).
- Type the following on your shiny new line:
option 'rebind_domain' '/plex.direct/'
- Press Ctrl+C to exit editing mode.
- Then type :x to save changes and close.
- Restart your A+ and your Plex server.
-
Hope someone sees this message. I recently got a Tivo and set up Plex Server and I'm unable to connect directly from the Tivo. When I make the config change the router doesn't allow any connections out to the internet. Below is a screenshot of how I entered the line in Putty. Hoping someone will have a solution. I'm using an Almond + SW Ver: AP2-R090-L009-W016-ZB005
https://goo.gl/photos/ZtTt94EoEw5DXnqk7
Update: I screwed with it some more today and I can get internet with that line in there. But Plex will still not connect directly.
-
Anyone else still experiencing this issue?
I recently started noticing this on my home network (don't recall having the issue in the past).
I followed Ensign_Redshirts instructions, and also double checked on the OpenWRT wiki, but it seems like my Almond+ isn't honoring that setting.
I still see hits in Syslog warning about X.plex.direct dns rebind attacks.
Any ideas?
A little more poking at this and I think I've figured out at least one method of allowing the Plex domain to bypass rebind protection. You'll need to ssh into the A+ for most of these steps so I've outlined the same process twice below, one for seasoned veterans and another for command line newcomers. Hopefully both are helpful.
[If you're comfortable with the command line and vi]
- edit /etc/config/dhcp
- - add the following line to the end of the 'config 'dnsmasq'' section:
option 'rebind_domain' '/plex.direct/'
- Save and close the config file. Restart dnsmasq (or the entire router).
- You may also want to restart the Plex service/server, wherever it may be running, if you want to nudge connections along.
[If you're not familiar with the command line and vi]
- Grab a program like putty (Windows) or open Terminal (Mac)
- SSH to the IP of your router (SSH may need to be enabled/configured via the A+ webUI first)
- Once connected, type the following:
vi /etc/config/dhcp
- Press the 'i' key (to enter edit mode)
- Move the cursor to the end of the last line in the 'config 'dnsmasq'' section and press enter/return (basically create a new line).
- Type the following on your shiny new line:
option 'rebind_domain' '/plex.direct/'
- Press Ctrl+C to exit editing mode.
- Then type :x to save changes and close.
- Restart your A+ and your Plex server.
-
Were you able to get this working?