Forward DNS request to my work's jump serverIs it possible to support SOCKS5 for certain hosts transparently?How to do DNS through a proxy in Firefox?How to use Firefox and other non-RFC1929 complaint programs with auth'ed SOCKS5? Local proxy chainer?Simple DNS or just redirection for few namesDNS over SSH TunnelResolving DNS lookup when using a proxy on a adhoc networkGateway Server Jump Bastion Host Local SetupDNS server mergingSelective DNS server usageCan OpenVPN (Linux) connect through a jump server?Who is making DNS lookups? My system/browser or my squid proxy/remote server?

What's the difference between soft PWM and PWM

How do I define this subset using mathematical notation?

Extract an attribute value from XML

Did the Shuttle's rudder or elevons operate when flown on its carrier 747?

What is the English equivalent of 干物女 (dried fish woman)?

How to make a niche out of an object

I quit, and boss offered me 3 month "grace period" where I could still come back

Why is dry soil hydrophobic? Bad gardener paradox

Why does the trade federation become so alarmed upon learning the ambassadors are Jedi Knights?

Does optical correction give a more aesthetic look to the SBI logo?

Can I capture stereo IQ signals from WebSDR?

Are lithium batteries allowed in the International Space Station?

Cubic programming and beyond?

Align by center of symbol

GPIO and Python - GPIO.output() not working

Alternatives to using writing paper for writing practice

How would someone destroy a black hole that’s at the centre of a planet?

Meaning of slash chord without anything left of the slash

Can I activate an iPhone without an Apple ID?

Does ability to impeach an expert witness on science or scholarship go too far?

Are there any double stars that I can actually see orbit each other?

What is the German equivalent of 干物女 (dried fish woman)?

What is this old "lemon-squeezer" shaped pan

How can we better understand multiplicative inverse modulo something?



Forward DNS request to my work's jump server


Is it possible to support SOCKS5 for certain hosts transparently?How to do DNS through a proxy in Firefox?How to use Firefox and other non-RFC1929 complaint programs with auth'ed SOCKS5? Local proxy chainer?Simple DNS or just redirection for few namesDNS over SSH TunnelResolving DNS lookup when using a proxy on a adhoc networkGateway Server Jump Bastion Host Local SetupDNS server mergingSelective DNS server usageCan OpenVPN (Linux) connect through a jump server?Who is making DNS lookups? My system/browser or my squid proxy/remote server?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








5















I have SSH access to a jump box on my work. This jump box gives access to the complete network infrastructure at work. This is great to work from home.



I am able to run a SOCKS5 proxy on the jump box (via ssh -D) and successfully managed to configure my browser to use that SOCKS5 proxy for work hosts (via https://getfoxyproxy.org). Foxyproxy seems to forward DNS requests to that SOCKS5 proxy, so all is working fine.



My problem is that other tools, such as Maven (for building Java), is able to use a SOCKS5 proxy, but unable to forward DNS over it, unfortunately. This is a known limitation, as far as I know. So I ended up adding my work servers to /etc/hosts.



I am looking for a more dynamic and definite solution, to remove the burden of having to maintain /etc/hosts. In essence, I would like to keep using my ISPs DNS server as of now, but I want to forward DNS requests for my work servers (and only for them) to that jump box (either via SSH or that SOCKS5 proxy).



Is that possible?






linux networking ssh dns proxy







share|improve this question
























  • It's certainly possible, look at /etc/resolv.conf, and find out which way your distro uses to set this up (systemd, ...). Then configure this service to use your jump box as DNS server.

    – dirkt
    Jul 6 at 6:24











  • Hi dirkt. Thank you, I will look at that. But please note, the question is not how to forward all DNS requests to the jum box, but only for hosts related to my work. So a DNS request for google.com, as an example, should still be handled by my ISP, and not my work.

    – Pritzl
    Jul 6 at 6:31











  • I saw the question title and came to say "dnsmasq!" but see you've already got that answer. Another option that I've used in the past, as I see what you want to do is simply to work from home, is to use tmux to maintain an active session and do all my work on the remote machine. Obviously the suitability of this depends on how beefy your remote machine is :-)

    – Aaron F
    Jul 6 at 14:54











  • @AaronF I thought about tmux, but did decide not to use it. I would rather do everything locally at home, instead in some session on some host at work. Thanks for the idea though!

    – Pritzl
    Jul 7 at 18:43


















5















I have SSH access to a jump box on my work. This jump box gives access to the complete network infrastructure at work. This is great to work from home.



I am able to run a SOCKS5 proxy on the jump box (via ssh -D) and successfully managed to configure my browser to use that SOCKS5 proxy for work hosts (via https://getfoxyproxy.org). Foxyproxy seems to forward DNS requests to that SOCKS5 proxy, so all is working fine.



My problem is that other tools, such as Maven (for building Java), is able to use a SOCKS5 proxy, but unable to forward DNS over it, unfortunately. This is a known limitation, as far as I know. So I ended up adding my work servers to /etc/hosts.



I am looking for a more dynamic and definite solution, to remove the burden of having to maintain /etc/hosts. In essence, I would like to keep using my ISPs DNS server as of now, but I want to forward DNS requests for my work servers (and only for them) to that jump box (either via SSH or that SOCKS5 proxy).



Is that possible?






linux networking ssh dns proxy







share|improve this question
























  • It's certainly possible, look at /etc/resolv.conf, and find out which way your distro uses to set this up (systemd, ...). Then configure this service to use your jump box as DNS server.

    – dirkt
    Jul 6 at 6:24











  • Hi dirkt. Thank you, I will look at that. But please note, the question is not how to forward all DNS requests to the jum box, but only for hosts related to my work. So a DNS request for google.com, as an example, should still be handled by my ISP, and not my work.

    – Pritzl
    Jul 6 at 6:31











  • I saw the question title and came to say "dnsmasq!" but see you've already got that answer. Another option that I've used in the past, as I see what you want to do is simply to work from home, is to use tmux to maintain an active session and do all my work on the remote machine. Obviously the suitability of this depends on how beefy your remote machine is :-)

    – Aaron F
    Jul 6 at 14:54











  • @AaronF I thought about tmux, but did decide not to use it. I would rather do everything locally at home, instead in some session on some host at work. Thanks for the idea though!

    – Pritzl
    Jul 7 at 18:43














5












5








5








I have SSH access to a jump box on my work. This jump box gives access to the complete network infrastructure at work. This is great to work from home.



I am able to run a SOCKS5 proxy on the jump box (via ssh -D) and successfully managed to configure my browser to use that SOCKS5 proxy for work hosts (via https://getfoxyproxy.org). Foxyproxy seems to forward DNS requests to that SOCKS5 proxy, so all is working fine.



My problem is that other tools, such as Maven (for building Java), is able to use a SOCKS5 proxy, but unable to forward DNS over it, unfortunately. This is a known limitation, as far as I know. So I ended up adding my work servers to /etc/hosts.



I am looking for a more dynamic and definite solution, to remove the burden of having to maintain /etc/hosts. In essence, I would like to keep using my ISPs DNS server as of now, but I want to forward DNS requests for my work servers (and only for them) to that jump box (either via SSH or that SOCKS5 proxy).



Is that possible?






linux networking ssh dns proxy







share|improve this question
















I have SSH access to a jump box on my work. This jump box gives access to the complete network infrastructure at work. This is great to work from home.



I am able to run a SOCKS5 proxy on the jump box (via ssh -D) and successfully managed to configure my browser to use that SOCKS5 proxy for work hosts (via https://getfoxyproxy.org). Foxyproxy seems to forward DNS requests to that SOCKS5 proxy, so all is working fine.



My problem is that other tools, such as Maven (for building Java), is able to use a SOCKS5 proxy, but unable to forward DNS over it, unfortunately. This is a known limitation, as far as I know. So I ended up adding my work servers to /etc/hosts.



I am looking for a more dynamic and definite solution, to remove the burden of having to maintain /etc/hosts. In essence, I would like to keep using my ISPs DNS server as of now, but I want to forward DNS requests for my work servers (and only for them) to that jump box (either via SSH or that SOCKS5 proxy).



Is that possible?






linux networking ssh dns proxy




linux networking ssh dns proxy






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jul 6 at 6:23







Pritzl

















asked Jul 6 at 6:17









PritzlPritzl

1108 bronze badges




1108 bronze badges












  • It's certainly possible, look at /etc/resolv.conf, and find out which way your distro uses to set this up (systemd, ...). Then configure this service to use your jump box as DNS server.

    – dirkt
    Jul 6 at 6:24











  • Hi dirkt. Thank you, I will look at that. But please note, the question is not how to forward all DNS requests to the jum box, but only for hosts related to my work. So a DNS request for google.com, as an example, should still be handled by my ISP, and not my work.

    – Pritzl
    Jul 6 at 6:31











  • I saw the question title and came to say "dnsmasq!" but see you've already got that answer. Another option that I've used in the past, as I see what you want to do is simply to work from home, is to use tmux to maintain an active session and do all my work on the remote machine. Obviously the suitability of this depends on how beefy your remote machine is :-)

    – Aaron F
    Jul 6 at 14:54











  • @AaronF I thought about tmux, but did decide not to use it. I would rather do everything locally at home, instead in some session on some host at work. Thanks for the idea though!

    – Pritzl
    Jul 7 at 18:43


















  • It's certainly possible, look at /etc/resolv.conf, and find out which way your distro uses to set this up (systemd, ...). Then configure this service to use your jump box as DNS server.

    – dirkt
    Jul 6 at 6:24











  • Hi dirkt. Thank you, I will look at that. But please note, the question is not how to forward all DNS requests to the jum box, but only for hosts related to my work. So a DNS request for google.com, as an example, should still be handled by my ISP, and not my work.

    – Pritzl
    Jul 6 at 6:31











  • I saw the question title and came to say "dnsmasq!" but see you've already got that answer. Another option that I've used in the past, as I see what you want to do is simply to work from home, is to use tmux to maintain an active session and do all my work on the remote machine. Obviously the suitability of this depends on how beefy your remote machine is :-)

    – Aaron F
    Jul 6 at 14:54











  • @AaronF I thought about tmux, but did decide not to use it. I would rather do everything locally at home, instead in some session on some host at work. Thanks for the idea though!

    – Pritzl
    Jul 7 at 18:43

















It's certainly possible, look at /etc/resolv.conf, and find out which way your distro uses to set this up (systemd, ...). Then configure this service to use your jump box as DNS server.

– dirkt
Jul 6 at 6:24





It's certainly possible, look at /etc/resolv.conf, and find out which way your distro uses to set this up (systemd, ...). Then configure this service to use your jump box as DNS server.

– dirkt
Jul 6 at 6:24













Hi dirkt. Thank you, I will look at that. But please note, the question is not how to forward all DNS requests to the jum box, but only for hosts related to my work. So a DNS request for google.com, as an example, should still be handled by my ISP, and not my work.

– Pritzl
Jul 6 at 6:31





Hi dirkt. Thank you, I will look at that. But please note, the question is not how to forward all DNS requests to the jum box, but only for hosts related to my work. So a DNS request for google.com, as an example, should still be handled by my ISP, and not my work.

– Pritzl
Jul 6 at 6:31













I saw the question title and came to say "dnsmasq!" but see you've already got that answer. Another option that I've used in the past, as I see what you want to do is simply to work from home, is to use tmux to maintain an active session and do all my work on the remote machine. Obviously the suitability of this depends on how beefy your remote machine is :-)

– Aaron F
Jul 6 at 14:54





I saw the question title and came to say "dnsmasq!" but see you've already got that answer. Another option that I've used in the past, as I see what you want to do is simply to work from home, is to use tmux to maintain an active session and do all my work on the remote machine. Obviously the suitability of this depends on how beefy your remote machine is :-)

– Aaron F
Jul 6 at 14:54













@AaronF I thought about tmux, but did decide not to use it. I would rather do everything locally at home, instead in some session on some host at work. Thanks for the idea though!

– Pritzl
Jul 7 at 18:43






@AaronF I thought about tmux, but did decide not to use it. I would rather do everything locally at home, instead in some session on some host at work. Thanks for the idea though!

– Pritzl
Jul 7 at 18:43











2 Answers
2






active

oldest

votes


















6














Partial answer:



You can't selectively forward DNS requests for specific hosts in general (like Foxyproxy can handle specific requests for specific hosts or paths).



The only thing you can do is to run a DNS proxy somewhere that would answer requests for specific hosts itself, or forward requests following specific patterns to specific servers.



One popular DNS proxy is dnsmasq. You can configure it to forward DNS requests to different servers based on a pattern.



So you'd have to run dnsmasq on your local machine, use it for DNS resolution on your local machine, and configure it to use both your ISP's DNS server and the jump host DNS server as upstream DNS servers. That will require a bit of fiddling to get the configuration right, in particular to make it pickup both a dynamically given DNS your server (from your ISP) and a statically given one.






share|improve this answer























  • I did not know dnsmasq, that looks like exactly what I need. This sounds exciting. Thank you dirkt.

    – Pritzl
    Jul 6 at 7:00


















0














That's exactly what sshuttle is made for




Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.







share|improve this answer



























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "3"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1456720%2fforward-dns-request-to-my-works-jump-server%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    6














    Partial answer:



    You can't selectively forward DNS requests for specific hosts in general (like Foxyproxy can handle specific requests for specific hosts or paths).



    The only thing you can do is to run a DNS proxy somewhere that would answer requests for specific hosts itself, or forward requests following specific patterns to specific servers.



    One popular DNS proxy is dnsmasq. You can configure it to forward DNS requests to different servers based on a pattern.



    So you'd have to run dnsmasq on your local machine, use it for DNS resolution on your local machine, and configure it to use both your ISP's DNS server and the jump host DNS server as upstream DNS servers. That will require a bit of fiddling to get the configuration right, in particular to make it pickup both a dynamically given DNS your server (from your ISP) and a statically given one.






    share|improve this answer























    • I did not know dnsmasq, that looks like exactly what I need. This sounds exciting. Thank you dirkt.

      – Pritzl
      Jul 6 at 7:00















    6














    Partial answer:



    You can't selectively forward DNS requests for specific hosts in general (like Foxyproxy can handle specific requests for specific hosts or paths).



    The only thing you can do is to run a DNS proxy somewhere that would answer requests for specific hosts itself, or forward requests following specific patterns to specific servers.



    One popular DNS proxy is dnsmasq. You can configure it to forward DNS requests to different servers based on a pattern.



    So you'd have to run dnsmasq on your local machine, use it for DNS resolution on your local machine, and configure it to use both your ISP's DNS server and the jump host DNS server as upstream DNS servers. That will require a bit of fiddling to get the configuration right, in particular to make it pickup both a dynamically given DNS your server (from your ISP) and a statically given one.






    share|improve this answer























    • I did not know dnsmasq, that looks like exactly what I need. This sounds exciting. Thank you dirkt.

      – Pritzl
      Jul 6 at 7:00













    6












    6








    6







    Partial answer:



    You can't selectively forward DNS requests for specific hosts in general (like Foxyproxy can handle specific requests for specific hosts or paths).



    The only thing you can do is to run a DNS proxy somewhere that would answer requests for specific hosts itself, or forward requests following specific patterns to specific servers.



    One popular DNS proxy is dnsmasq. You can configure it to forward DNS requests to different servers based on a pattern.



    So you'd have to run dnsmasq on your local machine, use it for DNS resolution on your local machine, and configure it to use both your ISP's DNS server and the jump host DNS server as upstream DNS servers. That will require a bit of fiddling to get the configuration right, in particular to make it pickup both a dynamically given DNS your server (from your ISP) and a statically given one.






    share|improve this answer













    Partial answer:



    You can't selectively forward DNS requests for specific hosts in general (like Foxyproxy can handle specific requests for specific hosts or paths).



    The only thing you can do is to run a DNS proxy somewhere that would answer requests for specific hosts itself, or forward requests following specific patterns to specific servers.



    One popular DNS proxy is dnsmasq. You can configure it to forward DNS requests to different servers based on a pattern.



    So you'd have to run dnsmasq on your local machine, use it for DNS resolution on your local machine, and configure it to use both your ISP's DNS server and the jump host DNS server as upstream DNS servers. That will require a bit of fiddling to get the configuration right, in particular to make it pickup both a dynamically given DNS your server (from your ISP) and a statically given one.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Jul 6 at 6:49









    dirktdirkt

    10.8k3 gold badges17 silver badges26 bronze badges




    10.8k3 gold badges17 silver badges26 bronze badges












    • I did not know dnsmasq, that looks like exactly what I need. This sounds exciting. Thank you dirkt.

      – Pritzl
      Jul 6 at 7:00

















    • I did not know dnsmasq, that looks like exactly what I need. This sounds exciting. Thank you dirkt.

      – Pritzl
      Jul 6 at 7:00
















    I did not know dnsmasq, that looks like exactly what I need. This sounds exciting. Thank you dirkt.

    – Pritzl
    Jul 6 at 7:00





    I did not know dnsmasq, that looks like exactly what I need. This sounds exciting. Thank you dirkt.

    – Pritzl
    Jul 6 at 7:00













    0














    That's exactly what sshuttle is made for




    Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.







    share|improve this answer





























      0














      That's exactly what sshuttle is made for




      Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.







      share|improve this answer



























        0












        0








        0







        That's exactly what sshuttle is made for




        Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.







        share|improve this answer















        That's exactly what sshuttle is made for




        Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.








        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Jul 10 at 9:26

























        answered Jul 9 at 20:41









        piecpiec

        5103 silver badges6 bronze badges




        5103 silver badges6 bronze badges



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1456720%2fforward-dns-request-to-my-works-jump-server%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -