Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

firefox leak dns even set socks_remote_dns to true

  • 2 replies
  • 1 has this problem
  • 1 view
  • Last reply by 613038475

more options

Hello, I'm using firefox with a socks 5 proxy,

I set network.proxy.socks_remote_dns to true and can confirm the socks request send to proxy server is address is domain not ip resolved.

But when I use wireshark to capture dns packet, I still can see dns query of the domain firefox visited send direct.

Is firefox resolve domain twice with proxy and direct just like chrome?

Are there some settings to turn off this?

I test firefox version 24 and 27, both has the same problem, os is windows 7 64bit.

related problem:

https://support.mozilla.org/en-US/questions/928722

I asked another guy let him use wireshark to check dns leak, same result.

I also try set network.dns.disablePrefetch to true and network.prefetch-next to false, no effect.

I create a new profile and disable all addon and plugin, no effect.

some extend information

1. domain of https link wont leak

2. run test on www.dnsleaktest.com will leak www.dnsleaktest.com

692 6.879564000 192.168.8.188 8.8.8.8 DNS 79 Standard query 0x15ed A www.dnsleaktest.com

but wont leak it's subdomain like p3zwu0pq2s.dnsleaktest.com, 9irxt5n4mi.dnsleaktest.com, ...

Hello, I'm using firefox with a socks 5 proxy, I set network.proxy.socks_remote_dns to true and can confirm the socks request send to proxy server is address is domain not ip resolved. But when I use wireshark to capture dns packet, I still can see dns query of the domain firefox visited send direct. Is firefox resolve domain twice with proxy and direct just like chrome? Are there some settings to turn off this? I test firefox version 24 and 27, both has the same problem, os is windows 7 64bit. related problem: https://support.mozilla.org/en-US/questions/928722 I asked another guy let him use wireshark to check dns leak, same result. I also try set network.dns.disablePrefetch to true and network.prefetch-next to false, no effect. I create a new profile and disable all addon and plugin, no effect. some extend information 1. domain of https link wont leak 2. run test on www.dnsleaktest.com will leak www.dnsleaktest.com 692 6.879564000 192.168.8.188 8.8.8.8 DNS 79 Standard query 0x15ed A www.dnsleaktest.com but wont leak it's subdomain like p3zwu0pq2s.dnsleaktest.com, 9irxt5n4mi.dnsleaktest.com, ...

Modified by 613038475

All Replies (2)

more options
more options

Can you open a bug at bugzilla.mozilla.org? I can't create a new account on there. I guest this problem is cause by mozilla replace dns handle in firefox 13 let network.dns.disablePrefetch be an old option no take affect anymore. This is a serious security problem, please fix it as soon as possible.