[Dnsmasq-discuss] [PATCH] fix bug of FORMERR

swigger swigger at gmail.com
Wed May 27 20:41:52 BST 2015


Signed-off-by: swigger <swigger at gmail.com>

First, sorry for my poor English, hope you can read it.

My openwrt router at 192.168.1.1 runs dnsmasq.
There are two DNS ips set automaticly by my ISP.

When resolving domain names, some times I get a FormErr.
This is unusual, so I dig this and find a bug.

When a request is sent to dnsmasq, it forwards to upper DNSs,
and then , if dns-a replys a ServFail, dnsmasq just forwards
to dns-b with value of byte 4(base index 1) is 0x82 (HB4_RA|ServFail).
However, for a normal request, this byte should be 0x00 .
My ISP's dns-b checks this field and replys a FormErr.

Here is a proof by tcpdump:
11:46:54.377146 IP 121.34.145.201.21657 > 202.96.134.133.53: 18075+ [b2&3=0x182] A? jp.swigger.net. (32)
        0x0000:  4500 003c f027 4000 4011 eeb7 7922 91c9  E..<.'@. at ...y"..
        0x0010:  ca60 8685 5499 0035 0028 fbbe 469b 0182  .`..T..5.(..F...
        0x0020:  0001 0000 0000 0000 026a 7007 7377 6967  .........jp.swig
        0x0030:  6765 7203 6e65 7400 0001 0001            ger.net.....
11:46:54.383814 IP 202.96.134.133.53 > 121.34.145.201.21657: 18075 FormErr 0/0/0 (32)
        0x0000:  4500 003c 0000 4000 3b11 e3df ca60 8685  E..<.. at .;....`..
        0x0010:  7922 91c9 0035 5499 0028 7bbf 469b 8181  y"...5T..({.F...
        0x0020:  0001 0000 0000 0000 026a 7007 7377 6967  .........jp.swig
        0x0030:  6765 7203 6e65 7400 0001 0001            ger.net.....


The solution is easy, just reset this field.

See the following patch.

---
 src/forward.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/forward.c b/src/forward.c
index 74e5ab6..5e14404 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -770,6 +770,7 @@ void reply_query(int fd, int family, time_t now)
 	  if ((nn = resize_packet(header, (size_t)n, pheader, plen)))
 	    {
 	      header->hb3 &= ~(HB3_QR | HB3_TC);
+	      header->hb4 &= ~(HB4_RA | HB4_RCODE);
 	      forward_query(-1, NULL, NULL, 0, header, nn, now, forward, 0, 0);
 	      return;
 	    }
-- 
2.1.4




More information about the Dnsmasq-discuss mailing list