[Dnsmasq-discuss] [PATCH 1/2] Add option to filter out A record requests
john doe
johndoe65534 at mail.com
Sat Jun 5 16:50:41 UTC 2021
On 6/5/2021 5:38 PM, Geert Stappers via Dnsmasq-discuss wrote:
> From: treysis <treysis at gmx.net>
>
> Intented for IPv6 only installations
> that have to deal with software that prefers IPv4 above IPv6.
> ---
> src/dnsmasq.h | 3 ++-
> src/option.c | 3 +++
> src/rfc1035.c | 11 +++++++++++
> 3 files changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/src/dnsmasq.h b/src/dnsmasq.h
> index 95dc8ae..7eae110 100644
> --- a/src/dnsmasq.h
> +++ b/src/dnsmasq.h
> @@ -272,7 +272,8 @@ struct event_desc {
> #define OPT_LOG_DEBUG 62
> #define OPT_UMBRELLA 63
> #define OPT_UMBRELLA_DEVID 64
> -#define OPT_LAST 65
> +#define OPT_FILTER_A 65
> +#define OPT_LAST 66
>
> #define OPTION_BITS (sizeof(unsigned int)*8)
> #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
> diff --git a/src/option.c b/src/option.c
> index 23cf058..a81aa1f 100644
> --- a/src/option.c
> +++ b/src/option.c
> @@ -171,6 +171,7 @@ struct myoption {
> #define LOPT_DYNHOST 362
> #define LOPT_LOG_DEBUG 363
> #define LOPT_UMBRELLA 364
> +#define LOPT_FILTER_A 365
>
> #ifdef HAVE_GETOPT_LONG
> static const struct option opts[] =
> @@ -347,6 +348,7 @@ static const struct myoption opts[] =
> { "dynamic-host", 1, 0, LOPT_DYNHOST },
> { "log-debug", 0, 0, LOPT_LOG_DEBUG },
> { "umbrella", 2, 0, LOPT_UMBRELLA },
> + { "filter-a", 0, 0, LOPT_FILTER_A },
> { NULL, 0, 0, 0 }
> };
>
> @@ -530,6 +532,7 @@ static struct {
> { LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which packets to dump"), NULL },
> { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call dhcp-script when lease expiry changes."), NULL },
> { LOPT_UMBRELLA, ARG_ONE, "[=<optspec>]", gettext_noop("Send Cisco Umbrella identifiers including remote IP."), NULL },
> + { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter all A requests."), NULL },
> { 0, 0, NULL, NULL, NULL }
> };
>
> diff --git a/src/rfc1035.c b/src/rfc1035.c
> index 5a961b8..a7f83f2 100644
> --- a/src/rfc1035.c
> +++ b/src/rfc1035.c
> @@ -1895,6 +1895,17 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
> }
> }
>
> + /* filter a forwards */
> + if (qtype == T_A && option_bool(OPT_FILTER_A))
> + {
> + /* return a null reply */
> + ans = 1;
> + if (!dryrun)
> + log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL);
> + break;
> + }
> + /* end of filtering a */
> +
> if (!ans)
> return 0; /* failed to answer a question */
> }
>
At "Geert Stappers", please don't modify/touch patch that are not yours,
this is bat practiss and undesirable/unwanted.
At "Trey Sis", can you confirm that your original patch applies cleanly
at the tip of the development branch?
Note that the maintainer of the project is "Simon Kelley" and "Geert
Stappers" is not affiliated in anyway with the project.
--
John Doe
More information about the Dnsmasq-discuss
mailing list