[Dnsmasq-discuss] Patch with option to filter A records

Sun Jun 13 20:01:34 UTC 2021

On Wed, Jun 09, 2021 at 02:13:34PM +0200, Trey Sis wrote:
> Dropping the patch file as attachment.

> From 57c7fcb0b3caccae7376f71ab1a9ae74f0e7f6d9 Mon Sep 17 00:00:00 2001
> From: treysis <treysis at gmx.net>
> Date: Sat, 5 Jun 2021 15:27:26 +0200
> Subject: [PATCH] Add option to filter A record requests
> 

[1]


> ---
>  src/dnsmasq.h |  3 ++-
>  src/option.c  |  3 +++
>  src/rfc1035.c | 11 +++++++++++
>  3 files changed, 16 insertions(+), 1 deletion(-)
> 
> diff --git a/src/dnsmasq.h b/src/dnsmasq.h
> index b27737b..2fec7d1 100644
> --- a/src/dnsmasq.h
> +++ b/src/dnsmasq.h
> @@ -272,7 +272,8 @@ struct event_desc {
>  #define OPT_LOG_DEBUG      62
>  #define OPT_UMBRELLA       63
>  #define OPT_UMBRELLA_DEVID 64
> -#define OPT_LAST           65
> +#define OPT_FILTER_A       65
> +#define OPT_LAST           66
>  
>  #define OPTION_BITS (sizeof(unsigned int)*8)
>  #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
> diff --git a/src/option.c b/src/option.c
> index cacfaa6..43dc3cb 100644
> --- a/src/option.c
> +++ b/src/option.c
> @@ -171,6 +171,7 @@ struct myoption {
>  #define LOPT_DYNHOST       362
>  #define LOPT_LOG_DEBUG     363
>  #define LOPT_UMBRELLA	   364
> +#define LOPT_FILTER_A      365
>   
>  #ifdef HAVE_GETOPT_LONG
>  static const struct option opts[] =  
> @@ -347,6 +348,7 @@ static const struct myoption opts[] =
>      { "dynamic-host", 1, 0, LOPT_DYNHOST },
>      { "log-debug", 0, 0, LOPT_LOG_DEBUG },
>  	{ "umbrella", 2, 0, LOPT_UMBRELLA },
> +    { "filter-a", 0, 0, LOPT_FILTER_A },
>      { NULL, 0, 0, 0 }
>    };
>  
> @@ -530,6 +532,7 @@ static struct {
>    { LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which packets to dump"), NULL },
>    { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call dhcp-script when lease expiry changes."), NULL },
>    { LOPT_UMBRELLA, ARG_ONE, "[=<optspec>]", gettext_noop("Send Cisco Umbrella identifiers including remote IP."), NULL },
> +  { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter all A requests."), NULL },
>    { 0, 0, NULL, NULL, NULL }
>  }; 
>  
> diff --git a/src/rfc1035.c b/src/rfc1035.c
> index 9bc5ef2..1043773 100644
> --- a/src/rfc1035.c
> +++ b/src/rfc1035.c
> @@ -1843,6 +1843,17 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
>  	    }
>  	}
>  
> +	/* filter A forwards */
> +	if (qtype == T_A && option_bool(OPT_FILTER_A))
> +	  {
> +	    /* return a null reply */
> +		ans = 1;
> +		if (!dryrun) 
> +		  log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL);
> +		break;
> +	  }
> +	/* end of filtering A */
> +
>        if (!ans)
>  	return 0; /* failed to answer a question */
>      }


/home/stappers/src/dnsmasq/.git/rebase-apply/patch:62: trailing whitespace.
                if (!dryrun)
warning: 1 line adds whitespace errors.


Regards
Geert Stappers

[1] actual commit message
-- 
Silence is hard to parse