[Dnsmasq-discuss] Patch with option to filter A records

Sun Jun 13 23:43:24 UTC 2021

On 6/13/2021 22:01, Geert Stappers via Dnsmasq-discuss wrote:
> On Wed, Jun 09, 2021 at 02:13:34PM +0200, Trey Sis wrote:
>> Dropping the patch file as attachment.
>>  From 57c7fcb0b3caccae7376f71ab1a9ae74f0e7f6d9 Mon Sep 17 00:00:00 2001
>> From: treysis <treysis at gmx.net>
>> Date: Sat, 5 Jun 2021 15:27:26 +0200
>> Subject: [PATCH] Add option to filter A record requests
>>
> [1]
>
>
>> ---
>>   src/dnsmasq.h |  3 ++-
>>   src/option.c  |  3 +++
>>   src/rfc1035.c | 11 +++++++++++
>>   3 files changed, 16 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/dnsmasq.h b/src/dnsmasq.h
>> index b27737b..2fec7d1 100644
>> --- a/src/dnsmasq.h
>> +++ b/src/dnsmasq.h
>> @@ -272,7 +272,8 @@ struct event_desc {
>>   #define OPT_LOG_DEBUG      62
>>   #define OPT_UMBRELLA       63
>>   #define OPT_UMBRELLA_DEVID 64
>> -#define OPT_LAST           65
>> +#define OPT_FILTER_A       65
>> +#define OPT_LAST           66
>>
>>   #define OPTION_BITS (sizeof(unsigned int)*8)
>>   #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
>> diff --git a/src/option.c b/src/option.c
>> index cacfaa6..43dc3cb 100644
>> --- a/src/option.c
>> +++ b/src/option.c
>> @@ -171,6 +171,7 @@ struct myoption {
>>   #define LOPT_DYNHOST       362
>>   #define LOPT_LOG_DEBUG     363
>>   #define LOPT_UMBRELLA	   364
>> +#define LOPT_FILTER_A      365
>>
>>   #ifdef HAVE_GETOPT_LONG
>>   static const struct option opts[] =
>> @@ -347,6 +348,7 @@ static const struct myoption opts[] =
>>       { "dynamic-host", 1, 0, LOPT_DYNHOST },
>>       { "log-debug", 0, 0, LOPT_LOG_DEBUG },
>>   	{ "umbrella", 2, 0, LOPT_UMBRELLA },
>> +    { "filter-a", 0, 0, LOPT_FILTER_A },
>>       { NULL, 0, 0, 0 }
>>     };
>>
>> @@ -530,6 +532,7 @@ static struct {
>>     { LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which packets to dump"), NULL },
>>     { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call dhcp-script when lease expiry changes."), NULL },
>>     { LOPT_UMBRELLA, ARG_ONE, "[=<optspec>]", gettext_noop("Send Cisco Umbrella identifiers including remote IP."), NULL },
>> +  { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter all A requests."), NULL },
>>     { 0, 0, NULL, NULL, NULL }
>>   };
>>
>> diff --git a/src/rfc1035.c b/src/rfc1035.c
>> index 9bc5ef2..1043773 100644
>> --- a/src/rfc1035.c
>> +++ b/src/rfc1035.c
>> @@ -1843,6 +1843,17 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
>>   	    }
>>   	}
>>
>> +	/* filter A forwards */
>> +	if (qtype == T_A && option_bool(OPT_FILTER_A))
>> +	  {
>> +	    /* return a null reply */
>> +		ans = 1;
>> +		if (!dryrun)
>> +		  log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL);
>> +		break;
>> +	  }
>> +	/* end of filtering A */
>> +
>>         if (!ans)
>>   	return 0; /* failed to answer a question */
>>       }
>
>
> /home/stappers/src/dnsmasq/.git/rebase-apply/patch:62: trailing whitespace.
>                  if (!dryrun)
> warning: 1 line adds whitespace errors.

My bad! Fixed. Find the new patch attached to this message.


-------------- next part --------------
From 4bc2e8f05bbaa87f66984f646caf289be4b3df65 Mon Sep 17 00:00:00 2001
From: treysis <treysis at gmx.net>
Date: Sat, 5 Jun 2021 15:27:26 +0200
Subject: [PATCH] Add option to filter A record requests

---
 src/dnsmasq.h |  3 ++-
 src/option.c  |  3 +++
 src/rfc1035.c | 11 +++++++++++
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index b27737b..2fec7d1 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -272,7 +272,8 @@ struct event_desc {
 #define OPT_LOG_DEBUG      62
 #define OPT_UMBRELLA       63
 #define OPT_UMBRELLA_DEVID 64
-#define OPT_LAST           65
+#define OPT_FILTER_A       65
+#define OPT_LAST           66
 
 #define OPTION_BITS (sizeof(unsigned int)*8)
 #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
diff --git a/src/option.c b/src/option.c
index cacfaa6..43dc3cb 100644
--- a/src/option.c
+++ b/src/option.c
@@ -171,6 +171,7 @@ struct myoption {
 #define LOPT_DYNHOST       362
 #define LOPT_LOG_DEBUG     363
 #define LOPT_UMBRELLA	   364
+#define LOPT_FILTER_A      365
  
 #ifdef HAVE_GETOPT_LONG
 static const struct option opts[] =  
@@ -347,6 +348,7 @@ static const struct myoption opts[] =
     { "dynamic-host", 1, 0, LOPT_DYNHOST },
     { "log-debug", 0, 0, LOPT_LOG_DEBUG },
 	{ "umbrella", 2, 0, LOPT_UMBRELLA },
+    { "filter-a", 0, 0, LOPT_FILTER_A },
     { NULL, 0, 0, 0 }
   };
 
@@ -530,6 +532,7 @@ static struct {
   { LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which packets to dump"), NULL },
   { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call dhcp-script when lease expiry changes."), NULL },
   { LOPT_UMBRELLA, ARG_ONE, "[=<optspec>]", gettext_noop("Send Cisco Umbrella identifiers including remote IP."), NULL },
+  { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter all A requests."), NULL },
   { 0, 0, NULL, NULL, NULL }
 }; 
 
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 9bc5ef2..fc6352a 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1843,6 +1843,17 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
 	    }
 	}
 
+	/* filter A forwards */
+	if (qtype == T_A && option_bool(OPT_FILTER_A))
+	  {
+	    /* return a null reply */
+		ans = 1;
+		if (!dryrun)
+		  log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL);
+		break;
+	  }
+	/* end of filtering A */
+
       if (!ans)
 	return 0; /* failed to answer a question */
     }
