[Dnsmasq-discuss] Patch with option to filter A records

Trey Sis treysis at gmx.net
Wed Jun 16 11:26:31 UTC 2021


On 6/14/2021 1:43, Trey Sis wrote:
> On 6/13/2021 22:01, Geert Stappers via Dnsmasq-discuss wrote:
>> On Wed, Jun 09, 2021 at 02:13:34PM +0200, Trey Sis wrote:
>>> Dropping the patch file as attachment.
>>>  From 57c7fcb0b3caccae7376f71ab1a9ae74f0e7f6d9 Mon Sep 17 00:00:00 2001
>>> From: treysis <treysis at gmx.net>
>>> Date: Sat, 5 Jun 2021 15:27:26 +0200
>>> Subject: [PATCH] Add option to filter A record requests
>>>
>> [1]
>>
>>
>>> ---
>>>   src/dnsmasq.h |  3 ++-
>>>   src/option.c  |  3 +++
>>>   src/rfc1035.c | 11 +++++++++++
>>>   3 files changed, 16 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/src/dnsmasq.h b/src/dnsmasq.h
>>> index b27737b..2fec7d1 100644
>>> --- a/src/dnsmasq.h
>>> +++ b/src/dnsmasq.h
>>> @@ -272,7 +272,8 @@ struct event_desc {
>>>   #define OPT_LOG_DEBUG      62
>>>   #define OPT_UMBRELLA       63
>>>   #define OPT_UMBRELLA_DEVID 64
>>> -#define OPT_LAST           65
>>> +#define OPT_FILTER_A       65
>>> +#define OPT_LAST           66
>>>
>>>   #define OPTION_BITS (sizeof(unsigned int)*8)
>>>   #define OPTION_SIZE (
>>> (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
>>> diff --git a/src/option.c b/src/option.c
>>> index cacfaa6..43dc3cb 100644
>>> --- a/src/option.c
>>> +++ b/src/option.c
>>> @@ -171,6 +171,7 @@ struct myoption {
>>>   #define LOPT_DYNHOST       362
>>>   #define LOPT_LOG_DEBUG     363
>>>   #define LOPT_UMBRELLA       364
>>> +#define LOPT_FILTER_A      365
>>>
>>>   #ifdef HAVE_GETOPT_LONG
>>>   static const struct option opts[] =
>>> @@ -347,6 +348,7 @@ static const struct myoption opts[] =
>>>       { "dynamic-host", 1, 0, LOPT_DYNHOST },
>>>       { "log-debug", 0, 0, LOPT_LOG_DEBUG },
>>>       { "umbrella", 2, 0, LOPT_UMBRELLA },
>>> +    { "filter-a", 0, 0, LOPT_FILTER_A },
>>>       { NULL, 0, 0, 0 }
>>>     };
>>>
>>> @@ -530,6 +532,7 @@ static struct {
>>>     { LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which
>>> packets to dump"), NULL },
>>>     { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call
>>> dhcp-script when lease expiry changes."), NULL },
>>>     { LOPT_UMBRELLA, ARG_ONE, "[=<optspec>]", gettext_noop("Send
>>> Cisco Umbrella identifiers including remote IP."), NULL },
>>> +  { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter all A
>>> requests."), NULL },
>>>     { 0, 0, NULL, NULL, NULL }
>>>   };
>>>
>>> diff --git a/src/rfc1035.c b/src/rfc1035.c
>>> index 9bc5ef2..1043773 100644
>>> --- a/src/rfc1035.c
>>> +++ b/src/rfc1035.c
>>> @@ -1843,6 +1843,17 @@ size_t answer_request(struct dns_header
>>> *header, char *limit, size_t qlen,
>>>           }
>>>       }
>>>
>>> +    /* filter A forwards */
>>> +    if (qtype == T_A && option_bool(OPT_FILTER_A))
>>> +      {
>>> +        /* return a null reply */
>>> +        ans = 1;
>>> +        if (!dryrun)
>>> +          log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL);
>>> +        break;
>>> +      }
>>> +    /* end of filtering A */
>>> +
>>>         if (!ans)
>>>       return 0; /* failed to answer a question */
>>>       }
>>
>>
>> /home/stappers/src/dnsmasq/.git/rebase-apply/patch:62: trailing
>> whitespace.
>>                  if (!dryrun)
>> warning: 1 line adds whitespace errors.
>
> My bad! Fixed. Find the new patch attached to this message.
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Hello everyone,

I was wondering if anyone has any suggestions or objections for the patch?

I still think it would be very valuable for many setups out there to
drop A records. Most OS don't query for AAAA if there is no IPv6
connection. But none don't query for A if there is no IPv4. That often
causes problems with applications that did not (yet) implement happy
eyeballs. Getting this upstream would make it much easier to handle
IPv6-only environments.

What do you think?

Regards,

Treysis


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210616/90a6cc08/attachment.htm>


More information about the Dnsmasq-discuss mailing list