[Dnsmasq-discuss] [PATCH v9] Connection track mark based DNS query filtering.
stappers at stappers.nl
Mon Jun 21 19:39:44 UTC 2021
On Wed, Jun 16, 2021 at 09:56:17PM +0000, Etan Kissling wrote:
> This extends query filtering support beyond what is currently possible
> with the `--ipset` configuration option, by adding support for:
> 1) Specifying allowlists on a per-client basis, based on their
> associated Linux connection track mark.
> 2) Dynamic configuration of allowlists via Ubus.
> 3) Reporting when a DNS query resolves or is rejected via Ubus.
> 4) DNS name patterns containing wildcards.
> Disallowed queries are not forwarded; they are rejected
> with a REFUSED error code.
> Signed-off-by: Etan Kissling <etan_kissling at apple.com>
> (addressed reviewer feedback)
> Signed-off-by: Etan Kissling <etan.kissling at gmail.com>
It became commit 627056febbf1b
A community member
More information about the Dnsmasq-discuss