[Dnsmasq-discuss] Patch with option to filter A records

Geert Stappers stappers at stappers.nl
Mon Jun 21 20:15:02 UTC 2021


On Mon, Jun 14, 2021 at 11:54:02AM +0200, Trey Sis wrote:
> On 6/14/2021 1:43, Trey Sis wrote:
> > On 6/13/2021 22:01, Geert Stappers via Dnsmasq-discuss wrote:
         ...
> > > 
> > > 
> > > /home/stappers/src/dnsmasq/.git/rebase-apply/patch:62: trailing
> > > whitespace.
> > >                  if (!dryrun)
> > > warning: 1 line adds whitespace errors.
> > 
> > My bad! Fixed. Find the new patch attached to this message.
> > 
> 
> Any chance to get this reviewed and maybe added to upstream, Simon?
 
It will at least needed to be rebased.


Regards
Geert Stappers

diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index b21fc17..48c6c7f 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -273,7 +273,8 @@ struct event_desc {
 #define OPT_UMBRELLA       63
 #define OPT_UMBRELLA_DEVID 64
 #define OPT_CMARK_ALST_EN  65
-#define OPT_LAST           66
+#define OPT_FILTER_A       66
+#define OPT_LAST           67
 
 #define OPTION_BITS (sizeof(unsigned int)*8)
 #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
diff --git a/src/option.c b/src/option.c
index 464f4ff..2092b02 100644
--- a/src/option.c
+++ b/src/option.c
@@ -173,6 +173,7 @@ struct myoption {
 #define LOPT_UMBRELLA	   364
 #define LOPT_CMARK_ALST_EN 365
 #define LOPT_CMARK_ALST    366
+#define LOPT_FILTER_A      367
  
 #ifdef HAVE_GETOPT_LONG
 static const struct option opts[] =  
@@ -351,6 +352,7 @@ static const struct myoption opts[] =
     { "dynamic-host", 1, 0, LOPT_DYNHOST },
     { "log-debug", 0, 0, LOPT_LOG_DEBUG },
 	{ "umbrella", 2, 0, LOPT_UMBRELLA },
+    { "filter-a", 0, 0, LOPT_FILTER_A },
     { NULL, 0, 0, 0 }
   };
 
@@ -536,6 +538,7 @@ static struct {
   { LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which packets to dump"), NULL },
   { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call dhcp-script when lease expiry changes."), NULL },
   { LOPT_UMBRELLA, ARG_ONE, "[=<optspec>]", gettext_noop("Send Cisco Umbrella identifiers including remote IP."), NULL },
+  { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter all A requests."), NULL },
   { 0, 0, NULL, NULL, NULL }
 }; 
 
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 3bd728e..d13721a 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1930,6 +1930,17 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
 	    }
 	}
 
+	/* filter a forwards */
+	if (qtype == T_A && option_bool(OPT_FILTER_A))
+	  {
+	    /* return a null reply */
+		ans = 1;
+		if (!dryrun)
+		  log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL);
+		break;
+	  }
+	/* end of filtering a */
+
       if (!ans)
 	return 0; /* failed to answer a question */
     }



More information about the Dnsmasq-discuss mailing list