[Dnsmasq-discuss] blocklists, blocking servers, rebind attacks & general aaarrggh
Kevin Darbyshire-Bryant
kevin at darbyshire-bryant.me.uk
Mon Jul 5 08:20:12 UTC 2021
<snip>
> I looked at the code that determines private addresses for --bogus-priv
> and rebind: It's a bit unruly for IPv6, so I've rationalised things and
> included :: and 0.0.0.0 in the --rebind-localhost-ok coverage, which at
> least avoids the log spam.
>
>
> I wonder if bogus-nxdomain should be extended to IPv6, or we could add
> another option which is the equivalent of
>
> bogus-nxdomain=0.0.0.0,::
>
> Or both.
Thanks Simon, definitely looks more rational, will give it a try.
Incidentally, is there a typo in a92c6d77dcd475579c39bdff141f5eb128e2a048 ? - I think you mean to de-ref the pointer, not compare the pointer.
diff --git a/src/domain-match.c b/src/domain-match.c
index f82bbdb..97ae9c5 100644
--- a/src/domain-match.c
+++ b/src/domain-match.c
@@ -591,7 +591,7 @@ int add_update_server(int flags,
else if (*domain == '*')
{
domain++;
- if (domain != 0)
+ if (*domain)
flags |= SERV_WILDCARD;
}
Cheers,
Kevin D-B
gpg: 012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210705/09eb1481/attachment.sig>
More information about the Dnsmasq-discuss
mailing list