[Dnsmasq-discuss] blocklists, blocking servers, rebind attacks & general aaarrggh
simon at thekelleys.org.uk
Mon Jul 5 20:13:35 UTC 2021
On 05/07/2021 09:20, Kevin Darbyshire-Bryant wrote:
>> I looked at the code that determines private addresses for --bogus-priv
>> and rebind: It's a bit unruly for IPv6, so I've rationalised things and
>> included :: and 0.0.0.0 in the --rebind-localhost-ok coverage, which at
>> least avoids the log spam.
>> I wonder if bogus-nxdomain should be extended to IPv6, or we could add
>> another option which is the equivalent of
>> Or both.
> Thanks Simon, definitely looks more rational, will give it a try.
> Incidentally, is there a typo in a92c6d77dcd475579c39bdff141f5eb128e2a048 ? - I think you mean to de-ref the pointer, not compare the pointer.
> diff --git a/src/domain-match.c b/src/domain-match.c
> index f82bbdb..97ae9c5 100644
> --- a/src/domain-match.c
> +++ b/src/domain-match.c
> @@ -591,7 +591,7 @@ int add_update_server(int flags,
> else if (*domain == '*')
> - if (domain != 0)
> + if (*domain)
> flags |= SERV_WILDCARD;
Thanks for catching that. Patch applied.
More information about the Dnsmasq-discuss