[Dnsmasq-discuss] [PATCH] Strip EDNS(0) Client Subnet / MAC information

Dominik Derigs dl6er at dl6er.de
Fri Jan 7 05:15:09 UTC 2022


Hey Simon,

a series of patches (multiple mails) follows. This is the first
one:

Strip EDNS(0) Client Subnet / MAC information if --strip-subnet
or --strip-mac is set.
If BOTH the add and strip options are set, incoming EDNS0 options
are REPLACED.

This ensures we do not unintentionally forward client information
somewhere upstream when ECS is used in lower DNS layers in our
local network. Some upstream servers, for instance, Google DNS,
even refuse to answer when ECS contains a 192.168.0.0/16 address.

Best,
Dominik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Strip-EDNS-0-Client-Subnet-MAC-information-if-strip-.patch
Type: text/x-patch
Size: 7363 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20220107/5a1e34f1/attachment-0001.bin>


More information about the Dnsmasq-discuss mailing list