[Dnsmasq-discuss] [PATCH] Don't accept queries arriving on alias interface if configured not to do this
Dominik Derigs
dl6er at dl6er.de
Sun Jan 9 10:01:06 UTC 2022
Hey Simon,
I found the following bug/misbehavior (whatever you wanna call
it):
Real interface is eth0. an alias is created as eth0:0
Config --interface=eth0
Queries on eth0 and eth0:0 are accepted because dnsmasq only
compares the physical interface name string.
Config --interface=eth0:0
Queries on eth0 and eth0:0 are rejected (at first!) because of
the physical interface's name mismatch. But there is another
check "label_expection()" that does said iteration and would lead
to accepting the eth0:0 query. The eth0 query is correctly
rejected.
In an ideal world, we should reject also the eth0:0 query when
configured with "--interface=eth0". It can rather easily be done
when comparing the configured interface's IP addresses instead of
the name strings (or ifindex).
When doing this, the warn_wild_listeners() can be dropped
altogether as the strange behavior we used to warn about is
fixed.
The patch addresses this.
The second patch ensures we compare label instead of interface
name against dhcp_except and tftp interfaces to extend their
scope to interface aliases. The man page does not mention that
they are limited to "real" interfaces and stop working once an
alias interface is specified (even if valid).
Best,
Dominik
[resubmission of rebased patches, original submission in
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q4/015938.html]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Don-t-accept-queries-ariving-on-alias-interface-if-c.patch
Type: text/x-patch
Size: 5124 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20220109/ded70967/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Compare-label-instead-of-interface-name-against-dhcp.patch
Type: text/x-patch
Size: 1387 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20220109/ded70967/attachment-0003.bin>
More information about the Dnsmasq-discuss
mailing list