[Dnsmasq-discuss] [PATCH] Connection track mark based DNS query filtering.
Geert Stappers
stappers at stappers.nl
Sun Oct 23 08:15:47 UTC 2022
On Fri, Jan 22, 2021 at 09:34:53PM +0100, Etan Kissling wrote:
> This extends query filtering support beyond what is currently possible
> with the `--ipset` configuration option, by adding support for:
> 1) Specifying allowlists on a per-client basis, based on their
> associated Linux connection track mark.
> 2) Dynamic configuration of allowlists via Ubus.
> 3) Reporting when a DNS query resolves or is rejected via Ubus.
> 4) DNS name patterns containing wildcards.
>
> Disallowed queries are not forwarded; they are rejected
> with a REFUSED error code.
>
> Signed-off-by: Etan Kissling <etan_kissling at apple.com>
> ---
> Makefile | 2 +-
> man/dnsmasq.8 | 31 +++-
> src/dnsmasq.h | 25 +++-
> src/forward.c | 123 +++++++++++++++-
> src/option.c | 134 ++++++++++++++++++
> src/pattern.c | 386 ++++++++++++++++++++++++++++++++++++++++++++++++++
> src/rfc1035.c | 82 +++++++++++
> src/ubus.c | 182 ++++++++++++++++++++++++
> 8 files changed, 956 insertions(+), 9 deletions(-)
> create mode 100644 src/pattern.c
Found this while looking for another patch.
Did see that no one did respond to the patch.
I might be wrong about that due my archive my only point of view.
What where other responses?
Groeten
Geert Stappers
--
Silence is hard to parse
More information about the Dnsmasq-discuss
mailing list