<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>Hi Trey,<br>
    </p>
    <p>Are there any specific applications requiring this patch? It
      seems to me most of work should be spent on applications not
      handling IPv4 addresses correctly. Also, I would implement
      filtering of both address families if it is required.</p>
    <p>Are there specific applications, where we can help escalate the
      problem on their side instead? As you have already said, when they
      ask for A address, they should receive one. Whether it is useful
      or not, clients should be able to process it. And skipping to IPv6
      in case of no IPv4 connectivity should be immediate. We lack full
      IPv6 connectivity at office, so far I know only svn is not able to
      switch to IPv4 only. Which is solved by switching to git.
      Filtering of AAAA record would have solved it too.<br>
    </p>
    <p>Do you have examples of applications, where this change would
      help?</p>
    <p>Cheers,</p>
    <p>Petr<br>
    </p>
    <div class="moz-cite-prefix">On 6/16/21 1:26 PM, Trey Sis wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:8d044797-7f63-dbc6-6299-f4b38b904640@gmx.net">On
      6/14/2021 1:43, Trey Sis wrote:
      <br>
      <blockquote type="cite">On 6/13/2021 22:01, Geert Stappers via
        Dnsmasq-discuss wrote:
        <br>
        <blockquote type="cite">On Wed, Jun 09, 2021 at 02:13:34PM
          +0200, Trey Sis wrote:
          <br>
          <blockquote type="cite">Dropping the patch file as attachment.
            <br>
             From 57c7fcb0b3caccae7376f71ab1a9ae74f0e7f6d9 Mon Sep 17
            00:00:00 2001
            <br>
            From: treysis <a class="moz-txt-link-rfc2396E" href="mailto:treysis@gmx.net"><treysis@gmx.net></a>
            <br>
            Date: Sat, 5 Jun 2021 15:27:26 +0200
            <br>
            Subject: [PATCH] Add option to filter A record requests
            <br>
            <br>
          </blockquote>
          [1]
          <br>
          <br>
          <br>
          <blockquote type="cite">---
            <br>
              src/dnsmasq.h |  3 ++-
            <br>
              src/option.c  |  3 +++
            <br>
              src/rfc1035.c | 11 +++++++++++
            <br>
              3 files changed, 16 insertions(+), 1 deletion(-)
            <br>
            <br>
            diff --git a/src/dnsmasq.h b/src/dnsmasq.h
            <br>
            index b27737b..2fec7d1 100644
            <br>
            --- a/src/dnsmasq.h
            <br>
            +++ b/src/dnsmasq.h
            <br>
            @@ -272,7 +272,8 @@ struct event_desc {
            <br>
              #define OPT_LOG_DEBUG      62
            <br>
              #define OPT_UMBRELLA       63
            <br>
              #define OPT_UMBRELLA_DEVID 64
            <br>
            -#define OPT_LAST           65
            <br>
            +#define OPT_FILTER_A       65
            <br>
            +#define OPT_LAST           66
            <br>
            <br>
              #define OPTION_BITS (sizeof(unsigned int)*8)
            <br>
              #define OPTION_SIZE (
            <br>
            (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
            <br>
            diff --git a/src/option.c b/src/option.c
            <br>
            index cacfaa6..43dc3cb 100644
            <br>
            --- a/src/option.c
            <br>
            +++ b/src/option.c
            <br>
            @@ -171,6 +171,7 @@ struct myoption {
            <br>
              #define LOPT_DYNHOST       362
            <br>
              #define LOPT_LOG_DEBUG     363
            <br>
              #define LOPT_UMBRELLA       364
            <br>
            +#define LOPT_FILTER_A      365
            <br>
            <br>
              #ifdef HAVE_GETOPT_LONG
            <br>
              static const struct option opts[] =
            <br>
            @@ -347,6 +348,7 @@ static const struct myoption opts[] =
            <br>
                  { "dynamic-host", 1, 0, LOPT_DYNHOST },
            <br>
                  { "log-debug", 0, 0, LOPT_LOG_DEBUG },
            <br>
                  { "umbrella", 2, 0, LOPT_UMBRELLA },
            <br>
            +    { "filter-a", 0, 0, LOPT_FILTER_A },
            <br>
                  { NULL, 0, 0, 0 }
            <br>
                };
            <br>
            <br>
            @@ -530,6 +532,7 @@ static struct {
            <br>
                { LOPT_DUMPMASK, ARG_ONE, "<hex>",
            gettext_noop("Mask which
            <br>
            packets to dump"), NULL },
            <br>
                { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL,
            gettext_noop("Call
            <br>
            dhcp-script when lease expiry changes."), NULL },
            <br>
                { LOPT_UMBRELLA, ARG_ONE, "[=<optspec>]",
            gettext_noop("Send
            <br>
            Cisco Umbrella identifiers including remote IP."), NULL },
            <br>
            +  { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter
            all A
            <br>
            requests."), NULL },
            <br>
                { 0, 0, NULL, NULL, NULL }
            <br>
              };
            <br>
            <br>
            diff --git a/src/rfc1035.c b/src/rfc1035.c
            <br>
            index 9bc5ef2..1043773 100644
            <br>
            --- a/src/rfc1035.c
            <br>
            +++ b/src/rfc1035.c
            <br>
            @@ -1843,6 +1843,17 @@ size_t answer_request(struct
            dns_header
            <br>
            *header, char *limit, size_t qlen,
            <br>
                      }
            <br>
                  }
            <br>
            <br>
            +    /* filter A forwards */
            <br>
            +    if (qtype == T_A && option_bool(OPT_FILTER_A))
            <br>
            +      {
            <br>
            +        /* return a null reply */
            <br>
            +        ans = 1;
            <br>
            +        if (!dryrun)
            <br>
            +          log_query(F_CONFIG | F_IPV6 | F_NEG, name,
            &addr, NULL);
            <br>
            +        break;
            <br>
            +      }
            <br>
            +    /* end of filtering A */
            <br>
            +
            <br>
                    if (!ans)
            <br>
                  return 0; /* failed to answer a question */
            <br>
                  }
            <br>
          </blockquote>
          <br>
          <br>
          /home/stappers/src/dnsmasq/.git/rebase-apply/patch:62:
          trailing
          <br>
          whitespace.
          <br>
                           if (!dryrun)
          <br>
          warning: 1 line adds whitespace errors.
          <br>
        </blockquote>
        <br>
        My bad! Fixed. Find the new patch attached to this message.
        <br>
        <br>
        <br>
        <br>
        _______________________________________________
        <br>
        Dnsmasq-discuss mailing list
        <br>
        <a class="moz-txt-link-abbreviated" href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk</a>
        <br>
<a class="moz-txt-link-freetext" href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a>
        <br>
      </blockquote>
      <br>
      Hello everyone,
      <br>
      <br>
      I was wondering if anyone has any suggestions or objections for
      the patch?
      <br>
      <br>
      I still think it would be very valuable for many setups out there
      to
      <br>
      drop A records. Most OS don't query for AAAA if there is no IPv6
      <br>
      connection. But none don't query for A if there is no IPv4. That
      often
      <br>
      causes problems with applications that did not (yet) implement
      happy
      <br>
      eyeballs. Getting this upstream would make it much easier to
      handle
      <br>
      IPv6-only environments.
      <br>
      <br>
      What do you think?
      <br>
      <br>
      Regards,
      <br>
      <br>
      Treysis
      <br>
      <br>
      <br>
      <br>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
Dnsmasq-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk</a>
<a class="moz-txt-link-freetext" href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a>
</pre>
    </blockquote>
    <pre class="moz-signature" cols="72">-- 
Petr Menšík
Software Engineer
Red Hat, <a class="moz-txt-link-freetext" href="http://www.redhat.com/">http://www.redhat.com/</a>
email: <a class="moz-txt-link-abbreviated" href="mailto:pemensik@redhat.com">pemensik@redhat.com</a>
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB</pre>
  </body>
</html>