mirror of https://github.com/hak5/openwrt.git
53 lines
1.5 KiB
Diff
53 lines
1.5 KiB
Diff
From cf5984367bc6a949e3803a576512c5a7bc48ebab Mon Sep 17 00:00:00 2001
|
|
From: Vladislav Grishenko <themiron@mail.ru>
|
|
Date: Thu, 18 Oct 2018 04:55:21 +0500
|
|
Subject: [PATCH 04/32] Don't forward *.bind/*.server queries upstream
|
|
|
|
Chaos .bind and .server (RFC4892) zones are local, therefore
|
|
don't forward queries upstream to avoid mixing with supported
|
|
locally and false replies with NO_ID enabled.
|
|
|
|
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
---
|
|
src/rfc1035.c | 15 ++++++++++++++-
|
|
1 file changed, 14 insertions(+), 1 deletion(-)
|
|
|
|
--- a/src/rfc1035.c
|
|
+++ b/src/rfc1035.c
|
|
@@ -1276,7 +1276,7 @@ size_t answer_request(struct dns_header
|
|
int q, ans, anscount = 0, addncount = 0;
|
|
int dryrun = 0;
|
|
struct crec *crecp;
|
|
- int nxdomain = 0, auth = 1, trunc = 0, sec_data = 1;
|
|
+ int nxdomain = 0, notimp = 0, auth = 1, trunc = 0, sec_data = 1;
|
|
struct mx_srv_record *rec;
|
|
size_t len;
|
|
|
|
@@ -1355,6 +1355,17 @@ size_t answer_request(struct dns_header
|
|
}
|
|
}
|
|
|
|
+ if (qclass == C_CHAOS)
|
|
+ {
|
|
+ /* don't forward *.bind and *.server chaos queries */
|
|
+ if (hostname_issubdomain("bind", name) || hostname_issubdomain("server", name))
|
|
+ {
|
|
+ if (!ans)
|
|
+ notimp = 1, auth = 0;
|
|
+ ans = 1;
|
|
+ }
|
|
+ }
|
|
+
|
|
if (qclass == C_IN)
|
|
{
|
|
struct txt_record *t;
|
|
@@ -1903,6 +1914,8 @@ size_t answer_request(struct dns_header
|
|
|
|
if (nxdomain)
|
|
SET_RCODE(header, NXDOMAIN);
|
|
+ else if (notimp)
|
|
+ SET_RCODE(header, NOTIMP);
|
|
else
|
|
SET_RCODE(header, NOERROR); /* no error */
|
|
header->ancount = htons(anscount);
|