Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make --filter-rr=ANY filter the answer to ANY queries.

Browse Source 
Thanks to Dominik Derigs for an earlier patch which inspired this.
This commit is contained in:
Simon Kelley
2024-02-12 16:14:06 +00:00
parent febeea9d01
commit 3de7289bd6
4 changed files with 33 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/rfc1035.c
View File

@@ -1026,7 +1026,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
returned packet in process_reply() but gets cached here anyway
and will be filtered again on the way out of the cache. Here,
we just need to alter the logging. */
if (rr_on_list(daemon->filter_rr, qtype))
if (qtype != T_ANY && rr_on_list(daemon->filter_rr, qtype))
secflag = F_NEG | F_CONFIG;
if (aqtype == T_TXT)
@@ -1995,7 +1995,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!(crecp->flags & (F_HOSTS | F_DHCP)))
auth = 0;
if (rr_on_list(daemon->filter_rr, qtype) &&
if (qtype != T_ANY && rr_on_list(daemon->filter_rr, qtype) &&
!(crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG | F_NEG)))
{
/* We have a cached answer but we're filtering it. */
@@ -2009,13 +2009,16 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
}
else if (crecp->flags & F_NEG)
{
ans = 1;
auth = 0;
soa_lookup = crecp;
if (crecp->flags & F_NXDOMAIN)
nxdomain = 1;
log_query(stale_flag | crecp->flags, name, NULL, NULL, 0);
if (qtype != T_ANY)
{
ans = 1;
auth = 0;
soa_lookup = crecp;
if (crecp->flags & F_NXDOMAIN)
nxdomain = 1;
log_query(stale_flag | crecp->flags, name, NULL, NULL, 0);
}
}
else
{
@@ -2180,7 +2183,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (flags & F_NXDOMAIN)
nxdomain = 1;
else if (rr_on_list(daemon->filter_rr, qtype))
else if (qtype != T_ANY && rr_on_list(daemon->filter_rr, qtype))
flags |= F_NEG | F_CONFIG;
auth = 0;
@@ -2225,7 +2228,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
}
if (!ans && rr_on_list(daemon->filter_rr, qtype))
if (qtype != T_ANY && !ans && rr_on_list(daemon->filter_rr, qtype))
{
/* We don't have a cached answer and when we get an answer from upstream we're going to
filter it anyway. If we have a cached answer for the domain for another RRtype then