Make --filter-rr=ANY filter the answer to ANY queries.

Thanks to Dominik Derigs for an earlier patch which inspired this.
2025-12-24 12:48:32 +00:00 · 2024-02-12 16:14:06 +00:00
parent febeea9d01
commit 3de7289bd6
4 changed files with 33 additions and 12 deletions
--- a/src/rrfilter.c
+++ b/src/rrfilter.c
@@ -213,6 +213,14 @@ size_t rrfilter(struct dns_header *header, size_t *plen, int mode)
 	  if (i < ntohs(header->ancount) && type == qtype && class == qclass)
 	    continue;
 	}
+      else if (qtype == T_ANY && rr_on_list(daemon->filter_rr, T_ANY))
+	{
+	  /* Filter replies to ANY queries in the spirit of
+	     RFC RFC 8482 para 4.3 */
+	  if (class != C_IN ||
+	      type == T_A || type == T_AAAA || type == T_MX || type == T_CNAME)
+	    continue;
+	}
      else
 	{
 	  /* Only looking at answer section now. */