Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve handling of non-QUERY DNS requests.

Browse Source 
We can't answer and shouldn't forward non-QUERY DNS requests.

This patch fixes handling such requests from TCP connections; before
the connection would be closed without reply.

It also changes the RCODE in the answer from REFUSED to NOTIMP and
provides clearer logging.
This commit is contained in:
Simon Kelley
2024-12-13 23:00:21 +00:00
parent 3b74df4f55
commit ab177cb153
4 changed files with 234 additions and 207 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/domain-match.c
View File

@@ -405,11 +405,19 @@ size_t make_local_answer(int flags, int gotname, size_t size, struct dns_header
int start;
union all_addr addr;
setup_reply(header, flags, ede);
if (flags & (F_NXDOMAIN | F_NOERR))
log_query(flags | gotname | F_NEG | F_CONFIG | F_FORWARD, name, NULL, NULL, 0);
setup_reply(header, flags, ede);
if (flags & F_RCODE)
{
union all_addr a;
a.log.rcode = RCODE(header);
a.log.ede = ede;
log_query(F_UPSTREAM | F_RCODE, "opcode", &a, NULL, 0);
}
if (!(p = skip_questions(header, size)))
return 0;