Skip to content

D
Dnsmasq
Commit b485ed97 authored by Simon Kelley's avatar Simon Kelley
Browse files
Options

Always answer queries for authoritative zones locally, never forward.

parent 53c4c5c8
Hide whitespace changes
Inline Side-by-side
Showing with 38 additions and 6 deletions
src/auth.c
View file @ b485ed97
......@@ -62,7 +62,7 @@ static int filter_constructed_dhcp(struct auth_zone *zone, int flag, struct all_
return filter_zone(zone, flag, addr_u) != NULL;
}
static int in_zone(struct auth_zone *zone, char *name, char **cut)
int in_zone(struct auth_zone *zone, char *name, char **cut)
{
size_t namelen = strlen(name);
size_t domainlen = strlen(zone->domain);
......
src/cache.c
View file @ b485ed97
......@@ -1161,6 +1161,9 @@ void dump_cache(time_t now)
daemon->cachesize, cache_live_freed, cache_inserted);
my_syslog(LOG_INFO, _("queries forwarded %u, queries answered locally %u"),
daemon->queries_forwarded, daemon->local_answer);
#ifdef HAVE_AUTH
my_syslog(LOG_INFO, _("queries for authoritative zones %u"), daemon->auth_answer);
#endif
/* sum counts from different records for same server */
for (serv = daemon->servers; serv; serv = serv->next)
......
src/dnsmasq.h
View file @ b485ed97
......@@ -876,7 +876,7 @@ extern struct daemon {
char *packet; /* packet buffer */
int packet_buff_sz; /* size of above */
char *namebuff; /* MAXDNAME size buffer */
unsigned int local_answer, queries_forwarded;
unsigned int local_answer, queries_forwarded, auth_answer;
struct frec *frec_list;
struct serverfd *sfds;
struct irec *interfaces;
......@@ -993,6 +993,7 @@ int private_net(struct in_addr addr, int ban_localhost);
/* auth.c */
#ifdef HAVE_AUTH
size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t now, union mysockaddr *peer_addr);
int in_zone(struct auth_zone *zone, char *name, char **cut);
#endif
/* util.c */
......
src/forward.c
View file @ b485ed97
......@@ -848,6 +848,9 @@ void receive_query(struct listener *listen, time_t now)
if (extract_request(header, (size_t)n, daemon->namebuff, &type))
{
char types[20];
#ifdef HAVE_AUTH
struct auth_zone *zone;
#endif
querystr(auth_dns ? "auth" : "query", types, type);
......@@ -859,15 +862,28 @@ void receive_query(struct listener *listen, time_t now)
log_query(F_QUERY | F_IPV6 | F_FORWARD, daemon->namebuff,
(struct all_addr *)&source_addr.in6.sin6_addr, types);
#endif
}
#ifdef HAVE_AUTH
/* find queries for zones we're authoritative for, and answer them directly */
for (zone = daemon->auth_zones; zone; zone = zone->next)
if (in_zone(zone, daemon->namebuff, NULL))
{
auth_dns = 1;
break;
}
#endif
}
#ifdef HAVE_AUTH
if (auth_dns)
{
m = answer_auth(header, ((char *) header) + PACKETSZ, (size_t)n, now, &source_addr);
if (m >= 1)
send_from(listen->fd, option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND),
(char *)header, m, &source_addr, &dst_addr, if_index);
{
send_from(listen->fd, option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND),
(char *)header, m, &source_addr, &dst_addr, if_index);
daemon->auth_answer++;
}
}
else
#endif
......@@ -939,7 +955,9 @@ unsigned char *tcp_request(int confd, time_t now,
if ((gotname = extract_request(header, (unsigned int)size, daemon->namebuff, &qtype)))
{
char types[20];
#ifdef HAVE_AUTH
struct auth_zone *zone;
#endif
querystr(auth_dns ? "auth" : "query", types, qtype);
if (peer_addr.sa.sa_family == AF_INET)
......@@ -950,6 +968,16 @@ unsigned char *tcp_request(int confd, time_t now,
log_query(F_QUERY | F_IPV6 | F_FORWARD, daemon->namebuff,
(struct all_addr *)&peer_addr.in6.sin6_addr, types);
#endif
#ifdef HAVE_AUTH
/* find queries for zones we're authoritative for, and answer them directly */
for (zone = daemon->auth_zones; zone; zone = zone->next)
if (in_zone(zone, daemon->namebuff, NULL))
{
auth_dns = 1;
break;
}
#endif
}
if (local_addr->sa.sa_family == AF_INET)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment