Browse files

BAD_NETS taken from both:

  • Loading branch information...
1 parent c133284 commit 12cd44ee0fcde5893f85dccc499bfc35152c5fff @lochiiconnectivity lochiiconnectivity committed Dec 11, 2014
Showing with 9 additions and 2 deletions.
  1. +9 −2 pdns/
@@ -126,7 +126,14 @@ __thread MT_t* MT; // the big MTasker
unsigned int g_numThreads;
-#define LOCAL_NETS ",,,,,, ::1/128, fe80::/10"
+#define LOCAL_NETS ",,,,,, ::1/128, fc00::/7, fe80::/10"
+// Bad Nets taken from both:
+// and
+// where such a network may not be considered a valid destination
+#define BAD_NETS ",,,,,, ::/96, ::ffff:0:0/96, 100::/64, 2001:db8::/32"
//! used to send information to a newborn mthread
struct DNSComboWriter {
@@ -2159,7 +2166,7 @@ int main(int argc, char **argv)
::arg().set("allow-from", "If set, only allow these comma separated netmasks to recurse")=LOCAL_NETS;
::arg().set("allow-from-file", "If set, load allowed netmasks from this file")="";
::arg().set("entropy-source", "If set, read entropy from this file")="/dev/urandom";
- ::arg().set("dont-query", "If set, do not query these netmasks for DNS data")=LOCAL_NETS;
+ ::arg().set("dont-query", "If set, do not query these netmasks for DNS data")=DONT_QUERY;
::arg().set("max-tcp-per-client", "If set, maximum number of TCP sessions per client (IP address)")="0";
::arg().set("spoof-nearmiss-max", "If non-zero, assume spoofing after this many near misses")="20";
::arg().set("single-socket", "If set, only use a single socket for outgoing queries")="off";

0 comments on commit 12cd44e

Please sign in to comment.