Skip to content
Browse files

adopt any-to-tcp feature to the recursor. Based on a patch by Winfrie…

…d Angele. Closes #836
  • Loading branch information...
Habbie committed Nov 5, 2013
1 parent 88ba171 commit e661a20b49162eb2ca1ecd157216beaa6450fc49
Showing with 18 additions and 0 deletions.
  1. +9 −0 pdns/docs/pdns.xml
  2. +9 −0 pdns/
<term>any-to-tcp | any-to-tcp=yes | any-to-tcp=no</term>
Answer questions for the ANY type on UDP with a truncated packet that refers the
remote server to TCP. Useful for mitigating ANY reflection attacks. Defaults to off.
@@ -75,6 +75,7 @@ __thread unsigned int t_id;
unsigned int g_maxTCPPerClient;
unsigned int g_networkTimeoutMsec;
bool g_logCommonErrors;
bool g_anyToTcp;
__thread shared_ptr<RecursorLua>* t_pdl;
__thread RemoteKeeper* t_remotes;
__thread shared_ptr<Regex>* t_traceRegex;
@@ -512,6 +513,11 @@ void startDoResolve(void *p)

if(dc->d_mdp.d_qtype==QType::ANY && !dc->d_tcp && g_anyToTcp) {
goto sendit;

SyncRes sr(dc->d_now);
bool tracedQuery=false; // we could consider letting Lua know about this too
if(t_traceRegex->get() && (*t_traceRegex)->match(dc->d_mdp.d_qname)) {
@@ -1779,6 +1785,8 @@ int serviceMain(int argc, char*argv[])


g_anyToTcp = ::arg().mustDo("any-to-tcp");

@@ -2053,6 +2061,7 @@ int main(int argc, char **argv)
::arg().setSwitch( "disable-edns", "Disable EDNS - EXPERIMENTAL, LEAVE DISABLED" )= "";
::arg().setSwitch( "disable-packetcache", "Disable packetcache" )= "no";
::arg().setSwitch( "pdns-distributes-queries", "If PowerDNS itself should distribute queries over threads (EXPERIMENTAL)")="no";
::arg().setSwitch( "any-to-tcp","Answer ANY queries with tc=1, shunting to TCP" )="no";
::arg().set("include-dir","Include *.conf files from this directory")="";

::arg().setCmd("help","Provide a helpful message");

0 comments on commit e661a20

Please sign in to comment.
You can’t perform that action at this time.