dnsmasq: add filter-aaaa option (IPv6

coolsnowwolf · Feb 13, 2020 · d5cd053 · d5cd053
1 parent 873517a
commit d5cd053
Show file tree

Hide file tree

Showing 4 changed files with 77 additions and 1 deletion.
diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dnsmasq
 PKG_VERSION:=2.80
-PKG_RELEASE:=5
+PKG_RELEASE:=9
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq

diff --git a/package/network/services/dnsmasq/files/dhcp.conf b/package/network/services/dnsmasq/files/dhcp.conf
@@ -20,6 +20,7 @@ config dnsmasq
 	#list notinterface	lo
 	#list bogusnxdomain     '64.94.110.11'
 	option localservice	1  # disable to allow DNS requests from non-local subnets
+	option filter_aaaa 1
 
 config dhcp lan
 	option interface	lan

diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -828,6 +828,8 @@ dnsmasq_start()
 	append_bool "$cfg" sequential_ip "--dhcp-sequential-ip"
 	append_bool "$cfg" allservers "--all-servers"
 	append_bool "$cfg" noping "--no-ping"
+
+	append_bool "$cfg" filter_aaaa "--filter-aaaa"
 
 	append_parm "$cfg" logfacility "--log-facility"
 

diff --git a/package/network/services/dnsmasq/patches/999-filter-aaaa.patch b/package/network/services/dnsmasq/patches/999-filter-aaaa.patch
@@ -0,0 +1,73 @@
+From 966471712184cfb3b067f2ae8dad9d8e2a896cae Mon Sep 17 00:00:00 2001
+From: Bearice Ren <bearice@icybear.net>
+Date: Tue, 20 Sep 2016 11:52:08 +0800
+Subject: [PATCH] add filter-aaaa option
+
+---
+ src/dnsmasq.h | 3 ++-
+ src/option.c  | 3 +++
+ src/rfc1035.c | 9 +++++++++
+ 3 files changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index 1896a64..e10d6c4 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -259,7 +259,8 @@
+ #define OPT_TFTP_APREF_MAC 56
+ #define OPT_RAPID_COMMIT   57
+ #define OPT_UBUS           58
+-#define OPT_LAST           59
++#define OPT_FILTER_AAAA    59
++#define OPT_LAST           60
+
+ #define OPTION_BITS (sizeof(unsigned int)*8)
+ #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
+diff --git a/src/option.c b/src/option.c
+index d8c57d6..1cc65bf 100644
+@@ -166,6 +166,7 @@
+ #define LOPT_UBUS          354
+ #define LOPT_NAME_MATCH    355
+ #define LOPT_CAA           356
++#define LOPT_FILTER_AAAA   357
+
+ #ifdef HAVE_GETOPT_LONG
+ static const struct option opts[] =  
+@@ -337,6 +338,7 @@
+     { "dhcp-rapid-commit", 0, 0, LOPT_RAPID_COMMIT },
+     { "dumpfile", 1, 0, LOPT_DUMPFILE },
+     { "dumpmask", 1, 0, LOPT_DUMPMASK },
++    { "filter-aaaa", 0, 0, LOPT_FILTER_AAAA },
+     { NULL, 0, 0, 0 }
+   };
+
+@@ -515,6 +517,7 @@
+   { LOPT_RAPID_COMMIT, OPT_RAPID_COMMIT, NULL, gettext_noop("Enables DHCPv4 Rapid Commit option."), NULL },
+   { LOPT_DUMPFILE, ARG_ONE, "<path>", gettext_noop("Path to debug packet dump file"), NULL },
+   { LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which packets to dump"), NULL },
++  { LOPT_FILTER_AAAA, OPT_FILTER_AAAA, NULL, gettext_noop("Filter all AAAA requests."), NULL },
+   { 0, 0, NULL, NULL, NULL }
+ }; 
+
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 24d08c1..1594962 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -1878,6 +1878,15 @@
+ 	    }
+ 	}
+
++      //patch to filter aaaa forwards
++      if (qtype == T_AAAA && option_bool(OPT_FILTER_AAAA) ){
++        //return a null reply
++        ans = 1;
++        if (!dryrun) log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL);
++        break;
++      }
++      //end of patch
++
+       if (!ans)
+ 	return 0; /* failed to answer a question */
+     }
+
+--