rec: Terminate TCP connections instead of 'ignoring' errors
We used to ignore questions that we consider invalid (unexpected
opcode, qdcount != 1, QR=1, parse error, ...) but also those
received from source addresses blocked by ipfilter, still waiting
for a new question to come up on the socket.
That might be fine for clients that will keep sending queries, even
though they will still end up wondering what happened to the ignored
queries, but some clients like dnsdist will wait until a response is
sent, or a time out occurs.
Closing the TCP connection instead allows dnsdist to keep going,
possibly retrying over a new connection but finally giving up,
instead of keeping the connection alive.
projects / thirdparty / pdns.git / commit
