modules/dns64: add kr_query::flags.DNS64_DISABLE

It's not a perfect solution and with the future policy engine it will
hopefully be better, but it's really trivial to add this already.
(should've done that years ago)

diff --git a/NEWS b/NEWS
index 8926b2f3f21e15e68b4169cec30bd34bdea7c15e..c64950e014ab22c8222d2ee941721957d534b26f 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,7 @@ Knot Resolver 5.4.2 (2021-0m-dd)
 Improvements
 ------------
 - dns64 module: also map the reverse (PTR) subtree (#478, !1201)
+- dns64 module: allow disabling based on client address (#368, !1201)
 
 
 Knot Resolver 5.4.1 (2021-08-19)

diff --git a/daemon/lua/kres-gen-29.lua b/daemon/lua/kres-gen-29.lua
index 6a8a4cf3ed997f77cbf14ec23596b4cdaaec3168..6861466b0597af65aefee65f53d140761e2d2bcc 100644 (file)
--- a/daemon/lua/kres-gen-29.lua
+++ b/daemon/lua/kres-gen-29.lua
@@ -134,6 +134,7 @@ struct kr_qflags {
        _Bool CACHE_TRIED : 1;
        _Bool NO_NS_FOUND : 1;
        _Bool PKT_IS_SANE : 1;
+       _Bool DNS64_DISABLE : 1;
 };
 typedef struct ranked_rr_array_entry {
        uint32_t qry_uid;

diff --git a/daemon/lua/kres-gen-31.lua b/daemon/lua/kres-gen-31.lua
index af069ba61daf7208deb3672de70702c7b7ef8d30..b8dd5e3366831861227ffb1fb007865b4fc5c478 100644 (file)
--- a/daemon/lua/kres-gen-31.lua
+++ b/daemon/lua/kres-gen-31.lua
@@ -134,6 +134,7 @@ struct kr_qflags {
        _Bool CACHE_TRIED : 1;
        _Bool NO_NS_FOUND : 1;
        _Bool PKT_IS_SANE : 1;
+       _Bool DNS64_DISABLE : 1;
 };
 typedef struct ranked_rr_array_entry {
        uint32_t qry_uid;

diff --git a/lib/rplan.h b/lib/rplan.h
index 5120521d7c83854b557a232fddc4b4e9285510ca..73fe6f7f0cd8e65194ad09469329af81b556d1cf 100644 (file)
--- a/lib/rplan.h
+++ b/lib/rplan.h
@@ -53,6 +53,7 @@ struct kr_qflags {
        bool NO_NS_FOUND : 1;    /**< No valid NS found during last PRODUCE stage. */
        bool PKT_IS_SANE : 1;    /**< Set by iterator in consume phase to indicate whether
                                  * some basic aspects of the packet are OK, e.g. QNAME. */
+       bool DNS64_DISABLE : 1;  /**< Don't do any DNS64 stuff (meant for view:addr). */
 };
 
 /** Combine flags together.  This means set union for simple flags. */

diff --git a/modules/dns64/dns64.lua b/modules/dns64/dns64.lua
index f4a68e0631947ab47a57d37c606e0c500516f0a6..af8926f8f293caca87c136f5afe522ce4d299225 100644 (file)
--- a/modules/dns64/dns64.lua
+++ b/modules/dns64/dns64.lua
@@ -43,7 +43,7 @@ function M.layer.consume(state, req, pkt)
        if state == kres.FAIL then return state end
        local qry = req:current()
        -- Observe only final answers in IN class where request has no CD flag.
-       if M.proxy == nil or not qry.flags.RESOLVED
+       if M.proxy == nil or not qry.flags.RESOLVED or qry.flags.DNS64_DISABLE
                        or pkt:qclass() ~= kres.class.IN or req.qsource.packet:cd() then
                return state
        end
@@ -131,7 +131,7 @@ end
 function M.layer.produce(_, req, pkt)
        local qry = req.current_query
        local sname = qry.sname
-       if ffi.C.knot_dname_in_bailiwick(sname, M.rev_suffix) < 0
+       if ffi.C.knot_dname_in_bailiwick(sname, M.rev_suffix) < 0 or qry.flags.DNS64_DISABLE
                then return end
        -- Update packet question if it was minimized.
        qry.flags.NO_MINIMIZE = true