From: Vladimír Čunát Date: Tue, 10 Aug 2021 08:42:54 +0000 (+0200) Subject: modules/dns64: add kr_query::flags.DNS64_DISABLE X-Git-Tag: v5.4.2~8^2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=447654a51fa04120dfb14ec2c1b25690b2b2e312;p=thirdparty%2Fknot-resolver.git modules/dns64: add kr_query::flags.DNS64_DISABLE It's not a perfect solution and with the future policy engine it will hopefully be better, but it's really trivial to add this already. (should've done that years ago) --- diff --git a/NEWS b/NEWS index 8926b2f3f..c64950e01 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,7 @@ Knot Resolver 5.4.2 (2021-0m-dd) Improvements ------------ - dns64 module: also map the reverse (PTR) subtree (#478, !1201) +- dns64 module: allow disabling based on client address (#368, !1201) Knot Resolver 5.4.1 (2021-08-19) diff --git a/daemon/lua/kres-gen-29.lua b/daemon/lua/kres-gen-29.lua index 6a8a4cf3e..6861466b0 100644 --- a/daemon/lua/kres-gen-29.lua +++ b/daemon/lua/kres-gen-29.lua @@ -134,6 +134,7 @@ struct kr_qflags { _Bool CACHE_TRIED : 1; _Bool NO_NS_FOUND : 1; _Bool PKT_IS_SANE : 1; + _Bool DNS64_DISABLE : 1; }; typedef struct ranked_rr_array_entry { uint32_t qry_uid; diff --git a/daemon/lua/kres-gen-31.lua b/daemon/lua/kres-gen-31.lua index af069ba61..b8dd5e336 100644 --- a/daemon/lua/kres-gen-31.lua +++ b/daemon/lua/kres-gen-31.lua @@ -134,6 +134,7 @@ struct kr_qflags { _Bool CACHE_TRIED : 1; _Bool NO_NS_FOUND : 1; _Bool PKT_IS_SANE : 1; + _Bool DNS64_DISABLE : 1; }; typedef struct ranked_rr_array_entry { uint32_t qry_uid; diff --git a/lib/rplan.h b/lib/rplan.h index 5120521d7..73fe6f7f0 100644 --- a/lib/rplan.h +++ b/lib/rplan.h @@ -53,6 +53,7 @@ struct kr_qflags { bool NO_NS_FOUND : 1; /**< No valid NS found during last PRODUCE stage. */ bool PKT_IS_SANE : 1; /**< Set by iterator in consume phase to indicate whether * some basic aspects of the packet are OK, e.g. QNAME. */ + bool DNS64_DISABLE : 1; /**< Don't do any DNS64 stuff (meant for view:addr). */ }; /** Combine flags together. This means set union for simple flags. */ diff --git a/modules/dns64/dns64.lua b/modules/dns64/dns64.lua index f4a68e063..af8926f8f 100644 --- a/modules/dns64/dns64.lua +++ b/modules/dns64/dns64.lua @@ -43,7 +43,7 @@ function M.layer.consume(state, req, pkt) if state == kres.FAIL then return state end local qry = req:current() -- Observe only final answers in IN class where request has no CD flag. - if M.proxy == nil or not qry.flags.RESOLVED + if M.proxy == nil or not qry.flags.RESOLVED or qry.flags.DNS64_DISABLE or pkt:qclass() ~= kres.class.IN or req.qsource.packet:cd() then return state end @@ -131,7 +131,7 @@ end function M.layer.produce(_, req, pkt) local qry = req.current_query local sname = qry.sname - if ffi.C.knot_dname_in_bailiwick(sname, M.rev_suffix) < 0 + if ffi.C.knot_dname_in_bailiwick(sname, M.rev_suffix) < 0 or qry.flags.DNS64_DISABLE then return end -- Update packet question if it was minimized. qry.flags.NO_MINIMIZE = true