]>
Commit | Line | Data |
---|---|---|
945d4ddb | 1 | This patch changes djbdns's dnscache program so that it will ignore the |
2 | IP address given in the IGNOREIP environment variable. I wrote this | |
3 | patch because of Verisign's oh-so helpful wildcard A records for *.COM | |
4 | and *.NET. Install the patch like this: | |
5 | patch <djbdns-1.05-ignoreip.patch | |
6 | svc -d /service/dnscache | |
7 | make setup check | |
8 | svc -u /service/dnscache | |
9 | ||
10 | Configure it to ignore Verisign's wildcard record like this: | |
11 | echo 64.94.110.11 >/service/dnscache/env/IGNOREIP | |
12 | svc -t /service/dnscache | |
13 | ||
14 | If IGNOREIP isn't found in the environment variable space, nothing is | |
15 | ignored. | |
16 | ||
17 | -- | |
18 | --My blog is at angry-economist.russnelson.com | Free markets express in the | |
19 | Crynwr sells support for free software | PGPok | practical world our belief | |
20 | 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that there is that of God | |
21 | Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | in all people. -Chris V. | |
22 | ||
23 | ||
24 | diff -u orig/dnscache.c ./dnscache.c | |
25 | --- orig/dnscache.c 2001-02-11 16:11:45.000000000 -0500 | |
26 | +++ ./dnscache.c 2003-09-15 23:08:36.000000000 -0400 | |
27 | @@ -23,6 +23,8 @@ | |
28 | #include "okclient.h" | |
29 | #include "droproot.h" | |
30 | ||
31 | +char ignoreip[4]; | |
32 | + | |
33 | static int packetquery(char *buf,unsigned int len,char **q,char qtype[2],char qclass[2],char id[2]) | |
34 | { | |
35 | unsigned int pos; | |
36 | @@ -431,6 +433,11 @@ | |
37 | if (!cache_init(cachesize)) | |
38 | strerr_die3x(111,FATAL,"not enough memory for cache of size ",x); | |
39 | ||
40 | + x = env_get("IGNOREIP"); | |
41 | + if (x) | |
42 | + if (!ip4_scan(x,ignoreip)) | |
43 | + strerr_die3x(111,FATAL,"unable to parse IGNOREIP address ",x); | |
44 | + | |
45 | if (env_get("HIDETTL")) | |
46 | response_hidettl(); | |
47 | if (env_get("FORWARDONLY")) | |
48 | diff -u orig/query.c ./query.c | |
49 | --- orig/query.c 2001-02-11 16:11:45.000000000 -0500 | |
50 | +++ ./query.c 2003-09-15 23:22:13.000000000 -0400 | |
51 | @@ -13,6 +13,8 @@ | |
52 | #include "response.h" | |
53 | #include "query.h" | |
54 | ||
55 | +extern char ignoreip[]; | |
56 | + | |
57 | static int flagforwardonly = 0; | |
58 | ||
59 | void query_forwardonly(void) | |
60 | @@ -643,6 +645,8 @@ | |
61 | pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; | |
62 | if (byte_equal(header + 8,2,"\0\4")) { | |
63 | pos = dns_packet_copy(buf,len,pos,header,4); if (!pos) goto DIE; | |
64 | + /* if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN;*/ | |
65 | + if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN; | |
66 | save_data(header,4); | |
67 | log_rr(whichserver,t1,DNS_T_A,header,4,ttl); | |
68 | } |