[packages/djbdns.git] / djbdns-ignoreip.patch

This patch changes djbdns's dnscache program so that it will ignore the
IP address given in the IGNOREIP environment variable.  I wrote this
patch because of Verisign's oh-so helpful wildcard A records for *.COM
and *.NET.  Install the patch like this:
    patch <djbdns-1.05-ignoreip.patch
    svc -d /service/dnscache
    make setup check
    svc -u /service/dnscache

Configure it to ignore Verisign's wildcard record like this:
    echo 64.94.110.11 >/service/dnscache/env/IGNOREIP
    svc -t /service/dnscache

If IGNOREIP isn't found in the environment variable space, nothing is
ignored.

--
--My blog is at angry-economist.russnelson.com  | Free markets express in the
Crynwr sells support for free software  | PGPok | practical world our belief
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that there is that of God
Potsdam, NY 13676-3213  | +1 315 268 9201 FAX   | in all people. -Chris V.


diff -u orig/dnscache.c ./dnscache.c
--- orig/dnscache.c	2001-02-11 16:11:45.000000000 -0500
+++ ./dnscache.c	2003-09-15 23:08:36.000000000 -0400
@@ -23,6 +23,8 @@
 #include "okclient.h"
 #include "droproot.h"
 
+char ignoreip[4];
+
 static int packetquery(char *buf,unsigned int len,char **q,char qtype[2],char qclass[2],char id[2])
 {
   unsigned int pos;
@@ -431,6 +433,11 @@
   if (!cache_init(cachesize))
     strerr_die3x(111,FATAL,"not enough memory for cache of size ",x);
 
+  x = env_get("IGNOREIP");
+  if (x)
+    if (!ip4_scan(x,ignoreip))
+      strerr_die3x(111,FATAL,"unable to parse IGNOREIP address ",x);
+
   if (env_get("HIDETTL"))
     response_hidettl();
   if (env_get("FORWARDONLY"))
diff -u orig/query.c ./query.c
--- orig/query.c	2001-02-11 16:11:45.000000000 -0500
+++ ./query.c	2003-09-15 23:22:13.000000000 -0400
@@ -13,6 +13,8 @@
 #include "response.h"
 #include "query.h"
 
+extern char ignoreip[];
+
 static int flagforwardonly = 0;
 
 void query_forwardonly(void)
@@ -643,6 +645,8 @@
         pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE;
         if (byte_equal(header + 8,2,"\0\4")) {
           pos = dns_packet_copy(buf,len,pos,header,4); if (!pos) goto DIE;
+	  /*          if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN;*/
+          if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN;
           save_data(header,4);
           log_rr(whichserver,t1,DNS_T_A,header,4,ttl);
         }
Commit	Line	Data
945d4ddb	1	This patch changes djbdns's dnscache program so that it will ignore the
	2	IP address given in the IGNOREIP environment variable. I wrote this
	3	patch because of Verisign's oh-so helpful wildcard A records for *.COM
	4	and *.NET. Install the patch like this:
	5	patch <djbdns-1.05-ignoreip.patch
	6	svc -d /service/dnscache
	7	make setup check
	8	svc -u /service/dnscache
	9
	10	Configure it to ignore Verisign's wildcard record like this:
	11	echo 64.94.110.11 >/service/dnscache/env/IGNOREIP
	12	svc -t /service/dnscache
	13
	14	If IGNOREIP isn't found in the environment variable space, nothing is
	15	ignored.
	16
	17	--
	18	--My blog is at angry-economist.russnelson.com \| Free markets express in the
	19	Crynwr sells support for free software \| PGPok \| practical world our belief
	20	521 Pleasant Valley Rd. \| +1 315 268 1925 voice \| that there is that of God
	21	Potsdam, NY 13676-3213 \| +1 315 268 9201 FAX \| in all people. -Chris V.
	22
	23
	24	diff -u orig/dnscache.c ./dnscache.c
	25	--- orig/dnscache.c 2001-02-11 16:11:45.000000000 -0500
	26	+++ ./dnscache.c 2003-09-15 23:08:36.000000000 -0400
	27	@@ -23,6 +23,8 @@
	28	#include "okclient.h"
	29	#include "droproot.h"
	30
	31	+char ignoreip[4];
	32	+
	33	static int packetquery(char buf,unsigned int len,char *q,char qtype[2],char qclass[2],char id[2])
	34	{
	35	unsigned int pos;
	36	@@ -431,6 +433,11 @@
	37	if (!cache_init(cachesize))
	38	strerr_die3x(111,FATAL,"not enough memory for cache of size ",x);
	39
	40	+ x = env_get("IGNOREIP");
	41	+ if (x)
	42	+ if (!ip4_scan(x,ignoreip))
	43	+ strerr_die3x(111,FATAL,"unable to parse IGNOREIP address ",x);
	44	+
	45	if (env_get("HIDETTL"))
	46	response_hidettl();
	47	if (env_get("FORWARDONLY"))
	48	diff -u orig/query.c ./query.c
	49	--- orig/query.c 2001-02-11 16:11:45.000000000 -0500
	50	+++ ./query.c 2003-09-15 23:22:13.000000000 -0400
	51	@@ -13,6 +13,8 @@
	52	#include "response.h"
	53	#include "query.h"
	54
	55	+extern char ignoreip[];
	56	+
	57	static int flagforwardonly = 0;
	58
	59	void query_forwardonly(void)
	60	@@ -643,6 +645,8 @@
	61	pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE;
	62	if (byte_equal(header + 8,2,"\0\4")) {
	63	pos = dns_packet_copy(buf,len,pos,header,4); if (!pos) goto DIE;
	64	+ /* if (ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN;/
65	+ if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN;
66	save_data(header,4);
67	log_rr(whichserver,t1,DNS_T_A,header,4,ttl);
68	}