1 This patch changes djbdns's dnscache program so that it will ignore the
2 IP address given in the IGNOREIP environment variable. I wrote this
3 patch because of Verisign's oh-so helpful wildcard A records for *.COM
4 and *.NET. Install the patch like this:
5 patch <djbdns-1.05-ignoreip.patch
6 svc -d /service/dnscache
8 svc -u /service/dnscache
10 Configure it to ignore Verisign's wildcard record like this:
11 echo 64.94.110.11 >/service/dnscache/env/IGNOREIP
12 svc -t /service/dnscache
14 If IGNOREIP isn't found in the environment variable space, nothing is
18 --My blog is at angry-economist.russnelson.com | Free markets express in the
19 Crynwr sells support for free software | PGPok | practical world our belief
20 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that there is that of God
21 Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | in all people. -Chris V.
24 diff -u orig/dnscache.c ./dnscache.c
25 --- orig/dnscache.c 2001-02-11 16:11:45.000000000 -0500
26 +++ ./dnscache.c 2003-09-15 23:08:36.000000000 -0400
33 static int packetquery(char *buf,unsigned int len,char **q,char qtype[2],char qclass[2],char id[2])
37 if (!cache_init(cachesize))
38 strerr_die3x(111,FATAL,"not enough memory for cache of size ",x);
40 + x = env_get("IGNOREIP");
42 + if (!ip4_scan(x,ignoreip))
43 + strerr_die3x(111,FATAL,"unable to parse IGNOREIP address ",x);
45 if (env_get("HIDETTL"))
47 if (env_get("FORWARDONLY"))
48 diff -u orig/query.c ./query.c
49 --- orig/query.c 2001-02-11 16:11:45.000000000 -0500
50 +++ ./query.c 2003-09-15 23:22:13.000000000 -0400
55 +extern char ignoreip[];
57 static int flagforwardonly = 0;
59 void query_forwardonly(void)
61 pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE;
62 if (byte_equal(header + 8,2,"\0\4")) {
63 pos = dns_packet_copy(buf,len,pos,header,4); if (!pos) goto DIE;
64 + /* if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN;*/
65 + if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN;
67 log_rr(whichserver,t1,DNS_T_A,header,4,ttl);