| [c5c522c] | 1 | This patch changes djbdns's dnscache program so that it will ignore the |
|---|
| 2 | IP address given in the IGNOREIP environment variable. I wrote this |
|---|
| 3 | patch because of Verisign's oh-so helpful wildcard A records for *.COM |
|---|
| 4 | and *.NET. Install the patch like this: |
|---|
| 5 | patch <djbdns-1.05-ignoreip.patch |
|---|
| 6 | svc -d /service/dnscache |
|---|
| 7 | make setup check |
|---|
| 8 | svc -u /service/dnscache |
|---|
| 9 | |
|---|
| 10 | Configure it to ignore Verisign's wildcard record like this: |
|---|
| 11 | echo 64.94.110.11 >/service/dnscache/env/IGNOREIP |
|---|
| 12 | svc -t /service/dnscache |
|---|
| 13 | |
|---|
| 14 | If IGNOREIP isn't found in the environment variable space, nothing is |
|---|
| 15 | ignored. |
|---|
| 16 | |
|---|
| 17 | -- |
|---|
| 18 | --My blog is at angry-economist.russnelson.com | Free markets express in the |
|---|
| 19 | Crynwr sells support for free software | PGPok | practical world our belief |
|---|
| 20 | 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that there is that of God |
|---|
| 21 | Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | in all people. -Chris V. |
|---|
| 22 | |
|---|
| 23 | |
|---|
| 24 | diff -u orig/dnscache.c ./dnscache.c |
|---|
| 25 | --- orig/dnscache.c 2001-02-11 16:11:45.000000000 -0500 |
|---|
| 26 | +++ ./dnscache.c 2003-09-15 23:08:36.000000000 -0400 |
|---|
| 27 | @@ -23,6 +23,8 @@ |
|---|
| 28 | #include "okclient.h" |
|---|
| 29 | #include "droproot.h" |
|---|
| 30 | |
|---|
| 31 | +char ignoreip[4]; |
|---|
| 32 | + |
|---|
| 33 | static int packetquery(char *buf,unsigned int len,char **q,char qtype[2],char qclass[2],char id[2]) |
|---|
| 34 | { |
|---|
| 35 | unsigned int pos; |
|---|
| 36 | @@ -431,6 +433,11 @@ |
|---|
| 37 | if (!cache_init(cachesize)) |
|---|
| 38 | strerr_die3x(111,FATAL,"not enough memory for cache of size ",x); |
|---|
| 39 | |
|---|
| 40 | + x = env_get("IGNOREIP"); |
|---|
| 41 | + if (x) |
|---|
| 42 | + if (!ip4_scan(x,ignoreip)) |
|---|
| 43 | + strerr_die3x(111,FATAL,"unable to parse IGNOREIP address ",x); |
|---|
| 44 | + |
|---|
| 45 | if (env_get("HIDETTL")) |
|---|
| 46 | response_hidettl(); |
|---|
| 47 | if (env_get("FORWARDONLY")) |
|---|
| 48 | diff -u orig/query.c ./query.c |
|---|
| 49 | --- orig/query.c 2001-02-11 16:11:45.000000000 -0500 |
|---|
| 50 | +++ ./query.c 2003-09-15 23:22:13.000000000 -0400 |
|---|
| 51 | @@ -13,6 +13,8 @@ |
|---|
| 52 | #include "response.h" |
|---|
| 53 | #include "query.h" |
|---|
| 54 | |
|---|
| 55 | +extern char ignoreip[]; |
|---|
| 56 | + |
|---|
| 57 | static int flagforwardonly = 0; |
|---|
| 58 | |
|---|
| 59 | void query_forwardonly(void) |
|---|
| 60 | @@ -643,6 +645,8 @@ |
|---|
| 61 | pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; |
|---|
| 62 | if (byte_equal(header + 8,2,"\0\4")) { |
|---|
| 63 | pos = dns_packet_copy(buf,len,pos,header,4); if (!pos) goto DIE; |
|---|
| 64 | + /* if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN;*/ |
|---|
| 65 | + if (*ignoreip) if (byte_equal(header,4,ignoreip)) goto NXDOMAIN; |
|---|
| 66 | save_data(header,4); |
|---|
| 67 | log_rr(whichserver,t1,DNS_T_A,header,4,ttl); |
|---|
| 68 | } |
|---|
| 69 | |
|---|
