On Thu, Jan 25, 2018 at 04:03:57PM +0100, Mattias Hellström wrote:
> Hi,
> I have made a patch to disable the A-for-A feature.
> I believe that the text portions can be made better by an actual DNS expert.
> 
> Given the following quote, and if that trend holds true, there are probably
> no significant A-for-A requests anymore.
> 
> The percentages of A-for-A seen by root servers reported in 2001, 2003, and
> 2008 was 12%???18%, 7.03%, and 2.7%, respectively. The decreasing trend
} 2008 was 12%, 7.03%, and 2.7%, respectively. The decreasing trend
> continues in our data collected in 2012, where A-for-A only contributes
> 0.4% of the traffic.
> 
> [[ http://cs.northwestern.edu/~ychen/Papers/DNS_ToN15.pdf ]]
> 
> 
> ---
> 
>  man/dnsmasq.8 | 3 +++
> 
>  src/dnsmasq.h | 3 ++-
> 
>  src/option.c  | 3 +++
> 
>  src/rfc1035.c | 2 +-
> 
>  4 files changed, 9 insertions(+), 2 deletions(-)
> 
> 
> diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
> 
> index 6b914ec..40d531c 100644
> 
> --- a/man/dnsmasq.8
> 
> +++ b/man/dnsmasq.8
> 

FWIW
  after "unmengle what was mengled by email programm" still patch errors occure.


Find attached the unmengled patch, it will yield this 

patching file man/dnsmasq.8
Hunk #1 succeeded at 1908 with fuzz 1.
patching file src/dnsmasq.h
Hunk #1 FAILED at 250.
1 out of 1 hunk FAILED -- saving rejects to file src/dnsmasq.h.rej
patching file src/option.c
Hunk #1 FAILED at 160.
Hunk #3 succeeded at 498 with fuzz 2.
1 out of 3 hunks FAILED -- saving rejects to file src/option.c.rej
patching file src/rfc1035.c
Hunk #1 FAILED at 1570.
1 out of 1 hunk FAILED -- saving rejects to file src/rfc1035.c.rej


against git HEAD



Groeten
Geert Stappers
-- 
Leven en laten leven
Hi,
I have made a patch to disable the A-for-A feature.
I believe that the text portions can be made better by an actual DNS expert.
Given the following quote, and if that trend holds true, there are probably
no significant A-for-A requests anymore.
The percentages of A-for-A seen by root servers reported in 2001, 2003, and
2008 was 12%–18%, 7.03%, and 2.7%, respectively. The decreasing trend
continues in our data collected in 2012, where A-for-A only contributes
0.4% of the traffic.
[[ http://cs.northwestern.edu/~ychen/Papers/DNS_ToN15.pdf ]]
---
 man/dnsmasq.8 | 3 +++
 src/dnsmasq.h | 3 ++-
 src/option.c  | 3 +++
 src/rfc1035.c | 2 +-
 4 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
index 6b914ec..40d531c 100644
--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -1908,6 +1908,9 @@ A special case of
 which differs in two respects. Firstly, only --server and --rev-server are allowed
 in the configuration file included. Secondly, the file is re-read and the configuration
 therein is updated when dnsmasq receives SIGHUP.
+.TP
+.B --no-afora
+Do not treat A-for-A DNS requests special. I.e. do not duck type a FQDN to an IP.
 .SH CONFIG FILE
 At startup, dnsmasq reads
 .I /etc/dnsmasq.conf,
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index f4d330a..dbb3477 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -250,7 +250,8 @@ struct event_desc {
 #define OPT_MAC_B64        54
 #define OPT_MAC_HEX        55
 #define OPT_TFTP_APREF_MAC 56
-#define OPT_LAST           57
+#define OPT_NO_AFORA       57
+#define OPT_LAST           58
 /* extra flags for my_syslog, we use a couple of facilities since they are known
    not to occupy the same bits as priorities, no matter how syslog.h is set up. */
 
diff --git a/src/option.c b/src/option.c
index 831593b..be3bb9e 100644
--- a/src/option.c
+++ b/src/option.c
@@ -160,6 +160,7 @@ struct myoption {
 #define LOPT_DHCPTTL       348
 #define LOPT_TFTP_MTU      349
 #define LOPT_REPLY_DELAY   350
+#define LOPT_NO_AFORA      351
 #ifdef HAVE_GETOPT_LONG
 static const struct option opts[] =
 
@@ -325,6 +326,7 @@ static const struct myoption opts[] =
     { "script-arp", 0, 0, LOPT_SCRIPT_ARP },
     { "dhcp-ttl", 1, 0 , LOPT_DHCPTTL },
     { "dhcp-reply-delay", 1, 0, LOPT_REPLY_DELAY },
+    { "no-afora", 0, 0, LOPT_NO_AFORA },
     { NULL, 0, 0, 0 }
   };

@@ -497,6 +499,7 @@ static struct {
   { LOPT_IGNORE_ADDR, ARG_DUP, "<ipaddr>", gettext_noop("Ignore DNS responses containing ipaddr."), NULL },
   { LOPT_DHCPTTL, ARG_ONE, "<ttl>", gettext_noop("Set TTL in DNS responses with DHCP-derived addresses."), NULL },
   { LOPT_REPLY_DELAY, ARG_ONE, "<integer>", gettext_noop("Delay DHCP replies for at least number of seconds."), NULL },
+  { LOPT_NO_AFORA, OPT_NO_AFORA, NULL, gettext_noop("Do not treat A-for-A special."), NULL },
   { 0, 0, NULL, NULL, NULL }
 };
 
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 0ad3ab1..940fc25 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1570,7 +1570,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
              /* Check for "A for A"  queries; be rather conservative
                 about what looks like dotted-quad.  */
-             if (qtype == T_A)
+             if (qtype == T_A && !option_bool(OPT_NO_AFORA))
                {
                  char *cp;
                  unsigned int i, a;
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to