Hi Trey, Are there any specific applications requiring this patch? It seems to me most of work should be spent on applications not handling IPv4 addresses correctly. Also, I would implement filtering of both address families if it is required.
Are there specific applications, where we can help escalate the problem on their side instead? As you have already said, when they ask for A address, they should receive one. Whether it is useful or not, clients should be able to process it. And skipping to IPv6 in case of no IPv4 connectivity should be immediate. We lack full IPv6 connectivity at office, so far I know only svn is not able to switch to IPv4 only. Which is solved by switching to git. Filtering of AAAA record would have solved it too. Do you have examples of applications, where this change would help? Cheers, Petr On 6/16/21 1:26 PM, Trey Sis wrote: > On 6/14/2021 1:43, Trey Sis wrote: >> On 6/13/2021 22:01, Geert Stappers via Dnsmasq-discuss wrote: >>> On Wed, Jun 09, 2021 at 02:13:34PM +0200, Trey Sis wrote: >>>> Dropping the patch file as attachment. >>>> From 57c7fcb0b3caccae7376f71ab1a9ae74f0e7f6d9 Mon Sep 17 00:00:00 >>>> 2001 >>>> From: treysis <trey...@gmx.net> >>>> Date: Sat, 5 Jun 2021 15:27:26 +0200 >>>> Subject: [PATCH] Add option to filter A record requests >>>> >>> [1] >>> >>> >>>> --- >>>> src/dnsmasq.h | 3 ++- >>>> src/option.c | 3 +++ >>>> src/rfc1035.c | 11 +++++++++++ >>>> 3 files changed, 16 insertions(+), 1 deletion(-) >>>> >>>> diff --git a/src/dnsmasq.h b/src/dnsmasq.h >>>> index b27737b..2fec7d1 100644 >>>> --- a/src/dnsmasq.h >>>> +++ b/src/dnsmasq.h >>>> @@ -272,7 +272,8 @@ struct event_desc { >>>> #define OPT_LOG_DEBUG 62 >>>> #define OPT_UMBRELLA 63 >>>> #define OPT_UMBRELLA_DEVID 64 >>>> -#define OPT_LAST 65 >>>> +#define OPT_FILTER_A 65 >>>> +#define OPT_LAST 66 >>>> >>>> #define OPTION_BITS (sizeof(unsigned int)*8) >>>> #define OPTION_SIZE ( >>>> (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) ) >>>> diff --git a/src/option.c b/src/option.c >>>> index cacfaa6..43dc3cb 100644 >>>> --- a/src/option.c >>>> +++ b/src/option.c >>>> @@ -171,6 +171,7 @@ struct myoption { >>>> #define LOPT_DYNHOST 362 >>>> #define LOPT_LOG_DEBUG 363 >>>> #define LOPT_UMBRELLA 364 >>>> +#define LOPT_FILTER_A 365 >>>> >>>> #ifdef HAVE_GETOPT_LONG >>>> static const struct option opts[] = >>>> @@ -347,6 +348,7 @@ static const struct myoption opts[] = >>>> { "dynamic-host", 1, 0, LOPT_DYNHOST }, >>>> { "log-debug", 0, 0, LOPT_LOG_DEBUG }, >>>> { "umbrella", 2, 0, LOPT_UMBRELLA }, >>>> + { "filter-a", 0, 0, LOPT_FILTER_A }, >>>> { NULL, 0, 0, 0 } >>>> }; >>>> >>>> @@ -530,6 +532,7 @@ static struct { >>>> { LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which >>>> packets to dump"), NULL }, >>>> { LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call >>>> dhcp-script when lease expiry changes."), NULL }, >>>> { LOPT_UMBRELLA, ARG_ONE, "[=<optspec>]", gettext_noop("Send >>>> Cisco Umbrella identifiers including remote IP."), NULL }, >>>> + { LOPT_FILTER_A, OPT_FILTER_A, NULL, gettext_noop("Filter all A >>>> requests."), NULL }, >>>> { 0, 0, NULL, NULL, NULL } >>>> }; >>>> >>>> diff --git a/src/rfc1035.c b/src/rfc1035.c >>>> index 9bc5ef2..1043773 100644 >>>> --- a/src/rfc1035.c >>>> +++ b/src/rfc1035.c >>>> @@ -1843,6 +1843,17 @@ size_t answer_request(struct dns_header >>>> *header, char *limit, size_t qlen, >>>> } >>>> } >>>> >>>> + /* filter A forwards */ >>>> + if (qtype == T_A && option_bool(OPT_FILTER_A)) >>>> + { >>>> + /* return a null reply */ >>>> + ans = 1; >>>> + if (!dryrun) >>>> + log_query(F_CONFIG | F_IPV6 | F_NEG, name, &addr, NULL); >>>> + break; >>>> + } >>>> + /* end of filtering A */ >>>> + >>>> if (!ans) >>>> return 0; /* failed to answer a question */ >>>> } >>> >>> >>> /home/stappers/src/dnsmasq/.git/rebase-apply/patch:62: trailing >>> whitespace. >>> if (!dryrun) >>> warning: 1 line adds whitespace errors. >> >> My bad! Fixed. Find the new patch attached to this message. >> >> >> >> _______________________________________________ >> Dnsmasq-discuss mailing list >> Dnsmasq-discuss@lists.thekelleys.org.uk >> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss > > Hello everyone, > > I was wondering if anyone has any suggestions or objections for the > patch? > > I still think it would be very valuable for many setups out there to > drop A records. Most OS don't query for AAAA if there is no IPv6 > connection. But none don't query for A if there is no IPv4. That often > causes problems with applications that did not (yet) implement happy > eyeballs. Getting this upstream would make it much easier to handle > IPv6-only environments. > > What do you think? > > Regards, > > Treysis > > > > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss -- Petr Menšík Software Engineer Red Hat, http://www.redhat.com/ email: pemen...@redhat.com PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss