) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
---
Makefile | 2 +-
man/dnsmasq.8 | 31 +++-
src/dnsmasq.h | 25 +++-
src
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
---
Makefile | 2 +-
man/dnsmasq.8 | 31 +++-
src/dnsmasq.h | 25 +++-
src
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
---
Makefile | 2 +-
man/dnsmasq.8 | 31 +++-
src/dnsmasq.h | 25 +++-
src
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
---
v2: Rebase to v2.83, and fix compilation when HAVE_UBUS not present.
v3: Rebase
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
---
v2: Rebase to v2.83, and fix compilation when HAVE_UBUS not present.
v3: Rebase
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
(addressed reviewer feedback)
Signed-off-by: Etan Kissling
---
v2: Rebase to v2.83
This integrates the proposed Dnsmasq patch from email:
- [PATCH v5] dnsmasq: connection track mark based DNS query filtering
into OpenWrt 21.02.
Signed-off-by: Etan Kissling
(updated to latest patch)
Signed-off-by: Etan Kissling
---
Etan Kissling :
v2: Update to v6 of underlying dnsmasq patch
> On 16 Jun 2021, at 10:45, john doe wrote:
>
> Where's the v1?
Full history:
v1: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014595.html
v2: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014601.html
v3:
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
(addressed reviewer feedback)
Signed-off-by: Etan Kissling
---
v2: Rebase to v2.83
This integrates the proposed Dnsmasq patch from email:
- [PATCH v5] dnsmasq: connection track mark based DNS query filtering
into OpenWrt 21.02.
Signed-off-by: Etan Kissling
(updated to latest patch)
Signed-off-by: Etan Kissling
---
Etan Kissling :
v2: Update to v6 of underlying dnsmasq patch
From: Dnsmasq-discuss on
behalf of Xingcong Li
> Hello, I found the commit 627056febbf1b08e3028700184ee2f6c7ae799c6 breaks the
> legacy support of ipset.
Thanks for catching this! Appreciate it.
> In commit 627056febb there is no "searching ipset now" in running logs. The
> return
ensures that the new filters only apply to requests (QR=0 @ hdr)
Signed-off-by: Etan Kissling
---
src/rfc1035.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/rfc1035.c b/src/rfc1035.c
index a163919..9f4504e 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -982,10
> On 16 Jun 2021, at 23:56, Etan Kissling wrote:
>
> This integrates the proposed Dnsmasq patch from email:
> - [PATCH v5] dnsmasq: connection track mark based DNS query filtering
> into OpenWrt 21.02.
>
> Signed-off-by: Etan Kissling
> (updated to latest patc
When using multiple dnsmasq instances Ubus only connects on one of them.
Since 3c93e8eb41952a9c91699386132d6fe83050e9be dnsmasq crashes instead.
This change avoids the crash, leading to a graceful retry + error log.
Signed-off-by: Etan Kissling
---
src/dnsmasq.c | 4 +---
1 file changed, 1
On 27.06.21, 19:48, "Simon Kelley" wrote:
> My change made the ubus code work in the same way as DBus. It expects
> that ubus_init() will return a non-NULL error report if something
> unexpected and nasty happened. (maybe a configuration that can never
> work.) If the Ubus connection cannot
On 27.06.21, 22:56, "Simon Kelley" wrote:
> I've committed 8a1ef367e27e570cac40d3b09920a4a60c5f7e0b which has the
> same effect as your patch, but modifies the ubus code, and contains a
> note that this needs to be looked at by someone who knows. It
> more-or-less restores the status-quo
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
(addressed reviewer feedback)
Signed-off-by: Etan Kissling
---
v2: Rebase to v2.83
This integrates the proposed Dnsmasq patch from email:
- [PATCH v5] dnsmasq: connection track mark based DNS query filtering
into OpenWrt 21.02.
Signed-off-by: Etan Kissling
(updated to latest patch)
Signed-off-by: Etan Kissling
---
Etan Kissling :
v2: Update to v6 of underlying dnsmasq patch
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
(addressed reviewer feedback)
Signed-off-by: Etan Kissling
---
v2: Rebase to v2.83
On 17.02.21, 23:41, "Dnsmasq-discuss on behalf of Geert Stappers"
wrote:
> > @@ -567,6 +568,12 @@ struct ipsets {
> >struct ipsets *next;
> > };
> >
> > +struct allowlist {
> > + uint32_t mark, mask;
> > + char **patterns;
> > + struct allowlist *next;
> > +};
> > +
>
> I think the
On 17.02.21, 23:48, "Simon Kelley" wrote:
> > When submitting a patch I noticed that the Dnsmasq mailing list modifies
> > the subject of the email (prefix [Dnsmasq-discuss]) as well as appends
> > 'Dnsmasq-discuss mailing list' information to the end of my message.
>
> There's no particular
When submitting a patch I noticed that the Dnsmasq mailing list modifies
the subject of the email (prefix [Dnsmasq-discuss]) as well as appends
'Dnsmasq-discuss mailing list' information to the end of my message.
These modifications break DKIM signatures of our emails, leading to them
being
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
---
v2: Rebase to v2.83, and fix compilation when HAVE_UBUS not present.
v3: Rebase
On 18.02.21, 22:10, "Dnsmasq-discuss on behalf of Geert Stappers"
wrote:
> On Thu, Feb 18, 2021 at 12:11:55AM +0100, Etan Kissling wrote:
> > On 17.02.21, 23:41, Geert Stappers" wrote:
> > > > +#if defined(HAVE_CONNTRACK) && defined(HAVE_UBUS)
&g
) Reporting when a DNS query resolves or is rejected via Ubus.
4) DNS name patterns containing wildcards.
Disallowed queries are not forwarded; they are rejected
with a REFUSED error code.
Signed-off-by: Etan Kissling
---
v2: Rebase to v2.83, and fix compilation when HAVE_UBUS not present.
v3: Rebase
The various blob / blobmsg commands can fail, e.g., when memory is low.
Previously, those errors were silently discarded. This patch adds checks
for the error conditions, logging them and exiting from the functions.
Signed-off-by: Etan Kissling
---
src/ubus.c | 72
, similarly as is done in other existing OpenWrt code.
Signed-off-by: Etan Kissling
---
src/ubus.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/src/ubus.c b/src/ubus.c
index 296a496..37e36fa 100644
--- a/src/ubus.c
+++ b/src/ubus.c
@@ -21,7 +21,6 @@
#include
static
-by: Etan Kissling
---
src/ubus.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/ubus.c b/src/ubus.c
index 37e36fa..d8cbeca 100644
--- a/src/ubus.c
+++ b/src/ubus.c
@@ -81,12 +81,12 @@ static void ubus_subscribe_cb(struct ubus_context *ctx,
struct ubus_object *obj
The various blob / blobmsg commands can fail, e.g., when memory is low.
Previously, those errors were silently discarded. This patch adds checks
for the error conditions, logging them and exiting from the functions.
Signed-off-by: Etan Kissling
---
v2: Fix compile.
src/ubus.c | 72
This brings the log levels emitted by connmark pattern code in line with
the rest of the code base. LOG_DEBUG is used for diagnostics that may be
verbose depending on the request patterns. LOG_ERR is used for problems
with the implementation itself.
Signed-off-by: Etan Kissling
---
src
Majority of code base does not use C90-style // end of line comments.
This formats the few existing exceptions using /* */ for consistency.
---
NOTE: This builds on top of the other patches that I just submitted.
src/hash-questions.c | 14 +++---
src/pattern.c| 8
>From 7694255ba440a1f53faeaae6cd034d0e1256e8a9 Mon Sep 17 00:00:00 2001
From: Etan Kissling
Date: Mon, 20 Apr 2020 16:39:24 +0200
Subject: [PATCH] openwrt: Integration of connmark based DNS filtering
This integrates the proposed Dnsmasq patch from email:
- [PATCH v5] dnsmasq: connection tr
>From 7694255ba440a1f53faeaae6cd034d0e1256e8a9 Mon Sep 17 00:00:00 2001
From: Etan Kissling
Date: Mon, 20 Apr 2020 16:39:24 +0200
Subject: [PATCH] openwrt: Integration of connmark based DNS filtering
This integrates the proposed Dnsmasq patch from email:
- [PATCH v5] dnsmasq: connection tr
On 21.02.21, 21:54, "Dnsmasq-discuss on behalf of Simon Kelley"
wrote:
> OK. It's set. Looking for feedback, good and bad.
>
> Simon.
My latest '[PATCH v5] Connection track mark based DNS query filtering.'
email did no longer get filtered into the junk folder, so I think the
settings may be
34 matches
Mail list logo