I received a similar diff from Angelos a while back, though I turned it down
on the grounds that rebound wasn't ready to be a recursive resolver. But I
think we're in better shape now.
This adds a -l address option to specify the listening address, turning
rebound into a lightweight partial replacement for unbound for a small network.
It's barely any more code, just changing the bind address.
Motivated to revisit this because unbound pooped itself again recently. Maybe
I'm just unlucky, but I have trouble with certain queries getting stuck in a
blackhole. I'd fix that problem, but I'm incapable of understanding programs
larger than 1000 lines of C.
Index: rebound.8
===================================================================
RCS file: /cvs/src/usr.sbin/rebound/rebound.8,v
retrieving revision 1.6
diff -u -p -r1.6 rebound.8
--- rebound.8 7 Oct 2016 21:03:06 -0000 1.6
+++ rebound.8 3 Jul 2017 03:26:08 -0000
@@ -23,6 +23,7 @@
.Nm rebound
.Op Fl d
.Op Fl c Ar config
+.Op Fl l Ar address
.Sh DESCRIPTION
The
.Nm
@@ -49,6 +50,10 @@ Debug mode.
does not
.Xr fork 2
into the background.
+.It Fl l Ar address
+Listen for connections by binding to
+.Ar address ,
+an IP specified in dotted quad notation, instead of the default of localhost.
.El
.Sh FILES
.Bl -tag -width "/etc/resolv.confXX" -compact
Index: rebound.c
===================================================================
RCS file: /cvs/src/usr.sbin/rebound/rebound.c,v
retrieving revision 1.84
diff -u -p -r1.84 rebound.c
--- rebound.c 31 May 2017 04:52:11 -0000 1.84
+++ rebound.c 3 Jul 2017 03:26:26 -0000
@@ -896,7 +896,7 @@ resetport(void)
static void __dead
usage(void)
{
- fprintf(stderr, "usage: rebound [-d] [-c config]\n");
+ fprintf(stderr, "usage: rebound [-d] [-c config] [-l address]\n");
exit(1);
}
@@ -909,6 +909,7 @@ main(int argc, char **argv)
int ld, ld6, ud, ud6, ch;
int one = 1;
const char *confname = "/etc/resolv.conf";
+ const char *bindname = "127.0.0.1";
tzset();
openlog("rebound", LOG_PID | LOG_NDELAY, LOG_DAEMON);
@@ -916,7 +917,7 @@ main(int argc, char **argv)
signal(SIGPIPE, SIG_IGN);
signal(SIGUSR1, SIG_IGN);
- while ((ch = getopt(argc, argv, "c:dW")) != -1) {
+ while ((ch = getopt(argc, argv, "c:dl:W")) != -1) {
switch (ch) {
case 'c':
confname = optarg;
@@ -924,6 +925,10 @@ main(int argc, char **argv)
case 'd':
debug = 1;
break;
+ case 'l':
+ bindname = optarg;
+ jackport = 0;
+ break;
case 'W':
daemonized = 1;
/* parent responsible for setting up fds */
@@ -945,8 +950,8 @@ main(int argc, char **argv)
memset(&bindaddr, 0, sizeof(bindaddr));
bindaddr.i.sin_len = sizeof(bindaddr.i);
bindaddr.i.sin_family = AF_INET;
- bindaddr.i.sin_port = htons(jackport);
- inet_aton("127.0.0.1", &bindaddr.i.sin_addr);
+ bindaddr.i.sin_port = htons(jackport ? jackport : 53);
+ inet_aton(bindname, &bindaddr.i.sin_addr);
ud = socket(AF_INET, SOCK_DGRAM, 0);
if (ud == -1)
@@ -966,7 +971,7 @@ main(int argc, char **argv)
memset(&bindaddr, 0, sizeof(bindaddr));
bindaddr.i6.sin6_len = sizeof(bindaddr.i6);
bindaddr.i6.sin6_family = AF_INET6;
- bindaddr.i6.sin6_port = htons(jackport);
+ bindaddr.i6.sin6_port = htons(jackport ? jackport : 53);
bindaddr.i6.sin6_addr = in6addr_loopback;
ud6 = socket(AF_INET6, SOCK_DGRAM, 0);
@@ -984,8 +989,10 @@ main(int argc, char **argv)
if (listen(ld6, 10) == -1)
logerr("listen: %s", strerror(errno));
- atexit(resetport);
- sysctl(dnsjacking, 2, NULL, NULL, &jackport, sizeof(jackport));
+ if (jackport) {
+ atexit(resetport);
+ sysctl(dnsjacking, 2, NULL, NULL, &jackport, sizeof(jackport));
+ }
if (debug) {
int conffd = openconfig(confname, -1);
