On Tue, Jan 26, 2021 at 05:22:42PM +0100, Florian Obser wrote:
> On Mon, Jan 25, 2021 at 07:05:40PM +0100, Florian Obser wrote:
> > Unwind / libunbound goes pretty badly off the rails when an address
> > family is not available, it still tries to talk to nameservers with an
> > unreachable address family.
> > I don't think it's libunbound's place to figure this out. It can't
> > sensibly do a getifaddrs on every query...
> > So let's help it out a bit.
> >
> > OK?
>
> This is better.
>
> - 100% less ioctl, leading to tighter pledge after clue-bat from
> claudio while working in asr.
> - also handle RTM_DESYNC, pointed out by deraadt
Cool, it works as intended and is stable (after the other fix) for me.
> I was also toying with the idea of counting arivals and departure of
> IP addresses using the routing socket, but getting the account right
> seems complicated. I don't think a call to getifaddrs will be
> triggered that often.
I think that's fair.
Two things inline, with that
OK kn
> + for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) {
> + if (ifa->ifa_addr == NULL)
> + continue;
> + switch(ifa->ifa_addr->sa_family) {
> + case AF_LINK:
Can you add the same comment here as well as you did in asr?
/* AF_LINK comes before inet / inet6 on an interface */
> + ifa_data = (struct if_data *)ifa->ifa_data;
> + ifa_rtable = ifa_data->ifi_rdomain;
> + break;
> + case AF_INET:
> + if (ifa_rtable != rtable)
> + continue;
> rtfilter = ROUTE_FILTER(RTM_IFINFO) | ROUTE_FILTER(RTM_PROPOSAL)
> - | ROUTE_FILTER(RTM_IFANNOUNCE);
> + | ROUTE_FILTER(RTM_IFANNOUNCE) | ROUTE_FILTER(RTM_NEWADDR)
> + | ROUTE_FILTER(RTM_DELADDR);
Looks like you missed `RTM_DESYNC' here.
> if (setsockopt(frontend_routesock, AF_ROUTE, ROUTE_MSGFILTER,
> &rtfilter, sizeof(rtfilter)) == -1)
> fatal("setsockopt(ROUTE_MSGFILTER)");
