add a TCP flag to addLocal so you can selectively disable TCP/IP (default is on)

diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc
index 63825f6af2970a69d2fb137843c75fb6b4cef4e9..dc95f501987a168969550942dac2898a5092ea02 100644 (file)
--- a/pdns/dnsdist-lua.cc
+++ b/pdns/dnsdist-lua.cc
@@ -248,12 +248,12 @@ vector<std::function<void(void)>> setupLua(bool client, const std::string& confi
       g_ACL.modify([domain](NetmaskGroup& nmg) { nmg.addMask(domain); });
     });
 
-  g_lua.writeFunction("addLocal", [client](const std::string& addr) {
+  g_lua.writeFunction("addLocal", [client](const std::string& addr, boost::optional<bool> doTCP) {
       if(client)
        return;
       try {
        ComboAddress loc(addr, 53);
-       g_locals.push_back(loc); /// only works pre-startup, so no sync necessary
+       g_locals.push_back({loc, doTCP ? *doTCP : true}); /// only works pre-startup, so no sync necessary
       }
       catch(std::exception& e) {
        g_outputBuffer="Error: "+string(e.what())+"\n";

diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc
index aa0d6e756db185622fe9ad560ae967bafddf49dd..b1d58531dd006c3557da681369f05c77b9da383a 100644 (file)
--- a/pdns/dnsdist.cc
+++ b/pdns/dnsdist.cc
@@ -63,7 +63,7 @@ bool g_console;
 
 GlobalStateHolder<NetmaskGroup> g_ACL;
 string g_outputBuffer;
-vector<ComboAddress> g_locals;
+vector<std::pair<ComboAddress, bool>> g_locals;
 
 /* UDP: the grand design. Per socket we listen on for incoming queries there is one thread.
    Then we have a bunch of connected sockets for talking to downstream servers. 
@@ -1031,29 +1031,29 @@ try
   if(g_cmdLine.locals.size()) {
     g_locals.clear();
     for(auto loc : g_cmdLine.locals)
-      g_locals.push_back(ComboAddress(loc, 53));
+      g_locals.push_back({ComboAddress(loc, 53), true});
   }
   
   if(g_locals.empty())
-    g_locals.push_back(ComboAddress("0.0.0.0", 53));
+    g_locals.push_back({ComboAddress("0.0.0.0", 53), true});
   
 
   vector<ClientState*> toLaunch;
   for(const auto& local : g_locals) {
     ClientState* cs = new ClientState;
-    cs->local= local;
+    cs->local= local.first;
     cs->udpFD = SSocket(cs->local.sin4.sin_family, SOCK_DGRAM, 0);
     if(cs->local.sin4.sin_family == AF_INET6) {
       SSetsockopt(cs->udpFD, IPPROTO_IPV6, IPV6_V6ONLY, 1);
     }
     //if(g_vm.count("bind-non-local"))
-    bindAny(local.sin4.sin_family, cs->udpFD);
+    bindAny(local.first.sin4.sin_family, cs->udpFD);
 
     //    if (!setSocketTimestamps(cs->udpFD))
     //      L<<Logger::Warning<<"Unable to enable timestamp reporting for socket"<<endl;
 
 
-    if(IsAnyAddress(local)) {
+    if(IsAnyAddress(local.first)) {
       int one=1;
       setsockopt(cs->udpFD, IPPROTO_IP, GEN_IP_PKTINFO, &one, sizeof(one));     // linux supports this, so why not - might fail on other systems
 #ifdef IPV6_RECVPKTINFO
@@ -1106,7 +1106,11 @@ try
 
   for(const auto& local : g_locals) {
     ClientState* cs = new ClientState;
-    cs->local= local;
+    if(!local.second) { // no TCP/IP
+      warnlog("Not providing TCP/IP service on local address '%s'", local.first.toStringWithPort());
+      continue;
+    }
+    cs->local= local.first;
 
     cs->tcpFD = SSocket(cs->local.sin4.sin_family, SOCK_STREAM, 0);
 

diff --git a/pdns/dnsdist.hh b/pdns/dnsdist.hh
index fce1b0b462ee18fae226261ebe52957cb45a5fee..0e0e12645da7cc94ba381720cc0ec3630af3be7b 100644 (file)
--- a/pdns/dnsdist.hh
+++ b/pdns/dnsdist.hh
@@ -315,7 +315,7 @@ extern GlobalStateHolder<NetmaskGroup> g_ACL;
 
 extern ComboAddress g_serverControl; // not changed during runtime
 
-extern std::vector<ComboAddress> g_locals; // not changed at runtime
+extern std::vector<std::pair<ComboAddress, bool>> g_locals; // not changed at runtime (we hope XXX)
 extern std::string g_key; // in theory needs locking
 extern bool g_truncateTC;
 struct dnsheader;