From: bert hubert Date: Wed, 28 Oct 2015 15:53:59 +0000 (+0100) Subject: it is a wip X-Git-Tag: dnsdist-1.0.0-alpha1~230^2~15 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c4443ccbe3196324c7971b56883224b9d2861c08;p=pdns it is a wip --- diff --git a/modules/geoipbackend/geoipbackend.cc b/modules/geoipbackend/geoipbackend.cc index 329af97be..19a7b5e91 100644 --- a/modules/geoipbackend/geoipbackend.cc +++ b/modules/geoipbackend/geoipbackend.cc @@ -15,6 +15,7 @@ public: int ttl; map services; map > records; + uint8_t ipv4EDNSScope{24}, ipv6EDNSScope{64}; }; static vector s_domains; @@ -95,6 +96,9 @@ void GeoIPBackend::initialize() { dom.id = s_domains.size(); dom.domain = DNSName(domain["domain"].as()); dom.ttl = domain["ttl"].as(); + dom.ipv4EDNSScope = domain["ipv4ednsscope"].as(24); + dom.ipv6EDNSScope = domain["ipv6ednsscope"].as(64); + for(YAML::const_iterator recs = domain["records"].begin(); recs != domain["records"].end(); recs++) { DNSName qname = DNSName(recs->first.as()); @@ -247,7 +251,7 @@ void GeoIPBackend::lookup(const QType &qtype, const DNSName& qdomain, DNSPacket if (ri != dom.records.end()) { // return static value for(DNSResourceRecord& rr : ri->second) { if (qtype == QType::ANY || rr.qtype == qtype) { - rr.scopeMask = (v6 ? 128 : 32); + rr.scopeMask = (v6 ? dom.ipv6EDNSScope : dom.ipv4EDNSScope); d_result.push_back(rr); d_result.back().qname = qdomain; } @@ -264,7 +268,7 @@ void GeoIPBackend::lookup(const QType &qtype, const DNSName& qdomain, DNSPacket rr.content = format; rr.auth = 1; rr.ttl = dom.ttl; - rr.scopeMask = (v6 ? 128 : 32); + rr.scopeMask = (v6 ? dom.ipv6EDNSScope : dom.ipv4EDNSScope); d_result.push_back(rr); } diff --git a/pdns/Makefile.am b/pdns/Makefile.am index 69ae6a732..b034870f6 100644 --- a/pdns/Makefile.am +++ b/pdns/Makefile.am @@ -1116,6 +1116,7 @@ pdns_recursor_SOURCES = \ dnsrecords.cc dnsrecords.hh \ dnssecinfra.cc \ dnswriter.cc dnswriter.hh \ + ednssubnet.cc ednssubnet.hh \ filterpo.cc filterpo.hh \ gss_context.cc gss_context.hh \ iputils.cc \ diff --git a/pdns/lwres.cc b/pdns/lwres.cc index e8e6a5daa..1d30ca127 100644 --- a/pdns/lwres.cc +++ b/pdns/lwres.cc @@ -47,6 +47,7 @@ #include "dns_random.hh" #include #include +#include "ednssubnet.hh" //! returns -2 for OS limits error, -1 for permanent error that has to do with remote **transport**, 0 for timeout, 1 for success /** lwr is only filled out in case 1 was returned, and even when returning 1 for 'success', lwr might contain DNS errors @@ -68,6 +69,9 @@ int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool d if(EDNS0Level && !doTCP) { DNSPacketWriter::optvect_t opts; + EDNSSubnetOpts eo; + eo.source = Netmask("2001:470:1f0b:27e:1850:ae41:cc31:7765"); + opts.push_back(make_pair(8, makeEDNSSubnetOptsString(eo))); pw.addOpt(1200, 0, EDNSOpts::DNSSECOK, opts); // 1200 bytes answer size pw.commit(); diff --git a/pdns/recursor_cache.hh b/pdns/recursor_cache.hh index 1c643d084..c814d0f18 100644 --- a/pdns/recursor_cache.hh +++ b/pdns/recursor_cache.hh @@ -16,7 +16,7 @@ #include #include #include - +#include "iputils.hh" #undef max #define L theL() @@ -49,7 +49,7 @@ private: struct CacheEntry { CacheEntry(const boost::tuple& key, const vector>& records, bool auth) : - d_qname(key.get<0>()), d_qtype(key.get<1>()), d_auth(auth), d_records(records), d_ttd(0) + d_qname(key.get<0>()), d_qtype(key.get<1>()), d_auth(auth), d_ttd(0), d_records(records) {} typedef vector> records_t; @@ -59,11 +59,12 @@ private: return d_ttd; } - DNSName d_qname; + DNSName d_qname; uint16_t d_qtype; bool d_auth; - records_t d_records; uint32_t d_ttd; + records_t d_records; + vector > d_subnetspecific; }; typedef multi_index_container< diff --git a/pdns/sdig.cc b/pdns/sdig.cc index 95e9bde2a..19227a41a 100644 --- a/pdns/sdig.cc +++ b/pdns/sdig.cc @@ -60,8 +60,6 @@ try bufsize=2800; DNSPacketWriter::optvect_t opts; if(ednsnm) { - - EDNSSubnetOpts eo; eo.source = *ednsnm; opts.push_back(make_pair(8, makeEDNSSubnetOptsString(eo)));