From 652a7355dcdfc4d162b54df75d5214b4329231b5 Mon Sep 17 00:00:00 2001
From: bert hubert <bert.hubert@netherlabs.nl>
Date: Tue, 1 Sep 2015 15:36:30 +0200
Subject: [PATCH] add a TCP flag to addLocal so you can selectively disable
 TCP/IP (default is on)

---
 pdns/dnsdist-lua.cc |  4 ++--
 pdns/dnsdist.cc     | 18 +++++++++++-------
 pdns/dnsdist.hh     |  2 +-
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc
index 63825f6af..dc95f5019 100644
--- a/pdns/dnsdist-lua.cc
+++ b/pdns/dnsdist-lua.cc
@@ -248,12 +248,12 @@ vector<std::function<void(void)>> setupLua(bool client, const std::string& confi
       g_ACL.modify([domain](NetmaskGroup& nmg) { nmg.addMask(domain); });
     });
 
-  g_lua.writeFunction("addLocal", [client](const std::string& addr) {
+  g_lua.writeFunction("addLocal", [client](const std::string& addr, boost::optional<bool> doTCP) {
       if(client)
 	return;
       try {
 	ComboAddress loc(addr, 53);
-	g_locals.push_back(loc); /// only works pre-startup, so no sync necessary
+	g_locals.push_back({loc, doTCP ? *doTCP : true}); /// only works pre-startup, so no sync necessary
       }
       catch(std::exception& e) {
 	g_outputBuffer="Error: "+string(e.what())+"\n";
diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc
index aa0d6e756..b1d58531d 100644
--- a/pdns/dnsdist.cc
+++ b/pdns/dnsdist.cc
@@ -63,7 +63,7 @@ bool g_console;
 
 GlobalStateHolder<NetmaskGroup> g_ACL;
 string g_outputBuffer;
-vector<ComboAddress> g_locals;
+vector<std::pair<ComboAddress, bool>> g_locals;
 
 /* UDP: the grand design. Per socket we listen on for incoming queries there is one thread.
    Then we have a bunch of connected sockets for talking to downstream servers. 
@@ -1031,29 +1031,29 @@ try
   if(g_cmdLine.locals.size()) {
     g_locals.clear();
     for(auto loc : g_cmdLine.locals)
-      g_locals.push_back(ComboAddress(loc, 53));
+      g_locals.push_back({ComboAddress(loc, 53), true});
   }
   
   if(g_locals.empty())
-    g_locals.push_back(ComboAddress("0.0.0.0", 53));
+    g_locals.push_back({ComboAddress("0.0.0.0", 53), true});
   
 
   vector<ClientState*> toLaunch;
   for(const auto& local : g_locals) {
     ClientState* cs = new ClientState;
-    cs->local= local;
+    cs->local= local.first;
     cs->udpFD = SSocket(cs->local.sin4.sin_family, SOCK_DGRAM, 0);
     if(cs->local.sin4.sin_family == AF_INET6) {
       SSetsockopt(cs->udpFD, IPPROTO_IPV6, IPV6_V6ONLY, 1);
     }
     //if(g_vm.count("bind-non-local"))
-    bindAny(local.sin4.sin_family, cs->udpFD);
+    bindAny(local.first.sin4.sin_family, cs->udpFD);
 
     //    if (!setSocketTimestamps(cs->udpFD))
     //      L<<Logger::Warning<<"Unable to enable timestamp reporting for socket"<<endl;
 
 
-    if(IsAnyAddress(local)) {
+    if(IsAnyAddress(local.first)) {
       int one=1;
       setsockopt(cs->udpFD, IPPROTO_IP, GEN_IP_PKTINFO, &one, sizeof(one));     // linux supports this, so why not - might fail on other systems
 #ifdef IPV6_RECVPKTINFO
@@ -1106,7 +1106,11 @@ try
 
   for(const auto& local : g_locals) {
     ClientState* cs = new ClientState;
-    cs->local= local;
+    if(!local.second) { // no TCP/IP
+      warnlog("Not providing TCP/IP service on local address '%s'", local.first.toStringWithPort());
+      continue;
+    }
+    cs->local= local.first;
 
     cs->tcpFD = SSocket(cs->local.sin4.sin_family, SOCK_STREAM, 0);
 
diff --git a/pdns/dnsdist.hh b/pdns/dnsdist.hh
index fce1b0b46..0e0e12645 100644
--- a/pdns/dnsdist.hh
+++ b/pdns/dnsdist.hh
@@ -315,7 +315,7 @@ extern GlobalStateHolder<NetmaskGroup> g_ACL;
 
 extern ComboAddress g_serverControl; // not changed during runtime
 
-extern std::vector<ComboAddress> g_locals; // not changed at runtime
+extern std::vector<std::pair<ComboAddress, bool>> g_locals; // not changed at runtime (we hope XXX)
 extern std::string g_key; // in theory needs locking
 extern bool g_truncateTC;
 struct dnsheader;
-- 
2.49.0