From 2f71fe249006e47aa9a5d164145277b2ac56ffc0 Mon Sep 17 00:00:00 2001 From: Nick Peng Date: Mon, 19 Dec 2022 22:41:43 +0800 Subject: [PATCH] feature: support marking packet on upstream server --- ReadMe.md | 8 +++---- ReadMe_en.md | 11 +++++---- etc/smartdns/smartdns.conf | 1 + .../files/luci/i18n/smartdns.zh-cn.po | 6 +++++ .../luci/model/cbi/smartdns/upstream.lua | 6 +++++ .../luci/files/luci/i18n/smartdns.zh-cn.po | 6 +++++ .../resources/view/smartdns/smartdns.js | 8 +++++++ package/openwrt/files/etc/init.d/smartdns | 2 ++ src/dns_client.c | 23 +++++++++++++++++++ src/dns_client.h | 1 + src/dns_conf.c | 12 +++++++--- src/dns_conf.h | 1 + src/smartdns.c | 1 + 13 files changed, 75 insertions(+), 11 deletions(-) diff --git a/ReadMe.md b/ReadMe.md index ed31413..e7cbd5c 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -584,10 +584,10 @@ entware|ipkg update
ipkg install smartdns|软件源路径:https://bin.entwa | audit-size | 审计大小 | 128K | 数字 + K、M 或 G | audit-size 128K | | audit-num | 审计归档个数 | 2 | 大于等于 0 的数字 | audit-num 2 | | conf-file | 附加配置文件 | 无 | 合法路径字符串 | conf-file /etc/smartdns/smartdns.more.conf | -| server | 上游 UDP DNS | 无 | 可重复。
[ip][:port]:服务器 IP:端口(可选)
[-blacklist-ip]:配置 IP 过滤结果。
[-whitelist-ip]:指定仅接受参数中配置的 IP 范围
[-group [group] ...]:DNS 服务器所属组,比如 office 和 foreign,和 nameserver 配套使用
[-exclude-default-group]:将 DNS 服务器从默认组中排除 | server 8.8.8.8:53 -blacklist-ip -group g1 | -| server-tcp | 上游 TCP DNS | 无 | 可重复。
[ip][:port]:服务器 IP:端口(可选)
[-blacklist-ip]:配置 IP 过滤结果
[-whitelist-ip]:指定仅接受参数中配置的 IP 范围。
[-group [group] ...]:DNS 服务器所属组,比如 office 和 foreign,和 nameserver 配套使用
[-exclude-default-group]:将 DNS 服务器从默认组中排除 | server-tcp 8.8.8.8:53 | -| server-tls | 上游 TLS DNS | 无 | 可重复。
[ip][:port]:服务器 IP:端口(可选)
[-spki-pin [sha256-pin]]:TLS 合法性校验 SPKI 值,base64 编码的 sha256 SPKI pin 值
[-host-name]:TLS SNI 名称, 名称设置为-,表示停用SNI名称
[-tls-host-verify]:TLS 证书主机名校验
[-no-check-certificate]:跳过证书校验
[-blacklist-ip]:配置 IP 过滤结果
[-whitelist-ip]:仅接受参数中配置的 IP 范围
[-group [group] ...]:DNS 服务器所属组,比如 office 和 foreign,和 nameserver 配套使用
[-exclude-default-group]:将 DNS 服务器从默认组中排除 | server-tls 8.8.8.8:853 | -| server-https | 上游 HTTPS DNS | 无 | 可重复。
https://[host][:port]/path:服务器 IP:端口(可选)
[-spki-pin [sha256-pin]]:TLS 合法性校验 SPKI 值,base64 编码的 sha256 SPKI pin 值
[-host-name]:TLS SNI 名称
[-http-host]:http 协议头主机名
[-tls-host-verify]:TLS 证书主机名校验
[-no-check-certificate]:跳过证书校验
[-blacklist-ip]:配置 IP 过滤结果
[-whitelist-ip]:仅接受参数中配置的 IP 范围。
[-group [group] ...]:DNS 服务器所属组,比如 office 和 foreign,和 nameserver 配套使用
[-exclude-default-group]:将 DNS 服务器从默认组中排除 | server-https https://cloudflare-dns.com/dns-query | +| server | 上游 UDP DNS | 无 | 可重复。
[ip][:port]:服务器 IP:端口(可选)
[-blacklist-ip]:配置 IP 过滤结果。
[-whitelist-ip]:指定仅接受参数中配置的 IP 范围
[-group [group] ...]:DNS 服务器所属组,比如 office 和 foreign,和 nameserver 配套使用
[-exclude-default-group]:将 DNS 服务器从默认组中排除。
[-set-mark]:设置数据包标记so-mark| server 8.8.8.8:53 -blacklist-ip -group g1 | +| server-tcp | 上游 TCP DNS | 无 | 可重复。
[ip][:port]:服务器 IP:端口(可选)
[-blacklist-ip]:配置 IP 过滤结果
[-whitelist-ip]:指定仅接受参数中配置的 IP 范围。
[-group [group] ...]:DNS 服务器所属组,比如 office 和 foreign,和 nameserver 配套使用
[-exclude-default-group]:将 DNS 服务器从默认组中排除。
[-set-mark]:设置数据包标记so-mark | server-tcp 8.8.8.8:53 | +| server-tls | 上游 TLS DNS | 无 | 可重复。
[ip][:port]:服务器 IP:端口(可选)
[-spki-pin [sha256-pin]]:TLS 合法性校验 SPKI 值,base64 编码的 sha256 SPKI pin 值
[-host-name]:TLS SNI 名称, 名称设置为-,表示停用SNI名称
[-tls-host-verify]:TLS 证书主机名校验
[-no-check-certificate]:跳过证书校验
[-blacklist-ip]:配置 IP 过滤结果
[-whitelist-ip]:仅接受参数中配置的 IP 范围
[-group [group] ...]:DNS 服务器所属组,比如 office 和 foreign,和 nameserver 配套使用
[-exclude-default-group]:将 DNS 服务器从默认组中排除。
[-set-mark]:设置数据包标记so-mark | server-tls 8.8.8.8:853 | +| server-https | 上游 HTTPS DNS | 无 | 可重复。
https://[host][:port]/path:服务器 IP:端口(可选)
[-spki-pin [sha256-pin]]:TLS 合法性校验 SPKI 值,base64 编码的 sha256 SPKI pin 值
[-host-name]:TLS SNI 名称
[-http-host]:http 协议头主机名
[-tls-host-verify]:TLS 证书主机名校验
[-no-check-certificate]:跳过证书校验
[-blacklist-ip]:配置 IP 过滤结果
[-whitelist-ip]:仅接受参数中配置的 IP 范围。
[-group [group] ...]:DNS 服务器所属组,比如 office 和 foreign,和 nameserver 配套使用
[-exclude-default-group]:将 DNS 服务器从默认组中排除。
[-set-mark]:设置数据包标记so-mark | server-https https://cloudflare-dns.com/dns-query | | speed-check-mode | 测速模式选择 | 无 | [ping\|tcp:[80]\|none] | speed-check-mode ping,tcp:80,tcp:443 | | response-mode | 首次查询响应模式 | first-ping |模式:[fisrt-ping\|fastest-ip\|fastest-response]
[first-ping]: 最快ping响应地址模式,DNS上游最快查询时延+ping时延最短,查询等待与链接体验最佳;
[fastest-ip]: 最快IP地址模式,查询到的所有IP地址中ping最短的IP。需等待IP测速;
[fastest-response]: 最快响应的DNS结果,DNS查询等待时间最短,返回的IP地址可能不是最快。| response-mode first-ping | | address | 指定域名 IP 地址 | 无 | address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6]
- 表示忽略
# 表示返回 SOA
4 表示 IPv4
6 表示 IPv6 | address /www.example.com/1.2.3.4 | diff --git a/ReadMe_en.md b/ReadMe_en.md index 9038ac8..aa58c61 100644 --- a/ReadMe_en.md +++ b/ReadMe_en.md @@ -118,6 +118,9 @@ From the comparison, smartdns found the fastest IP address to visit www.baidu.co 8. **High performance, low resource consumption** Multi-threaded asynchronous IO mode, cache cache query results. +9. **DNS domain forwarding** + Support DNS forwarding, ipset and nftables. + ## Architecture ![Architecture](doc/architecture.png) @@ -543,10 +546,10 @@ Note: Merlin firmware is derived from ASUS firmware and can theoretically be use |audit-size|audit log size|128K|number+K,M,G|audit-size 128K |audit-num|archived audit log number|2|Integer|audit-num 2 |conf-file|additional conf file|None|File path|conf-file /etc/smartdns/smartdns.more.conf -|server|Upstream UDP DNS server|None|Repeatable
`[ip][:port]`: Server IP, port optional.
`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip".
`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted.
`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver.
`[-exclude-default-group]`: Exclude DNS servers from the default group| server 8.8.8.8:53 -blacklist-ip -|server-tcp|Upstream TCP DNS server|None|Repeatable
`[ip][:port]`: Server IP, port optional.
`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip".
`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted.
`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver.
`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tcp 8.8.8.8:53 -|server-tls|Upstream TLS DNS server|None|Repeatable
`[ip][:port]`: Server IP, port optional.
`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash
`[-host-name]`:TLS Server name. `-` to disable SNI name.
`[-tls-host-verify]`: TLS cert hostname to verify.
`-no-check-certificate:`: No check certificate.
`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip".
`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted.
`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver.
`[-exclude-default-group]`: Exclude DNS servers from the default group| server-tls 8.8.8.8:853 -|server-https|Upstream HTTPS DNS server|None|Repeatable
`https://[host][:port]/path`: Server IP, port optional.
`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash
`[-host-name]`:TLS Server name
`[-http-host]`:http header host.
`[-tls-host-verify]`: TLS cert hostname to verify.
`-no-check-certificate:`: No check certificate.
`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip".
`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted.
`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver.
`[-exclude-default-group]`: Exclude DNS servers from the default group| server-https https://cloudflare-dns.com/dns-query +|server|Upstream UDP DNS server|None|Repeatable
`[ip][:port]`: Server IP, port optional.
`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip".
`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted.
`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver.
`[-exclude-default-group]`: Exclude DNS servers from the default group.
`[-set-mark]`:set mark on packets | server 8.8.8.8:53 -blacklist-ip +|server-tcp|Upstream TCP DNS server|None|Repeatable
`[ip][:port]`: Server IP, port optional.
`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip".
`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted.
`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver.
`[-exclude-default-group]`: Exclude DNS servers from the default group
`[-set-mark]`:set mark on packets | server-tcp 8.8.8.8:53 +|server-tls|Upstream TLS DNS server|None|Repeatable
`[ip][:port]`: Server IP, port optional.
`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash
`[-host-name]`:TLS Server name. `-` to disable SNI name.
`[-tls-host-verify]`: TLS cert hostname to verify.
`-no-check-certificate:`: No check certificate.
`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip".
`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted.
`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver.
`[-exclude-default-group]`: Exclude DNS servers from the default group
`[-set-mark]`:set mark on packets | server-tls 8.8.8.8:853 +|server-https|Upstream HTTPS DNS server|None|Repeatable
`https://[host][:port]/path`: Server IP, port optional.
`[-spki-pin [sha256-pin]]`: TLS verify SPKI value, a base64 encoded SHA256 hash
`[-host-name]`:TLS Server name
`[-http-host]`:http header host.
`[-tls-host-verify]`: TLS cert hostname to verify.
`-no-check-certificate:`: No check certificate.
`[-blacklist-ip]`: The "-blacklist-ip" parameter is to filtering IPs which is configured by "blacklist-ip".
`[-whitelist-ip]`: whitelist-ip parameter specifies that only the IP range configured in whitelist-ip is accepted.
`[-group [group] ...]`: The group to which the DNS server belongs, such as office, foreign, use with nameserver.
`[-exclude-default-group]`: Exclude DNS servers from the default group
`[-set-mark]`:set mark on packets | server-https https://cloudflare-dns.com/dns-query |speed-check-mode|Speed ​​mode|None|[ping\|tcp:[80]\|none]|speed-check-mode ping,tcp:80,tcp:443 |response-mode|First query response mode|first-ping|Mode: [fisrt-ping\|fastest-ip\|fastest-response]
[first-ping]: The fastest dns + ping response mode, DNS query delay + ping delay is the shortest;
[fastest-ip]: The fastest IP address mode, return the fastest ip address, may take some time to test speed.
[fastest-response]: The fastest response DNS result mode, the DNS query waiting time is the shortest. | response-mode first-ping | |address|Domain IP address|None|address /domain/[ip\|-\|-4\|-6\|#\|#4\|#6], `-` for ignore, `#` for return SOA, `4` for IPV4, `6` for IPV6| address /www.example.com/1.2.3.4 diff --git a/etc/smartdns/smartdns.conf b/etc/smartdns/smartdns.conf index e2ee6a3..8c30686 100644 --- a/etc/smartdns/smartdns.conf +++ b/etc/smartdns/smartdns.conf @@ -32,6 +32,7 @@ # -no-rule-soa: Skip address SOA(#) rules. # -no-dualstack-selection: Disable dualstack ip selection. # -force-aaaa-soa: force AAAA query return SOA. +# -set-mark: set mark on packets. # example: # IPV4: # bind :53 diff --git a/package/luci-compat/files/luci/i18n/smartdns.zh-cn.po b/package/luci-compat/files/luci/i18n/smartdns.zh-cn.po index 37a56a8..d7c432e 100644 --- a/package/luci-compat/files/luci/i18n/smartdns.zh-cn.po +++ b/package/luci-compat/files/luci/i18n/smartdns.zh-cn.po @@ -230,6 +230,12 @@ msgstr "下载的文件列表。" msgid "Local Port" msgstr "本地端口" +msgid "Marking Packets" +msgstr "数据包标记" + +msgid "Set mark on packets." +msgstr "设置数据包标记。" + msgid "Maximum TTL for all domain result." msgstr "所有域名的最大 TTL 值。" diff --git a/package/luci-compat/files/luci/model/cbi/smartdns/upstream.lua b/package/luci-compat/files/luci/model/cbi/smartdns/upstream.lua index 49faf11..e6b03a3 100644 --- a/package/luci-compat/files/luci/model/cbi/smartdns/upstream.lua +++ b/package/luci-compat/files/luci/model/cbi/smartdns/upstream.lua @@ -127,6 +127,12 @@ o.rempty = true o:depends("type", "tls") o:depends("type", "https") +---- mark +o = s:option(Value, "set_mark", translate("Marking Packets"), translate("Set mark on packets.")) +o.default = "" +o.rempty = true +o.datatype = "uinteger" + ---- other args o = s:option(Value, "addition_arg", translate("Additional Server Args"), translate("Additional Args for upstream dns servers")) o.default = "" diff --git a/package/luci/files/luci/i18n/smartdns.zh-cn.po b/package/luci/files/luci/i18n/smartdns.zh-cn.po index 0252d16..534f95d 100644 --- a/package/luci/files/luci/i18n/smartdns.zh-cn.po +++ b/package/luci/files/luci/i18n/smartdns.zh-cn.po @@ -256,6 +256,12 @@ msgstr "下载文件列表" msgid "Local Port" msgstr "本地端口" +msgid "Marking Packets" +msgstr "数据包标记" + +msgid "Set mark on packets." +msgstr "设置数据包标记。" + msgid "Maximum TTL for all domain result." msgstr "所有域名的最大 TTL 值。" diff --git a/package/luci/files/root/www/luci-static/resources/view/smartdns/smartdns.js b/package/luci/files/root/www/luci-static/resources/view/smartdns/smartdns.js index 417822b..743fe9a 100644 --- a/package/luci/files/root/www/luci-static/resources/view/smartdns/smartdns.js +++ b/package/luci/files/root/www/luci-static/resources/view/smartdns/smartdns.js @@ -584,6 +584,14 @@ return view.extend({ o.depends("type", "tls") o.depends("type", "https") + // mark + o = s.taboption("advanced", form.Value, "set_mark", _("Marking Packets"), + _("Set mark on packets.")) + o.default = "" + o.rempty = true + o.datatype = "uinteger" + o.modalonly = true; + // other args o = s.taboption("advanced", form.Value, "addition_arg", _("Additional Server Args"), _("Additional Args for upstream dns servers")) diff --git a/package/openwrt/files/etc/init.d/smartdns b/package/openwrt/files/etc/init.d/smartdns index ec38bef..4acf981 100644 --- a/package/openwrt/files/etc/init.d/smartdns +++ b/package/openwrt/files/etc/init.d/smartdns @@ -183,6 +183,7 @@ load_server() config_get check_edns "$section" "check_edns" "0" config_get spki_pin "$section" "spki_pin" "" config_get addition_arg "$section" "addition_arg" "" + config_get set_mark "$section" "set_mark" "" [ "$enabled" = "0" ] && return @@ -214,6 +215,7 @@ load_server() [ "$blacklist_ip" = "0" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -blacklist-ip" [ "$check_edns" = "0" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -check-edns" [ -z "$spki_pin" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -spki-pin $spki_pin" + [ -z "$set_mark" ] || ADDITIONAL_ARGS="$ADDITIONAL_ARGS -set-mark $set_mark" if [ -z "$port" ]; then DNS_ADDRESS="$ip" diff --git a/src/dns_client.c b/src/dns_client.c index cad45bb..b4a5ae7 100644 --- a/src/dns_client.c +++ b/src/dns_client.c @@ -93,6 +93,7 @@ struct dns_server_info { int port; /* server type */ dns_server_type_t type; + long long so_mark; /* client socket */ int fd; @@ -1045,6 +1046,7 @@ static int _dns_client_server_add(char *server_ip, char *server_host, int port, server_info->ttl_range = 0; server_info->skip_check_cert = skip_check_cert; server_info->prohibit = 0; + server_info->so_mark = flags->set_mark; pthread_mutex_init(&server_info->lock, NULL); memcpy(&server_info->flags, flags, sizeof(server_info->flags)); @@ -1694,6 +1696,13 @@ static int _dns_client_create_socket_udp(struct dns_server_info *server_info) return -1; } + if (server_info->so_mark >= 0) { + unsigned int so_mark = server_info->so_mark; + if (setsockopt(fd, SOL_SOCKET, SO_MARK, &so_mark, sizeof(so_mark)) != 0) { + tlog(TLOG_DEBUG, "set socket mark failed, %s", strerror(errno)); + } + } + setsockopt(server_info->fd, IPPROTO_IP, IP_RECVTTL, &on, sizeof(on)); setsockopt(server_info->fd, SOL_IP, IP_TTL, &val, sizeof(val)); setsockopt(server_info->fd, SOL_SOCKET, SO_PRIORITY, &priority, sizeof(priority)); @@ -1736,6 +1745,13 @@ static int _DNS_client_create_socket_tcp(struct dns_server_info *server_info) goto errout; } + if (server_info->so_mark >= 0) { + unsigned int so_mark = server_info->so_mark; + if (setsockopt(fd, SOL_SOCKET, SO_MARK, &so_mark, sizeof(so_mark)) != 0) { + tlog(TLOG_DEBUG, "set socket mark failed, %s", strerror(errno)); + } + } + /* enable tcp fast open */ if (setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, &yes, sizeof(yes)) != 0) { tlog(TLOG_DEBUG, "enable TCP fast open failed, %s", strerror(errno)); @@ -1818,6 +1834,13 @@ static int _DNS_client_create_socket_tls(struct dns_server_info *server_info, ch goto errout; } + if (server_info->so_mark >= 0) { + unsigned int so_mark = server_info->so_mark; + if (setsockopt(fd, SOL_SOCKET, SO_MARK, &so_mark, sizeof(so_mark)) != 0) { + tlog(TLOG_DEBUG, "set socket mark failed, %s", strerror(errno)); + } + } + if (setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, &yes, sizeof(yes)) != 0) { tlog(TLOG_DEBUG, "enable TCP fast open failed."); } diff --git a/src/dns_client.h b/src/dns_client.h index 844b454..00bea3d 100644 --- a/src/dns_client.h +++ b/src/dns_client.h @@ -111,6 +111,7 @@ struct client_dns_server_flags { dns_server_type_t type; unsigned int server_flag; unsigned int result_flag; + long long set_mark; union { struct client_dns_server_flag_udp udp; diff --git a/src/dns_conf.c b/src/dns_conf.c index fcf0aea..ef57f86 100644 --- a/src/dns_conf.c +++ b/src/dns_conf.c @@ -370,6 +370,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de {"tls-host-verify", required_argument, NULL, 'V' }, /* verify tls hostname */ {"group", required_argument, NULL, 'g'}, /* add to group */ {"exclude-default-group", no_argument, NULL, 'E'}, /* ecluse this from default group */ + {"set-mark", required_argument, NULL, 254}, /* set mark */ {NULL, no_argument, NULL, 0} }; /* clang-format on */ @@ -390,6 +391,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de server->hostname[0] = '\0'; server->httphost[0] = '\0'; server->tls_host_verify[0] = '\0'; + server->set_mark = -1; if (type == DNS_SERVER_HTTPS) { if (parse_uri(ip, NULL, server->server, &port, server->path) != 0) { @@ -467,6 +469,10 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de server->skip_check_cert = 1; break; } + case 254: { + server->set_mark = atoll(optarg); + break; + } default: break; } @@ -533,7 +539,7 @@ static void _config_address_destroy(radix_node_t *node, void *cbctx) node->data = NULL; } -static int _config_domain_set_rule_add_ext(char *set_name, enum domain_rule type, void *rule, unsigned int flags, +static int _config_domain_set_rule_add_ext(const char *set_name, enum domain_rule type, void *rule, unsigned int flags, int is_clear_flag) { struct dns_domain_set_rule *set_rule = NULL; @@ -587,7 +593,7 @@ errout: return -1; } -static int _config_domian_set_rule_flags(char *set_name, unsigned int flags, int is_clear_flag) +static int _config_domian_set_rule_flags(const char *set_name, unsigned int flags, int is_clear_flag) { return _config_domain_set_rule_add_ext(set_name, DOMAIN_RULE_FLAGS, NULL, flags, is_clear_flag); } @@ -664,7 +670,7 @@ errout: return -1; } -static int _config_domain_rule_flag_set(char *domain, unsigned int flag, unsigned int is_clear) +static int _config_domain_rule_flag_set(const char *domain, unsigned int flag, unsigned int is_clear) { struct dns_domain_rule *domain_rule = NULL; struct dns_domain_rule *old_domain_rule = NULL; diff --git a/src/dns_conf.h b/src/dns_conf.h index 6a6566b..d0aa26a 100644 --- a/src/dns_conf.h +++ b/src/dns_conf.h @@ -231,6 +231,7 @@ struct dns_servers { unsigned int server_flag; int ttl; dns_server_type_t type; + long long set_mark; char skip_check_cert; char spki[DNS_MAX_SPKI_LEN]; char hostname[DNS_MAX_CNAME_LEN]; diff --git a/src/smartdns.c b/src/smartdns.c index f9a056b..83ea284 100644 --- a/src/smartdns.c +++ b/src/smartdns.c @@ -269,6 +269,7 @@ static int _smartdns_add_servers(void) flags.type = dns_conf_servers[i].type; flags.server_flag = dns_conf_servers[i].server_flag; flags.result_flag = dns_conf_servers[i].result_flag; + flags.set_mark = dns_conf_servers[i].set_mark; ret = dns_client_add_server(dns_conf_servers[i].server, dns_conf_servers[i].port, dns_conf_servers[i].type, &flags); if (ret != 0) {