dns_conf: update smartdns.conf and add -no-ip-alias for bind
This commit is contained in:
Nick Peng
@@ -39,6 +39,7 @@
|
||||
# -no-cache: skip cache.
|
||||
# -no-rule-soa: Skip address SOA(#) rules.
|
||||
# -no-dualstack-selection: Disable dualstack ip selection.
|
||||
# -no-ip-alias: ignore ip alias.
|
||||
# -force-aaaa-soa: force AAAA query return SOA.
|
||||
# -ipset ipsetname: use ipset rule.
|
||||
# -nftset nftsetname: use nftset rule.
|
||||
@@ -116,7 +117,7 @@ bind [::]:53
|
||||
|
||||
# force specific qtype return soa
|
||||
# force-qtype-SOA [qtypeid |...]
|
||||
# force-qtype-SOA [qtypeid,...]
|
||||
# force-qtype-SOA [qtypeid|start_id-end_id|,...]
|
||||
# force-qtype-SOA 65 28
|
||||
# force-qtype-SOA 65,28
|
||||
force-qtype-SOA 65
|
||||
@@ -326,3 +327,24 @@ log-level info
|
||||
# nameserver /domain-set:domain-list/server-group
|
||||
# ipset /domain-set:domain-list/ipset
|
||||
# domain-rules /domain-set:domain-list/ -speed-check-mode ping
|
||||
|
||||
# set ip rules
|
||||
# ip-rules ip-cidrs [-ip-alias [...]]
|
||||
# rules:
|
||||
# [-c] -ip-alias [ip1,ip2]: same as ip-alias option
|
||||
# [-a] -whitelist-ip: same as whitelist-ip option
|
||||
# [-n] -blacklist-ip: same as blacklist-ip option
|
||||
# [-p] -bogus-nxdomain: same as bogus-nxdomain option
|
||||
# [-t] -ignore-ip: same as ignore-ip option
|
||||
|
||||
# collection of IPs
|
||||
# the ip-set can be used with /ip-cidr/ for ip-alias, ignore-ip, etc.
|
||||
# ip-set -name [set-name] -type list -file [/path/to/file]
|
||||
# [-n] -name [set name]: ip set name
|
||||
# [-t] -type [list]: ip set type, list only now
|
||||
# [-f] -file [path/to/set]: file path of ip set
|
||||
#
|
||||
# example:
|
||||
# ip-set -name ip-list -file /etc/smartdns/ip-list.conf
|
||||
# bogus-nxdomain ip-set:ip-list
|
||||
# ip-alias ip-set:ip-list 1.2.3.4
|
||||
|
||||
@@ -2084,6 +2084,7 @@ static int _config_bind_ip(int argc, char *argv[], DNS_BIND_TYPE type)
|
||||
{"no-speed-check", no_argument, NULL, 'S'},
|
||||
{"no-cache", no_argument, NULL, 'C'},
|
||||
{"no-dualstack-selection", no_argument, NULL, 'D'},
|
||||
{"no-ip-alias", no_argument, NULL, 'a'},
|
||||
{"force-aaaa-soa", no_argument, NULL, 'F'},
|
||||
{"ipset", required_argument, NULL, 255},
|
||||
{"nftset", required_argument, NULL, 256},
|
||||
@@ -2138,6 +2139,10 @@ static int _config_bind_ip(int argc, char *argv[], DNS_BIND_TYPE type)
|
||||
server_flag |= BIND_FLAG_NO_RULE_ADDR;
|
||||
break;
|
||||
}
|
||||
case 'a': {
|
||||
server_flag |= BIND_FLAG_NO_IP_ALIAS;
|
||||
break;
|
||||
}
|
||||
case 'N': {
|
||||
server_flag |= BIND_FLAG_NO_RULE_NAMESERVER;
|
||||
break;
|
||||
@@ -2509,6 +2514,7 @@ static void _dns_ip_rule_put(struct dns_ip_rule *rule)
|
||||
struct ip_rule_alias *alias = container_of(rule, struct ip_rule_alias, head);
|
||||
if (alias->ip_alias.ipaddr) {
|
||||
free(alias->ip_alias.ipaddr);
|
||||
alias->ip_alias.ipaddr = NULL;
|
||||
alias->ip_alias.ipaddr_num = 0;
|
||||
}
|
||||
}
|
||||
@@ -2861,7 +2867,7 @@ static int _config_ip_rules_free(struct dns_ip_rules *ip_rules)
|
||||
return 0;
|
||||
}
|
||||
|
||||
for (i = 0; i < DOMAIN_RULE_MAX; i++) {
|
||||
for (i = 0; i < IP_RULE_MAX; i++) {
|
||||
if (ip_rules->rules[i] == NULL) {
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -144,6 +144,7 @@ typedef enum {
|
||||
#define BIND_FLAG_FORCE_AAAA_SOA (1 << 8)
|
||||
#define BIND_FLAG_NO_RULE_CNAME (1 << 9)
|
||||
#define BIND_FLAG_NO_RULE_NFTSET (1 << 10)
|
||||
#define BIND_FLAG_NO_IP_ALIAS (1 << 11)
|
||||
|
||||
enum response_mode_type {
|
||||
DNS_RESPONSE_MODE_FIRST_PING_IP = 0,
|
||||
|
||||
@@ -4121,6 +4121,19 @@ static void _dns_server_get_domain_rule(struct dns_request *request)
|
||||
_dns_server_get_domain_rule_by_domain(request, request->domain, 1);
|
||||
}
|
||||
|
||||
static int _dns_server_pre_process_server_flags(struct dns_request *request)
|
||||
{
|
||||
if (_dns_server_has_bind_flag(request, BIND_FLAG_NO_CACHE) == 0) {
|
||||
request->no_cache = 1;
|
||||
}
|
||||
|
||||
if (_dns_server_has_bind_flag(request, BIND_FLAG_NO_IP_ALIAS) == 0) {
|
||||
request->no_ipalias = 1;
|
||||
}
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
static int _dns_server_pre_process_rule_flags(struct dns_request *request)
|
||||
{
|
||||
struct dns_rule_flags *rule_flag = NULL;
|
||||
@@ -4141,7 +4154,7 @@ static int _dns_server_pre_process_rule_flags(struct dns_request *request)
|
||||
request->no_serve_expired = 1;
|
||||
}
|
||||
|
||||
if ((flags & DOMAIN_FLAG_NO_CACHE) || (_dns_server_has_bind_flag(request, BIND_FLAG_NO_CACHE) == 0)) {
|
||||
if (flags & DOMAIN_FLAG_NO_CACHE) {
|
||||
request->no_cache = 1;
|
||||
}
|
||||
|
||||
@@ -5356,6 +5369,10 @@ static int _dns_server_do_query(struct dns_request *request, int skip_notify_eve
|
||||
goto clean_exit;
|
||||
}
|
||||
|
||||
if (_dns_server_pre_process_server_flags(request) == 0) {
|
||||
goto clean_exit;
|
||||
}
|
||||
|
||||
/* process domain flag */
|
||||
if (_dns_server_pre_process_rule_flags(request) == 0) {
|
||||
goto clean_exit;
|
||||
|
||||
Reference in New Issue
Block a user