daxi20/smartdns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feature: Supports setting the maximum TTL value of the response to the client

Browse Source
This commit is contained in:
Nick Peng
2022-04-29 22:29:40 +08:00
parent d30264ed08
commit c561ae2fc5
11 changed files with 51 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/dns_conf.c
View File

@@ -95,6 +95,7 @@ int dns_conf_dualstack_ip_selection_threshold = 15;
/* TTL */
int dns_conf_rr_ttl;
int dns_conf_rr_ttl_rely_max = 60;
int dns_conf_rr_ttl_min = 600;
int dns_conf_rr_ttl_max;
int dns_conf_force_AAAA_SOA;
@@ -1487,6 +1488,7 @@ static struct config_item _config_item[] = {
CONF_INT("rr-ttl", &dns_conf_rr_ttl, 0, CONF_INT_MAX),
CONF_INT("rr-ttl-min", &dns_conf_rr_ttl_min, 0, CONF_INT_MAX),
CONF_INT("rr-ttl-max", &dns_conf_rr_ttl_max, 0, CONF_INT_MAX),
CONF_INT("rr-ttl-reply-max", &dns_conf_rr_ttl_rely_max, 0, CONF_INT_MAX),
CONF_YESNO("force-AAAA-SOA", &dns_conf_force_AAAA_SOA),
CONF_CUSTOM("force-qtype-SOA", _config_qtype_soa, NULL),
CONF_CUSTOM("blacklist-ip", _config_blacklist_ip, NULL),

1
src/dns_conf.h
View File

@@ -255,6 +255,7 @@ extern int dns_conf_dualstack_ip_selection;
extern int dns_conf_dualstack_ip_selection_threshold;
extern int dns_conf_rr_ttl;
extern int dns_conf_rr_ttl_rely_max;
extern int dns_conf_rr_ttl_min;
extern int dns_conf_rr_ttl_max;
extern int dns_conf_force_AAAA_SOA;

26
src/dns_server.c
View File

@@ -1082,6 +1082,17 @@ static int _dns_request_post(struct dns_server_post_context *context)
/* log audit log */
_dns_server_audit_log(context);
if (context->reply_ttl > 0) {
struct dns_update_param param;
param.id = request->id;
param.ip_ttl = context->reply_ttl;
if (dns_packet_update(context->inpacket, context->inpacket_len, &param) != 0) {
tlog(TLOG_ERROR, "update packet info failed.");
return -1;
}
}
ret = _dns_reply_inpacket(request, context->inpacket, context->inpacket_len);
if (ret != 0) {
tlog(TLOG_ERROR, "replay raw packet to client failed.");
@@ -1304,6 +1315,7 @@ out:
context.do_force_soa = force_A;
context.do_audit = 1;
context.do_reply = 1;
context.reply_ttl = dns_conf_rr_ttl_rely_max;
context.skip_notify_count = 1;
_dns_request_post(&context);
@@ -2299,7 +2311,6 @@ static int _dns_server_reply_passthrouth(struct dns_server_post_context *context
if (request->conn && context->do_reply == 1) {
/* When passthrough, modify the id to be the id of the client request. */
dns_server_update_reply_packet_id(request, context->inpacket, context->inpacket_len);
struct dns_update_param param;
param.id = request->id;
param.ip_ttl = context->reply_ttl;
@@ -2339,7 +2350,7 @@ static int dns_server_resolve_callback(char *domain, dns_result_type rtype, unsi
context.do_audit = 1;
context.do_reply = 1;
context.do_ipset = 1;
context.reply_ttl = -1;
context.reply_ttl = dns_conf_rr_ttl_rely_max;
return _dns_server_reply_passthrouth(&context);
}
_dns_server_process_answer(request, domain, packet, result_flag);
@@ -2731,7 +2742,16 @@ static int _dns_server_get_expired_ttl_reply(struct dns_cache *dns_cache)
{
int ttl = dns_cache_get_ttl(dns_cache);
if (ttl > 0) {
return ttl;
int ttl_reply = 0;
if (dns_conf_rr_ttl_rely_max > 0) {
ttl_reply = ttl % dns_conf_rr_ttl_rely_max;
}
if (ttl_reply == 0) {
ttl_reply = (ttl > dns_conf_rr_ttl_rely_max) ? dns_conf_rr_ttl_rely_max : ttl;
}
return ttl_reply;
}
return dns_conf_serve_expired_reply_ttl;