Merge pull request #1623 from safing/feature/link-local-resolvesr
Add option to ignore DNS server if out-of-network
This commit is contained in:
Daniel Hååvi
@@ -233,6 +233,9 @@ func AddToDebugInfo(di *debug.Info) {
|
|||||||
if len(resolver.Search) > 0 {
|
if len(resolver.Search) > 0 {
|
||||||
content = append(content, fmt.Sprintf(" Search Domains: %v", strings.Join(resolver.Search, ", ")))
|
content = append(content, fmt.Sprintf(" Search Domains: %v", strings.Join(resolver.Search, ", ")))
|
||||||
}
|
}
|
||||||
|
if resolver.LinkLocalUnavailable {
|
||||||
|
content = append(content, " Link-local, but not available: ignoring")
|
||||||
|
}
|
||||||
content = append(content, fmt.Sprintf(" Failing: %v", resolver.Conn.IsFailing()))
|
content = append(content, fmt.Sprintf(" Failing: %v", resolver.Conn.IsFailing()))
|
||||||
|
|
||||||
// Add a empty line for all but the last entry.
|
// Add a empty line for all but the last entry.
|
||||||
|
|||||||
@@ -422,6 +422,12 @@ func resolveAndCache(ctx context.Context, q *Query, oldCache *RRCache) (rrCache
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Skip unreachable link-local resolvers.
|
||||||
|
if resolver.LinkLocalUnavailable {
|
||||||
|
log.Tracer(ctx).Tracef("resolver: skipping resolver %s, because it is link-local and not available", resolver)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
// resolve
|
// resolve
|
||||||
log.Tracer(ctx).Tracef("resolver: sending query for %s to %s", q.ID(), resolver.Info.ID())
|
log.Tracer(ctx).Tracef("resolver: sending query for %s to %s", q.ID(), resolver.Info.ID())
|
||||||
rrCache, err = resolver.Conn.Query(ctx, q)
|
rrCache, err = resolver.Conn.Query(ctx, q)
|
||||||
|
|||||||
@@ -67,6 +67,8 @@ type Resolver struct {
|
|||||||
Search []string
|
Search []string
|
||||||
SearchOnly bool
|
SearchOnly bool
|
||||||
Path string
|
Path string
|
||||||
|
// Special States
|
||||||
|
LinkLocalUnavailable bool
|
||||||
|
|
||||||
// logic interface
|
// logic interface
|
||||||
Conn ResolverConn `json:"-"`
|
Conn ResolverConn `json:"-"`
|
||||||
|
|||||||
@@ -34,6 +34,7 @@ const (
|
|||||||
parameterBlockedIf = "blockedif"
|
parameterBlockedIf = "blockedif"
|
||||||
parameterSearch = "search"
|
parameterSearch = "search"
|
||||||
parameterSearchOnly = "search-only"
|
parameterSearchOnly = "search-only"
|
||||||
|
parameterLinkLocal = "link-local"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@@ -179,6 +180,21 @@ func createResolver(resolverURL, source string) (*Resolver, bool, error) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check if this is a link-local resolver.
|
||||||
|
if query.Has(parameterLinkLocal) {
|
||||||
|
if query.Get(parameterLinkLocal) != "" {
|
||||||
|
return nil, false, fmt.Errorf("%s may only be used as an empty parameter", parameterLinkLocal)
|
||||||
|
}
|
||||||
|
// Check if resolver IP is link-local.
|
||||||
|
resolverNet, err := netenv.GetLocalNetwork(newResolver.Info.IP)
|
||||||
|
switch {
|
||||||
|
case err != nil:
|
||||||
|
newResolver.LinkLocalUnavailable = true
|
||||||
|
case resolverNet == nil:
|
||||||
|
newResolver.LinkLocalUnavailable = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
newResolver.Conn = resolverConnFactory(newResolver)
|
newResolver.Conn = resolverConnFactory(newResolver)
|
||||||
return newResolver, false, nil
|
return newResolver, false, nil
|
||||||
}
|
}
|
||||||
@@ -208,7 +224,8 @@ func checkAndSetResolverParamters(u *url.URL, resolver *Resolver) error {
|
|||||||
parameterIP,
|
parameterIP,
|
||||||
parameterBlockedIf,
|
parameterBlockedIf,
|
||||||
parameterSearch,
|
parameterSearch,
|
||||||
parameterSearchOnly:
|
parameterSearchOnly,
|
||||||
|
parameterLinkLocal:
|
||||||
// Known key, continue.
|
// Known key, continue.
|
||||||
default:
|
default:
|
||||||
// Unknown key, abort.
|
// Unknown key, abort.
|
||||||
|
|||||||
Reference in New Issue
Block a user