github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Improve nameserver auth IP check

Browse Source
This commit is contained in:
Daniel
2020-08-11 07:56:51 +02:00
parent 6ded9b3f8c
commit d17f83a379
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
nameserver/nameserver.go
View File

@@ -28,7 +28,6 @@ var (
dnsServer *dns.Server dnsServer *dns.Server
listenAddress = "0.0.0.0:53" listenAddress = "0.0.0.0:53"
ipv4Localhost = net.IPv4(127, 0, 0, 1)
localhostRRs []dns.RR localhostRRs []dns.RR
) )
@@ -146,8 +145,8 @@ func handleRequest(ctx context.Context, w dns.ResponseWriter, query *dns.Msg) er
log.Warningf("nameserver: could not get remote address of request for %s%s, ignoring", q.FQDN, q.QType) log.Warningf("nameserver: could not get remote address of request for %s%s, ignoring", q.FQDN, q.QType)
return nil return nil
} }
if !remoteAddr.IP.Equal(ipv4Localhost) { if !netutils.IPIsLocalhost(remoteAddr.IP) {
// if request is not coming from 127.0.0.1, check if it's really local // If request is not from a localhost address, check it it's really local.
localAddr, ok := w.RemoteAddr().(*net.UDPAddr) localAddr, ok := w.RemoteAddr().(*net.UDPAddr)
if !ok { if !ok {