stub: don't ever respond to datagrams coming in on non-localhost addreses, on the stub
This commit is contained in:
parent
9ca875e80c
commit
565147b7bb
|
@ -379,8 +379,7 @@ static void dns_stub_process_query(Manager *m, DnsStubListenerExtra *l, DnsStrea
|
||||||
if (!l && /* l == NULL if this is the main stub */
|
if (!l && /* l == NULL if this is the main stub */
|
||||||
(in_addr_is_localhost(p->family, &p->sender) <= 0 ||
|
(in_addr_is_localhost(p->family, &p->sender) <= 0 ||
|
||||||
in_addr_is_localhost(p->family, &p->destination) <= 0)) {
|
in_addr_is_localhost(p->family, &p->destination) <= 0)) {
|
||||||
log_error("Got packet on unexpected IP range, refusing.");
|
log_warning("Got packet on unexpected (i.e. non-localhost) IP range, ignoring.");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_SERVFAIL, false);
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue