diff options
author | Simon Kelley <simon@thekelleys.org.uk> | 2014-03-22 19:18:06 +0000 |
---|---|---|
committer | Simon Kelley <simon@thekelleys.org.uk> | 2014-03-22 19:18:06 +0000 |
commit | 2a7a2b84eca108c8147122265ed81f86c66e5c07 (patch) | |
tree | 8ae0e6d4e5cf989d00afd31aecb50340800dbc24 | |
parent | 3e21a1a6fa34619ab7f55014dec454f3c8320edd (diff) | |
download | dnsmasq-2a7a2b84eca108c8147122265ed81f86c66e5c07.tar.gz |
Ignore DNS queries from port 0: http://www.ietf.org/mail-archive/web/dnsop/current/msg11441.html
-rw-r--r-- | src/forward.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/src/forward.c b/src/forward.c index 4dc3dca..3f4ec62 100644 --- a/src/forward.c +++ b/src/forward.c @@ -1076,11 +1076,24 @@ void receive_query(struct listener *listen, time_t now) return; source_addr.sa.sa_family = listen->family; + + if (listen->family == AF_INET) + { + /* Source-port == 0 is an error, we can't send back to that. + http://www.ietf.org/mail-archive/web/dnsop/current/msg11441.html */ + if (source_addr.in.sin_port == 0) + return; + } #ifdef HAVE_IPV6 - if (listen->family == AF_INET6) - source_addr.in6.sin6_flowinfo = 0; + else + { + /* Source-port == 0 is an error, we can't send back to that. */ + if (source_addr.in6.sin6_port == 0) + return; + source_addr.in6.sin6_flowinfo = 0; + } #endif - + /* We can be configured to only accept queries from at-most-one-hop-away addresses. */ if (option_bool(OPT_LOCAL_SERVICE)) { |