[libvirt] [PATCH 1/2] tell dnsmasq not to forward PTR queries
gene at czarc.net
gene at czarc.net
Tue Sep 11 16:58:29 UTC 2012
From: Gene Czarcinski <gene at czarc.net>
For IPv4 networks dnsmasq listens to, do no forward
any IPv4 dns PTR queries for that network.
Only network prefixes 8, 16, or 24 work correctly.
---
src/network/bridge_driver.c | 17 +++++++++++++++++
tests/networkxml2argvdata/isolated-network.argv | 1 +
tests/networkxml2argvdata/nat-network-dns-hosts.argv | 1 +
.../nat-network-dns-srv-record-minimal.argv | 3 +++
.../networkxml2argvdata/nat-network-dns-srv-record.argv | 3 +++
.../networkxml2argvdata/nat-network-dns-txt-record.argv | 9 +++++++--
tests/networkxml2argvdata/nat-network.argv | 12 +++++++++---
tests/networkxml2argvdata/netboot-network.argv | 1 +
tests/networkxml2argvdata/netboot-proxy-network.argv | 1 +
tests/networkxml2argvdata/routed-network.argv | 3 ++-
10 files changed, 45 insertions(+), 6 deletions(-)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 4faad5d..7ad6fe2 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -634,6 +634,23 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network,
if (!ipaddr)
goto cleanup;
virCommandAddArgList(cmd, "--listen-address", ipaddr, NULL);
+ int psize = virNetworkIpDefPrefix(tmpipdef);
+ if ((VIR_SOCKET_ADDR_IS_FAMILY(&tmpipdef->address, AF_INET)) &&
+ ((psize==8) || (psize==16) || (psize=24)))
+ {
+ int val =
+ ntohl(tmpipdef->address.data.inet4.sin_addr.s_addr) >> 8;
+ char *p, str[25]; /* strlen("xxx.yyy.zzz.in-addr.arpa")+1 */
+ p = &str[0];
+ if (psize == 24)
+ p += sprintf(p, "%d.", val & 0xff);
+ val = val >> 8;
+ if (psize != 8)
+ p += sprintf(p, "%d.", val & 0xff);
+ val = val >> 8;
+ p += sprintf(p, "%d.in-addr.arpa", val & 0xff);
+ virCommandAddArgFormat(cmd, "--local=/%s/", &str[0]);
+ }
VIR_FREE(ipaddr);
}
diff --git a/tests/networkxml2argvdata/isolated-network.argv b/tests/networkxml2argvdata/isolated-network.argv
index 048c72b..40592d9 100644
--- a/tests/networkxml2argvdata/isolated-network.argv
+++ b/tests/networkxml2argvdata/isolated-network.argv
@@ -2,6 +2,7 @@
--local=// --domain-needed --conf-file= \
--except-interface lo --dhcp-option=3 --no-resolv \
--listen-address 192.168.152.1 \
+--local=/152.168.192.in-addr.arpa/ \
--dhcp-range 192.168.152.2,192.168.152.254 \
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/private.leases --dhcp-lease-max=253 \
--dhcp-no-override\
diff --git a/tests/networkxml2argvdata/nat-network-dns-hosts.argv b/tests/networkxml2argvdata/nat-network-dns-hosts.argv
index 03a0676..b04f9cc 100644
--- a/tests/networkxml2argvdata/nat-network-dns-hosts.argv
+++ b/tests/networkxml2argvdata/nat-network-dns-hosts.argv
@@ -1,4 +1,5 @@
@DNSMASQ@ --strict-order --bind-interfaces --domain=example.com \
--local=/example.com/ --domain-needed \
--conf-file= --except-interface lo --listen-address 192.168.122.1 \
+--local=/122.168.192.in-addr.arpa/ \
--expand-hosts --addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts\
diff --git a/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv b/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv
index a1e4200..e0ea334 100644
--- a/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv
+++ b/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv
@@ -5,10 +5,13 @@
--except-interface lo \
--srv-host=name.tcp.,,,, \
--listen-address 192.168.122.1 \
+--local=/122.168.192.in-addr.arpa/ \
--listen-address 192.168.123.1 \
+--local=/123.168.192.in-addr.arpa/ \
--listen-address 2001:db8:ac10:fe01::1 \
--listen-address 2001:db8:ac10:fd01::1 \
--listen-address 10.24.10.1 \
+--local=/10.in-addr.arpa/ \
--dhcp-range 192.168.122.2,192.168.122.254 \
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases \
--dhcp-lease-max=253 \
diff --git a/tests/networkxml2argvdata/nat-network-dns-srv-record.argv b/tests/networkxml2argvdata/nat-network-dns-srv-record.argv
index 8af38c4..0a5cd6b 100644
--- a/tests/networkxml2argvdata/nat-network-dns-srv-record.argv
+++ b/tests/networkxml2argvdata/nat-network-dns-srv-record.argv
@@ -5,10 +5,13 @@
--except-interface lo \
--srv-host=name.tcp.test-domain-name,.,1024,10,10 \
--listen-address 192.168.122.1 \
+--local=/122.168.192.in-addr.arpa/ \
--listen-address 192.168.123.1 \
+--local=/123.168.192.in-addr.arpa/ \
--listen-address 2001:db8:ac10:fe01::1 \
--listen-address 2001:db8:ac10:fd01::1 \
--listen-address 10.24.10.1 \
+--local=/10.in-addr.arpa/ \
--dhcp-range 192.168.122.2,192.168.122.254 \
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases \
--dhcp-lease-max=253 \
diff --git a/tests/networkxml2argvdata/nat-network-dns-txt-record.argv b/tests/networkxml2argvdata/nat-network-dns-txt-record.argv
index 404b56a..6e1d054 100644
--- a/tests/networkxml2argvdata/nat-network-dns-txt-record.argv
+++ b/tests/networkxml2argvdata/nat-network-dns-txt-record.argv
@@ -1,9 +1,14 @@
@DNSMASQ@ --strict-order --bind-interfaces \
--local=// --domain-needed --conf-file= \
--except-interface lo '--txt-record=example,example value' \
---listen-address 192.168.122.1 --listen-address 192.168.123.1 \
+--listen-address 192.168.122.1 \
+--local=/122.168.192.in-addr.arpa/ \
+--listen-address 192.168.123.1 \
+--local=/123.168.192.in-addr.arpa/ \
--listen-address 2001:db8:ac10:fe01::1 \
---listen-address 2001:db8:ac10:fd01::1 --listen-address 10.24.10.1 \
+--listen-address 2001:db8:ac10:fd01::1 \
+--listen-address 10.24.10.1 \
+--local=/10.in-addr.arpa/ \
--dhcp-range 192.168.122.2,192.168.122.254 \
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases \
--dhcp-lease-max=253 --dhcp-no-override \
diff --git a/tests/networkxml2argvdata/nat-network.argv b/tests/networkxml2argvdata/nat-network.argv
index 1dc8f73..55f31e2 100644
--- a/tests/networkxml2argvdata/nat-network.argv
+++ b/tests/networkxml2argvdata/nat-network.argv
@@ -1,8 +1,14 @@
@DNSMASQ@ --strict-order --bind-interfaces \
--local=// --domain-needed --conf-file= \
---except-interface lo --listen-address 192.168.122.1 \
---listen-address 192.168.123.1 --listen-address 2001:db8:ac10:fe01::1 \
---listen-address 2001:db8:ac10:fd01::1 --listen-address 10.24.10.1 \
+--except-interface lo \
+--listen-address 192.168.122.1 \
+--local=/122.168.192.in-addr.arpa/ \
+--listen-address 192.168.123.1 \
+--local=/123.168.192.in-addr.arpa/ \
+--listen-address 2001:db8:ac10:fe01::1 \
+--listen-address 2001:db8:ac10:fd01::1 \
+--listen-address 10.24.10.1 \
+--local=/10.in-addr.arpa/ \
--dhcp-range 192.168.122.2,192.168.122.254 \
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases \
--dhcp-lease-max=253 --dhcp-no-override \
diff --git a/tests/networkxml2argvdata/netboot-network.argv b/tests/networkxml2argvdata/netboot-network.argv
index 5a85ec2..9d62602 100644
--- a/tests/networkxml2argvdata/netboot-network.argv
+++ b/tests/networkxml2argvdata/netboot-network.argv
@@ -1,6 +1,7 @@
@DNSMASQ@ --strict-order --bind-interfaces --domain=example.com \
--local=/example.com/ --domain-needed --conf-file= \
--except-interface lo --listen-address 192.168.122.1 \
+--local=/122.168.192.in-addr.arpa/ \
--dhcp-range 192.168.122.2,192.168.122.254 \
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/netboot.leases \
--dhcp-lease-max=253 --dhcp-no-override --expand-hosts --enable-tftp \
diff --git a/tests/networkxml2argvdata/netboot-proxy-network.argv b/tests/networkxml2argvdata/netboot-proxy-network.argv
index 36836b0..01a4ffd 100644
--- a/tests/networkxml2argvdata/netboot-proxy-network.argv
+++ b/tests/networkxml2argvdata/netboot-proxy-network.argv
@@ -1,6 +1,7 @@
@DNSMASQ@ --strict-order --bind-interfaces --domain=example.com \
--local=/example.com/ --domain-needed --conf-file= \
--except-interface lo --listen-address 192.168.122.1 \
+--local=/122.168.192.in-addr.arpa/ \
--dhcp-range 192.168.122.2,192.168.122.254 \
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/netboot.leases \
--dhcp-lease-max=253 --dhcp-no-override --expand-hosts \
diff --git a/tests/networkxml2argvdata/routed-network.argv b/tests/networkxml2argvdata/routed-network.argv
index 77e802f..e0b3033 100644
--- a/tests/networkxml2argvdata/routed-network.argv
+++ b/tests/networkxml2argvdata/routed-network.argv
@@ -1,3 +1,4 @@
@DNSMASQ@ --strict-order --bind-interfaces \
--local=// --domain-needed --conf-file= \
---except-interface lo --listen-address 192.168.122.1\
+--except-interface lo --listen-address 192.168.122.1 \
+--local=/122.168.192.in-addr.arpa/\
--
1.7.11.4
More information about the libvir-list
mailing list