vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-02 02:29:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Improve nameserver auth IP check

Browse source
This commit is contained in:
Daniel 2020-08-11 07:56:51 +02:00
parent 6ded9b3f8c
commit d17f83a379
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
nameserver/nameserver.go
View file

@ -28,7 +28,6 @@ var (
dnsServer *dns.Server dnsServer *dns.Server
listenAddress = "0.0.0.0:53" listenAddress = "0.0.0.0:53"
ipv4Localhost = net.IPv4(127, 0, 0, 1)
localhostRRs []dns.RR localhostRRs []dns.RR
) )
@ -146,8 +145,8 @@ func handleRequest(ctx context.Context, w dns.ResponseWriter, query *dns.Msg) er
log.Warningf("nameserver: could not get remote address of request for %s%s, ignoring", q.FQDN, q.QType) log.Warningf("nameserver: could not get remote address of request for %s%s, ignoring", q.FQDN, q.QType)
return nil return nil
} }
if !remoteAddr.IP.Equal(ipv4Localhost) { if !netutils.IPIsLocalhost(remoteAddr.IP) {
// if request is not coming from 127.0.0.1, check if it's really local // If request is not from a localhost address, check it it's really local.
localAddr, ok := w.RemoteAddr().(*net.UDPAddr) localAddr, ok := w.RemoteAddr().(*net.UDPAddr)
if !ok { if !ok {