|
|
@@ -1666,7 +1666,7 @@ static int _dns_server_passthrough_rule_check(struct dns_request *request, char
|
|
|
int j = 0;
|
|
|
struct dns_rrs *rrs = NULL;
|
|
|
int ip_check_result = 0;
|
|
|
- int is_result_strict = 0;
|
|
|
+ int is_result_discard = 0;
|
|
|
|
|
|
if (packet->head.rcode != DNS_RC_NOERROR && packet->head.rcode != DNS_RC_NXDOMAIN) {
|
|
|
if (request->rcode == DNS_RC_SERVFAIL) {
|
|
|
@@ -1680,8 +1680,9 @@ static int _dns_server_passthrough_rule_check(struct dns_request *request, char
|
|
|
for (j = 1; j < DNS_RRS_END; j++) {
|
|
|
rrs = dns_get_rrs_start(packet, j, &rr_count);
|
|
|
for (i = 0; i < rr_count && rrs; i++, rrs = dns_get_rrs_next(packet, rrs)) {
|
|
|
- if (rrs->type == request->qtype || rrs->type == DNS_T_SOA) {
|
|
|
- is_result_strict = 1;
|
|
|
+ if ((rrs->type == DNS_T_A || rrs->type == DNS_T_AAAA) &&
|
|
|
+ (request->qtype != DNS_T_A && request->qtype != DNS_T_AAAA)) {
|
|
|
+ is_result_discard = 1;
|
|
|
}
|
|
|
|
|
|
switch (rrs->type) {
|
|
|
@@ -1744,7 +1745,7 @@ static int _dns_server_passthrough_rule_check(struct dns_request *request, char
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- if (is_result_strict == 0) {
|
|
|
+ if (is_result_discard == 1) {
|
|
|
return 0;
|
|
|
}
|
|
|
|
Nick Peng