If dns.domainNeeded is set, refuse to send plain domain queries (like laptop) upstream at all.
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
parent
ad46a1018a
commit
231a9853bd
|
@ -506,19 +506,14 @@ bool __attribute__((const)) write_dnsmasq_config(struct config *conf, bool test_
|
|||
free(copy);
|
||||
}
|
||||
|
||||
// When there is a Pi-hole domain set and "Never forward non-FQDNs" is
|
||||
// ticked, we add `local=/domain/` to signal that this domain is purely
|
||||
// local and FTL may answer queries from /etc/hosts or DHCP but should
|
||||
// never forward queries on that domain to any upstream servers
|
||||
// When "Never forward non-FQDNs" is ticked, we add `local=//` to signal
|
||||
// that non-FQDNs queries should never be sent to any upstream servers
|
||||
if(conf->dns.domainNeeded.v.b)
|
||||
{
|
||||
fputs("# Never forward A or AAAA queries for plain names, without\n",pihole_conf);
|
||||
fputs("# dots or domain parts, to upstream nameservers. If the name\n", pihole_conf);
|
||||
fputs("# is not known from /etc/hosts or DHCP a NXDOMAIN is returned\n", pihole_conf);
|
||||
if(strlen(conf->dns.domain.v.s))
|
||||
fprintf(pihole_conf, "local=/%s/\n\n", conf->dns.domain.v.s);
|
||||
else
|
||||
fputs("\n", pihole_conf);
|
||||
fputs("# is not known from /etc/hosts or DHCP, NXDOMAIN is returned\n", pihole_conf);
|
||||
fputs("local=//\n\n", pihole_conf);
|
||||
}
|
||||
|
||||
// Add domain to DNS server. It will also be used for DHCP if the DHCP
|
||||
|
|
Loading…
Reference in New Issue