If dns.domainNeeded is set, refuse to send plain domain queries (like laptop) upstream at all.
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
parent
ad46a1018a
commit
231a9853bd
|
@ -506,19 +506,14 @@ bool __attribute__((const)) write_dnsmasq_config(struct config *conf, bool test_
|
||||||
free(copy);
|
free(copy);
|
||||||
}
|
}
|
||||||
|
|
||||||
// When there is a Pi-hole domain set and "Never forward non-FQDNs" is
|
// When "Never forward non-FQDNs" is ticked, we add `local=//` to signal
|
||||||
// ticked, we add `local=/domain/` to signal that this domain is purely
|
// that non-FQDNs queries should never be sent to any upstream servers
|
||||||
// local and FTL may answer queries from /etc/hosts or DHCP but should
|
|
||||||
// never forward queries on that domain to any upstream servers
|
|
||||||
if(conf->dns.domainNeeded.v.b)
|
if(conf->dns.domainNeeded.v.b)
|
||||||
{
|
{
|
||||||
fputs("# Never forward A or AAAA queries for plain names, without\n",pihole_conf);
|
fputs("# Never forward A or AAAA queries for plain names, without\n",pihole_conf);
|
||||||
fputs("# dots or domain parts, to upstream nameservers. If the name\n", pihole_conf);
|
fputs("# dots or domain parts, to upstream nameservers. If the name\n", pihole_conf);
|
||||||
fputs("# is not known from /etc/hosts or DHCP a NXDOMAIN is returned\n", pihole_conf);
|
fputs("# is not known from /etc/hosts or DHCP, NXDOMAIN is returned\n", pihole_conf);
|
||||||
if(strlen(conf->dns.domain.v.s))
|
fputs("local=//\n\n", pihole_conf);
|
||||||
fprintf(pihole_conf, "local=/%s/\n\n", conf->dns.domain.v.s);
|
|
||||||
else
|
|
||||||
fputs("\n", pihole_conf);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Add domain to DNS server. It will also be used for DHCP if the DHCP
|
// Add domain to DNS server. It will also be used for DHCP if the DHCP
|
||||||
|
|
Loading…
Reference in New Issue