fixup shield

2012-08-08 12:43:12 +02:00 · 2012-08-08 12:43:12 +02:00 · 3e40faddf5
parent d6cc21a0aa
commit 3e40faddf5
2 changed files with 20 additions and 7 deletions
--- a/ex/fks-shield/cache.go
+++ b/ex/fks-shield/cache.go
@ -9,8 +9,6 @@ import (
 	"time"
 )

-const TTL time.Duration = 30 * 1e9 // 30 seconds
-
 // Cache elements, we using to key (toRadixKey) to distinguish between dns and dnssec
 type Packet struct {
 	ttl time.Time // insertion time
--- a/ex/fks-shield/shield.go
+++ b/ex/fks-shield/shield.go
@ -1,6 +1,6 @@
 package main

-// TODO: locking
+// TODO: locking, tsig (need key list to rewrap the queries)

 import (
 	"dns"
@ -11,16 +11,31 @@ import (
 )

 var (
-	listen  = flag.String("listen", "127.0.0.1:8053", "set the listener address")
-	server  = flag.String("server", "127.0.0.1:53", "remote server address")
-	flaglog = flag.Bool("log", false, "be more verbose")
+	listen                = flag.String("listen", "127.0.0.1:8053", "set the listener address")
+	server                = flag.String("server", "127.0.0.1:53", "remote server address")
+	flagttl               = flag.Int("ttl", 30, "ttl (in seconds) for cached packets")
+	flaglog               = flag.Bool("log", false, "be more verbose")
+	TTL     time.Duration = 0
+	//	tsifile = flag.String("tsig", "", "file with tsig secrets (key.:base64)")
 )

 func serve(w dns.ResponseWriter, r *dns.Msg, c *Cache) {
-	// only do queries not dynamic updates
 	if *flaglog {
 		log.Printf("fks-shield: query")
 	}
+	TTL = time.Duration(*flagttl * 1e9)
+	// Check for "special queries"
+	switch {
+	case r.IsNotify():
+		fallthrough
+	case r.IsUpdate():
+		client := new(dns.Client)
+		if p, e := client.Exchange(r, *server); e == nil {
+			w.Write(p)
+		}
+		return
+	}
+
 	if p := c.Find(r); p != nil {
 		dns.RawSetId(p, r.MsgHdr.Id)
 		w.WriteBuf(p)