From 3e40faddf52c1d4e41a4b3cae4af7000eb53398d Mon Sep 17 00:00:00 2001 From: Miek Gieben Date: Wed, 8 Aug 2012 12:43:12 +0200 Subject: [PATCH] fixup shield --- ex/fks-shield/cache.go | 2 -- ex/fks-shield/shield.go | 25 ++++++++++++++++++++----- 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/ex/fks-shield/cache.go b/ex/fks-shield/cache.go index 28857cf9..7655f27f 100644 --- a/ex/fks-shield/cache.go +++ b/ex/fks-shield/cache.go @@ -9,8 +9,6 @@ import ( "time" ) -const TTL time.Duration = 30 * 1e9 // 30 seconds - // Cache elements, we using to key (toRadixKey) to distinguish between dns and dnssec type Packet struct { ttl time.Time // insertion time diff --git a/ex/fks-shield/shield.go b/ex/fks-shield/shield.go index df76e6d4..c1678f41 100644 --- a/ex/fks-shield/shield.go +++ b/ex/fks-shield/shield.go @@ -1,6 +1,6 @@ package main -// TODO: locking +// TODO: locking, tsig (need key list to rewrap the queries) import ( "dns" @@ -11,16 +11,31 @@ import ( ) var ( - listen = flag.String("listen", "127.0.0.1:8053", "set the listener address") - server = flag.String("server", "127.0.0.1:53", "remote server address") - flaglog = flag.Bool("log", false, "be more verbose") + listen = flag.String("listen", "127.0.0.1:8053", "set the listener address") + server = flag.String("server", "127.0.0.1:53", "remote server address") + flagttl = flag.Int("ttl", 30, "ttl (in seconds) for cached packets") + flaglog = flag.Bool("log", false, "be more verbose") + TTL time.Duration = 0 + // tsifile = flag.String("tsig", "", "file with tsig secrets (key.:base64)") ) func serve(w dns.ResponseWriter, r *dns.Msg, c *Cache) { - // only do queries not dynamic updates if *flaglog { log.Printf("fks-shield: query") } + TTL = time.Duration(*flagttl * 1e9) + // Check for "special queries" + switch { + case r.IsNotify(): + fallthrough + case r.IsUpdate(): + client := new(dns.Client) + if p, e := client.Exchange(r, *server); e == nil { + w.Write(p) + } + return + } + if p := c.Find(r); p != nil { dns.RawSetId(p, r.MsgHdr.Id) w.WriteBuf(p)