From 1709b2099a7e159828c459b5c6ab9a7fba16b003 Mon Sep 17 00:00:00 2001
From: Niklas <niklas@kapelle.org>
Date: Wed, 3 Feb 2021 18:17:24 +0100
Subject: [PATCH] fixed issue with multiple zones

---
 internal/config.go  |  1 +
 internal/cooldns.go | 69 +++++++++++++++++++++++----------------------
 2 files changed, 37 insertions(+), 33 deletions(-)

diff --git a/internal/config.go b/internal/config.go
index af57258..20360e0 100644
--- a/internal/config.go
+++ b/internal/config.go
@@ -22,6 +22,7 @@ type config struct {
 }
 
 type configForward struct {
+	Enable bool     `yaml:"enable"`
 	ACL    []string `yaml:"acl"`
 	Server string   `yaml:"server"`
 }
diff --git a/internal/cooldns.go b/internal/cooldns.go
index 5170efb..af7d896 100644
--- a/internal/cooldns.go
+++ b/internal/cooldns.go
@@ -65,38 +65,7 @@ func createServer(zones zoneMap, config config, aclList map[string]*net.IPNet, b
 
 	// For all zones set from the config
 	for zoneName, zones := range zones {
-		srv.HandleFunc(zoneName, func(w dns.ResponseWriter, r *dns.Msg) {
-
-			// Parse IP
-			remoteIP, _, err := net.SplitHostPort(w.RemoteAddr().String())
-			ip := net.ParseIP(remoteIP)
-			if err != nil && ip != nil {
-				log.Printf("Faild to parse remote IP WTF? :%s\n", err.Error())
-				return
-			}
-
-			// Check if it is a ACME DNS-01 challange
-			if config.Lego.Enable && handleACMERequest(w, r, acmeList) {
-				return
-			}
-
-			// find out what view to handle the request
-			zoneIndex := -1
-
-			for i, zone := range zones {
-				if (len(zone.acl) == 0 && zoneIndex == -1) || checkACL(zone.acl, aclList, ip) {
-					zoneIndex = i
-				}
-			}
-
-			// No view found that can handle the request
-			if zoneIndex == -1 {
-				rcodeRequest(w, r, dns.RcodeRefused)
-				return
-			}
-
-			handleRequest(w, r, zones[zoneIndex])
-		})
+		srv.HandleFunc(zoneName, createHandler(zones, config, aclList, acmeList))
 	}
 
 	// Handle any other request for forwarding
@@ -117,7 +86,7 @@ func createServer(zones zoneMap, config config, aclList map[string]*net.IPNet, b
 		}
 
 		// Check ACL rules
-		if !checkACL(config.Forward.ACL, aclList, ip) {
+		if config.Forward.Enable && !checkACL(config.Forward.ACL, aclList, ip) {
 			rcodeRequest(w, r, dns.RcodeRefused)
 			return
 		}
@@ -187,3 +156,37 @@ func rcodeRequest(w dns.ResponseWriter, r *dns.Msg, rcode int) {
 	m.SetRcode(r, rcode)
 	w.WriteMsg(m)
 }
+
+func createHandler(zones []zoneView, config config, aclList map[string]*net.IPNet, acmeList *legoMap) func(w dns.ResponseWriter, r *dns.Msg) {
+	return func(w dns.ResponseWriter, r *dns.Msg) {
+		// Parse IP
+		remoteIP, _, err := net.SplitHostPort(w.RemoteAddr().String())
+		ip := net.ParseIP(remoteIP)
+		if err != nil && ip != nil {
+			log.Printf("Faild to parse remote IP WTF? :%s\n", err.Error())
+			return
+		}
+
+		// Check if it is a ACME DNS-01 challange
+		if config.Lego.Enable && handleACMERequest(w, r, acmeList) {
+			return
+		}
+
+		// find out what view to handle the request
+		zoneIndex := -1
+
+		for i, zone := range zones {
+			if (len(zone.acl) == 0 && zoneIndex == -1) || checkACL(zone.acl, aclList, ip) {
+				zoneIndex = i
+			}
+		}
+
+		// No view found that can handle the request
+		if zoneIndex == -1 {
+			rcodeRequest(w, r, dns.RcodeRefused)
+			return
+		}
+
+		handleRequest(w, r, zones[zoneIndex])
+	}
+}