fixed issue with multiple zones
This commit is contained in:
parent
8f499d8f85
commit
1709b2099a
@ -22,6 +22,7 @@ type config struct {
|
||||
}
|
||||
|
||||
type configForward struct {
|
||||
Enable bool `yaml:"enable"`
|
||||
ACL []string `yaml:"acl"`
|
||||
Server string `yaml:"server"`
|
||||
}
|
||||
|
||||
@ -65,38 +65,7 @@ func createServer(zones zoneMap, config config, aclList map[string]*net.IPNet, b
|
||||
|
||||
// For all zones set from the config
|
||||
for zoneName, zones := range zones {
|
||||
srv.HandleFunc(zoneName, func(w dns.ResponseWriter, r *dns.Msg) {
|
||||
|
||||
// Parse IP
|
||||
remoteIP, _, err := net.SplitHostPort(w.RemoteAddr().String())
|
||||
ip := net.ParseIP(remoteIP)
|
||||
if err != nil && ip != nil {
|
||||
log.Printf("Faild to parse remote IP WTF? :%s\n", err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Check if it is a ACME DNS-01 challange
|
||||
if config.Lego.Enable && handleACMERequest(w, r, acmeList) {
|
||||
return
|
||||
}
|
||||
|
||||
// find out what view to handle the request
|
||||
zoneIndex := -1
|
||||
|
||||
for i, zone := range zones {
|
||||
if (len(zone.acl) == 0 && zoneIndex == -1) || checkACL(zone.acl, aclList, ip) {
|
||||
zoneIndex = i
|
||||
}
|
||||
}
|
||||
|
||||
// No view found that can handle the request
|
||||
if zoneIndex == -1 {
|
||||
rcodeRequest(w, r, dns.RcodeRefused)
|
||||
return
|
||||
}
|
||||
|
||||
handleRequest(w, r, zones[zoneIndex])
|
||||
})
|
||||
srv.HandleFunc(zoneName, createHandler(zones, config, aclList, acmeList))
|
||||
}
|
||||
|
||||
// Handle any other request for forwarding
|
||||
@ -117,7 +86,7 @@ func createServer(zones zoneMap, config config, aclList map[string]*net.IPNet, b
|
||||
}
|
||||
|
||||
// Check ACL rules
|
||||
if !checkACL(config.Forward.ACL, aclList, ip) {
|
||||
if config.Forward.Enable && !checkACL(config.Forward.ACL, aclList, ip) {
|
||||
rcodeRequest(w, r, dns.RcodeRefused)
|
||||
return
|
||||
}
|
||||
@ -187,3 +156,37 @@ func rcodeRequest(w dns.ResponseWriter, r *dns.Msg, rcode int) {
|
||||
m.SetRcode(r, rcode)
|
||||
w.WriteMsg(m)
|
||||
}
|
||||
|
||||
func createHandler(zones []zoneView, config config, aclList map[string]*net.IPNet, acmeList *legoMap) func(w dns.ResponseWriter, r *dns.Msg) {
|
||||
return func(w dns.ResponseWriter, r *dns.Msg) {
|
||||
// Parse IP
|
||||
remoteIP, _, err := net.SplitHostPort(w.RemoteAddr().String())
|
||||
ip := net.ParseIP(remoteIP)
|
||||
if err != nil && ip != nil {
|
||||
log.Printf("Faild to parse remote IP WTF? :%s\n", err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
// Check if it is a ACME DNS-01 challange
|
||||
if config.Lego.Enable && handleACMERequest(w, r, acmeList) {
|
||||
return
|
||||
}
|
||||
|
||||
// find out what view to handle the request
|
||||
zoneIndex := -1
|
||||
|
||||
for i, zone := range zones {
|
||||
if (len(zone.acl) == 0 && zoneIndex == -1) || checkACL(zone.acl, aclList, ip) {
|
||||
zoneIndex = i
|
||||
}
|
||||
}
|
||||
|
||||
// No view found that can handle the request
|
||||
if zoneIndex == -1 {
|
||||
rcodeRequest(w, r, dns.RcodeRefused)
|
||||
return
|
||||
}
|
||||
|
||||
handleRequest(w, r, zones[zoneIndex])
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user