Fix nft run
This commit is contained in:
Timmy Welch
parent
971b8f2521
commit
fc2e21cfd6
@ -599,7 +599,7 @@ func (s *Server) handleRequest(w dns.ResponseWriter, r *dns.Msg) {
|
||||
// DNS has no reply for resolving errors
|
||||
}
|
||||
|
||||
func (s *Server) getSubname(domain string, queryName string) (IP,bool) {
|
||||
func (s *Server) getSubname(domain string, queryName string) (IP, bool) {
|
||||
name := strings.TrimSuffix(queryName, ".")
|
||||
name = strings.TrimSuffix(name, ".lan") // trim lan domain
|
||||
name = strings.TrimSuffix(name, "."+string(s.domain)) // trim server domain
|
||||
@ -607,14 +607,14 @@ func (s *Server) getSubname(domain string, queryName string) (IP,bool) {
|
||||
if ip, ok := s.subname(domain, name); ok {
|
||||
return ip, true
|
||||
}
|
||||
return IP{},false
|
||||
return IP{}, false
|
||||
}
|
||||
|
||||
func (s *Server) resolveSubname(domain string, q dns.Question) (dns.RR, error) {
|
||||
if q.Qclass != dns.ClassINET {
|
||||
return nil, nil
|
||||
}
|
||||
ip,ok := s.getSubname(domain,q.Name)
|
||||
ip, ok := s.getSubname(domain, q.Name)
|
||||
if q.Qtype == dns.TypeA || q.Qtype == dns.TypeAAAA /*|| q.Qtype == dns.TypeMX*/ {
|
||||
if ok {
|
||||
if q.Qtype == dns.TypeA && ip.IPv4.To4() != nil {
|
||||
@ -665,7 +665,7 @@ func (s *Server) subnameHandler(domain lcHostname) func(w dns.ResponseWriter, r
|
||||
}
|
||||
|
||||
// Send an authoritative NXDOMAIN for local names:
|
||||
if _,ok := s.getSubname(string(domain),r.Question[0].Name);r.Question[0].Qtype == dns.TypePTR || (r.Question[0].Qtype == dns.TypeCNAME && ok) || !strings.Contains(strings.TrimSuffix(r.Question[0].Name, "."), ".") || strings.HasSuffix(r.Question[0].Name, ".lan.") {
|
||||
if _, ok := s.getSubname(string(domain), r.Question[0].Name); r.Question[0].Qtype == dns.TypePTR || (r.Question[0].Qtype == dns.TypeCNAME && ok) || !strings.Contains(strings.TrimSuffix(r.Question[0].Name, "."), ".") || strings.HasSuffix(r.Question[0].Name, ".lan.") {
|
||||
s.promInc("local", r)
|
||||
m := new(dns.Msg)
|
||||
m.SetReply(r)
|
||||
|
||||
@ -1241,13 +1241,15 @@ func Apply(dir, root string, firewall bool) error {
|
||||
log.Println("Applying custom firewall")
|
||||
cmd := &exec.Cmd{
|
||||
Path: "/user/nft",
|
||||
Args: []string{"/user/nft", "-f/etc/firewall.nft"},
|
||||
Env: os.Environ(),
|
||||
Args: []string{"/user/nft", "-ef", "/etc/firewall.nft"},
|
||||
Env: cleanEnviron(os.Environ()),
|
||||
Stdout: os.Stdout,
|
||||
Stderr: os.Stderr,
|
||||
}
|
||||
if err := cmd.Run(); err != nil {
|
||||
appendError(fmt.Errorf("firewall: nft: %v", err))
|
||||
} else {
|
||||
log.Println("Custom firewall successfully applied:", cmd.ProcessState.ExitCode())
|
||||
}
|
||||
} else {
|
||||
log.Println("Firewall Disabled")
|
||||
@ -1263,3 +1265,12 @@ func Apply(dir, root string, firewall bool) error {
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func cleanEnviron(environ []string) []string {
|
||||
for i, env := range environ {
|
||||
if strings.Contains(env, "GOKRAZY") {
|
||||
environ[i] = ""
|
||||
}
|
||||
}
|
||||
return environ
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user