[PATCH v7 2/2] dnsmasq: add config option for connmark DNS filtering
Adrian Schmutzler
mail at adrianschmutzler.de
Sat Jul 10 15:39:58 PDT 2021
Hi,
> -----Original Message-----
> From: openwrt-devel [mailto:openwrt-devel-bounces at lists.openwrt.org]
> On Behalf Of Etan Kissling
> Sent: Samstag, 10. Juli 2021 00:04
> To: openwrt-devel at lists.openwrt.org
> Cc: Kevin Darbyshire-Bryant <ldir at darbyshire-bryant.me.uk>; Simon Kelley
> <simon at thekelleys.org.uk>
> Subject: [PATCH v7 2/2] dnsmasq: add config option for connmark DNS
> filtering
>
> This adds uci support to configure connmark based DNS filtering.
>
> Signed-off-by: Etan Kissling <etan_kissling at apple.com> (See
> https://lists.thekelleys.org.uk/pipermail/dnsmasq-
> discuss/2021q2/015151.html)
> Signed-off-by: Etan Kissling <etan.kissling at gmail.com>
is there a special reason why you repeatedly post with multiple
Signed-off-by?
Best
Adrian
> ---
> v2: Bundle with patch to update dnsmasq.
>
> package/network/services/dnsmasq/files/dnsmasq.init | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/package/network/services/dnsmasq/files/dnsmasq.init
> b/package/network/services/dnsmasq/files/dnsmasq.init
> index f86b4b04f3..d77780f7d5 100644
> --- a/package/network/services/dnsmasq/files/dnsmasq.init
> +++ b/package/network/services/dnsmasq/files/dnsmasq.init
> @@ -172,6 +172,10 @@ append_ipset() {
> xappend "--ipset=$1"
> }
>
> +append_connmark_allowlist() {
> + xappend "--connmark-allowlist=$1"
> +}
> +
> append_interface() {
> network_get_device ifname "$1" || ifname="$1"
> xappend "--interface=$ifname"
> @@ -921,6 +925,14 @@ dnsmasq_start()
> config_list_foreach "$cfg" "rev_server" append_rev_server
> config_list_foreach "$cfg" "address" append_address
> config_list_foreach "$cfg" "ipset" append_ipset
> +
> + local connmark_allowlist_enable
> + config_get connmark_allowlist_enable "$cfg"
> connmark_allowlist_enable 0
> + [ "$connmark_allowlist_enable" -gt 0 ] && {
> + append_parm "$cfg" "connmark_allowlist_enable" "--
> connmark-allowlist-enable"
> + config_list_foreach "$cfg" "connmark_allowlist"
> append_connmark_allowlist
> + }
> +
> [ -n "$BOOT" ] || {
> config_list_foreach "$cfg" "interface" append_interface
> config_list_foreach "$cfg" "notinterface"
> append_notinterface
> --
> 2.30.1 (Apple Git-130)
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list