Closed cattyhouse closed 2 years ago
Why, dnsproxy actually can handle any query, it just forwards it further to the upstream DNS server which should be able to do that.
dnsproxy is supposed to be a simple forwarder, all kinds of filtering can be done by AdGuard Home that uses dnsproxy as a library.
Thanks, since dnsproxy is able to --disable-ipv6
, would you mind adding an option like --disable-type65
?
I knew we shouldn't have added disable-ipv6
in the first place :)
But the point still stands, we don't want it to be a "filter", this just a forwarder.
macOS and iOS, especially Safari, sends query type=65 along with type A and AAAA on each request, this can some times leads to
safari can't find the server
error, because right now dnsproxy can't handle that kind of query, maybe i am wrong saying this.right now i use iptables method to drop such query
iptables -t mangle -I PREROUTING -p udp --dport 53 -m string --from 40 --algo bm --hex-string '|000041|' -j DROP
000041
is a hex form of decimal65
https://en.wikipedia.org/wiki/List_of_DNS_record_types
is it possible to add an option to disable that query type?
thanks
some reference
https://github.com/blinkseb/dnsmasq-patched/blob/main/ignore_https_rr_queries.patch