多项修复
This commit is contained in:
Alex Yang
BIN
Binary file not shown.
+22
-4
@@ -1556,17 +1556,35 @@ func (s *Server) forwardDNSRequestWithCache(r *dns.Msg, domain string) (*dns.Msg
|
|||||||
dnssecServerForResponse = resp.server
|
dnssecServerForResponse = resp.server
|
||||||
}
|
}
|
||||||
|
|
||||||
// 如果响应成功或为NXDOMAIN
|
// 如果响应成功或为 NXDOMAIN
|
||||||
if resp.response.Rcode == dns.RcodeSuccess || resp.response.Rcode == dns.RcodeNameError {
|
if resp.response.Rcode == dns.RcodeSuccess || resp.response.Rcode == dns.RcodeNameError {
|
||||||
// 按Rcode分类添加到不同列表
|
// 按 Rcode 分类添加到不同列表
|
||||||
if resp.response.Rcode == dns.RcodeSuccess {
|
if resp.response.Rcode == dns.RcodeSuccess {
|
||||||
successResponses = append(successResponses, resp.response)
|
successResponses = append(successResponses, resp.response)
|
||||||
} else {
|
} else {
|
||||||
nxdomainResponses = append(nxdomainResponses, resp.response)
|
nxdomainResponses = append(nxdomainResponses, resp.response)
|
||||||
}
|
}
|
||||||
|
|
||||||
// 快速返回逻辑:找到第一个有效响应或更快的响应
|
// 简化的快速返回逻辑:找到第一个成功响应或更快的响应
|
||||||
if resp.response.Rcode == dns.RcodeSuccess {
|
// 对于不验证 DNSSEC 的域名,直接返回第一个成功响应
|
||||||
|
if noDNSSEC {
|
||||||
|
// 不验证 DNSSEC 的域名:直接返回第一个成功响应
|
||||||
|
if !hasBestResponse || resp.rtt < fastestRtt {
|
||||||
|
fastestResponse = resp.response
|
||||||
|
fastestRtt = resp.rtt
|
||||||
|
fastestServer = resp.server
|
||||||
|
fastestDnssecServer = dnssecServerForResponse
|
||||||
|
fastestHasDnssec = false
|
||||||
|
|
||||||
|
// 立即发送结果,快速返回
|
||||||
|
resultChan <- struct {
|
||||||
|
response *dns.Msg
|
||||||
|
rtt time.Duration
|
||||||
|
usedServer string
|
||||||
|
usedDnssecServer string
|
||||||
|
}{fastestResponse, fastestRtt, fastestServer, fastestDnssecServer}
|
||||||
|
}
|
||||||
|
} else if resp.response.Rcode == dns.RcodeSuccess {
|
||||||
// 优先选择带有DNSSEC的响应
|
// 优先选择带有DNSSEC的响应
|
||||||
if containsDNSSEC {
|
if containsDNSSEC {
|
||||||
// 如果这是第一个DNSSEC响应,或者比当前最快的DNSSEC响应更快
|
// 如果这是第一个DNSSEC响应,或者比当前最快的DNSSEC响应更快
|
||||||
|
|||||||
+3293
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,38 @@
|
|||||||
|
--- dns/server.go
|
||||||
|
+++ dns/server.go
|
||||||
|
@@ -605,6 +605,8 @@ func (s *Server) checkRequestConditions(w dns.ResponseWriter, r *dns.Msg, startT
|
||||||
|
if r.RecursionDesired == false {
|
||||||
|
se := new(dns.Msg)
|
||||||
|
se.SetReply(r)
|
||||||
|
+// 设置递归可用标志
|
||||||
|
+response.RecursionAvailable = true
|
||||||
|
不再硬编码 RecursionAvailable,使用默认值或上游返回的值
|
||||||
|
se.SetRcode(r, dns.RcodeRefused)
|
||||||
|
se)
|
||||||
|
@@ -1010,6 +1012,8 @@ func (s *Server) handleHostsResponse(w dns.ResponseWriter, r *dns.Msg, ip string
|
||||||
|
func handleHostsResponse(w dns.ResponseWriter, r *dns.Msg, ip string) {
|
||||||
|
response := new(dns.Msg)
|
||||||
|
response.SetReply(r)
|
||||||
|
+// 设置递归可用标志(因为我们的 DNS 服务器支持递归查询)
|
||||||
|
+response.RecursionAvailable = true
|
||||||
|
// 不再硬编码 RecursionAvailable,使用默认值或上游返回的值
|
||||||
|
|
||||||
|
if len(r.Question) > 0 {
|
||||||
|
@@ -1051,6 +1055,8 @@ func (s *Server) handleGFWListResponse(w dns.ResponseWriter, r *dns.Msg, domain
|
||||||
|
|
||||||
|
response := new(dns.Msg)
|
||||||
|
response.SetReply(r)
|
||||||
|
+// 设置递归可用标志
|
||||||
|
+response.RecursionAvailable = true
|
||||||
|
|
||||||
|
if len(r.Question) > 0 {
|
||||||
|
:= r.Question[0]
|
||||||
|
@@ -1082,6 +1088,8 @@ func (s *Server) handleBlockedResponse(w dns.ResponseWriter, r *dns.Msg, domain
|
||||||
|
|
||||||
|
response := new(dns.Msg)
|
||||||
|
response.SetReply(r)
|
||||||
|
+// 设置递归可用标志
|
||||||
|
+response.RecursionAvailable = true
|
||||||
|
// 不再硬编码 RecursionAvailable,使用默认值或上游返回的值
|
||||||
|
|
||||||
|
// 获取屏蔽方法配置
|
||||||
Reference in New Issue
Block a user