allow the firewall to use the router for dns requests (in rules)

This commit is contained in:
Pierre Alain 2024-05-06 19:11:23 +02:00 committed by Hannes Mehnert
parent a37584a720
commit 8e4c24bfba
2 changed files with 4 additions and 4 deletions

View File

@ -446,14 +446,14 @@ struct
clients := !clients |> Dao.VifMap.add key cleanup)))
let send_dns_client_query t ~src_port ~dst ~dst_port buf =
match t with
match t.uplink with
| None ->
Log.err (fun f -> f "No uplink interface");
Lwt.return (Error (`Msg "failure"))
| Some t -> (
| Some uplink -> (
Lwt.catch
(fun () ->
U.write ~src_port ~dst ~dst_port t.udp buf >|= function
U.write ~src_port ~dst ~dst_port uplink.udp buf >|= function
| Error s ->
Log.err (fun f -> f "error sending udp packet: %a" U.pp_error s);
Error (`Msg "failure")

View File

@ -103,7 +103,7 @@ module Main (R : Mirage_random.S)(Clock : Mirage_clock.MCLOCK)(Time : Mirage_tim
~uplink:None
in
let send_dns_query = Dispatcher.send_dns_client_query None in
let send_dns_query = Dispatcher.send_dns_client_query router in
let dns_mvar = Lwt_mvar.create_empty () in
let nameservers = `Udp, [ config.Dao.dns, 53 ; config.Dao.dns2, 53 ] in
let dns_client = Dns_client.create ~nameservers (router, send_dns_query, dns_mvar) in