mirror of
https://github.com/mirage/qubes-mirage-firewall.git
synced 2024-10-01 01:05:39 -04:00
allow the firewall to use the router for dns requests (in rules)
This commit is contained in:
parent
a37584a720
commit
8e4c24bfba
@ -446,14 +446,14 @@ struct
|
|||||||
clients := !clients |> Dao.VifMap.add key cleanup)))
|
clients := !clients |> Dao.VifMap.add key cleanup)))
|
||||||
|
|
||||||
let send_dns_client_query t ~src_port ~dst ~dst_port buf =
|
let send_dns_client_query t ~src_port ~dst ~dst_port buf =
|
||||||
match t with
|
match t.uplink with
|
||||||
| None ->
|
| None ->
|
||||||
Log.err (fun f -> f "No uplink interface");
|
Log.err (fun f -> f "No uplink interface");
|
||||||
Lwt.return (Error (`Msg "failure"))
|
Lwt.return (Error (`Msg "failure"))
|
||||||
| Some t -> (
|
| Some uplink -> (
|
||||||
Lwt.catch
|
Lwt.catch
|
||||||
(fun () ->
|
(fun () ->
|
||||||
U.write ~src_port ~dst ~dst_port t.udp buf >|= function
|
U.write ~src_port ~dst ~dst_port uplink.udp buf >|= function
|
||||||
| Error s ->
|
| Error s ->
|
||||||
Log.err (fun f -> f "error sending udp packet: %a" U.pp_error s);
|
Log.err (fun f -> f "error sending udp packet: %a" U.pp_error s);
|
||||||
Error (`Msg "failure")
|
Error (`Msg "failure")
|
||||||
|
@ -103,7 +103,7 @@ module Main (R : Mirage_random.S)(Clock : Mirage_clock.MCLOCK)(Time : Mirage_tim
|
|||||||
~uplink:None
|
~uplink:None
|
||||||
in
|
in
|
||||||
|
|
||||||
let send_dns_query = Dispatcher.send_dns_client_query None in
|
let send_dns_query = Dispatcher.send_dns_client_query router in
|
||||||
let dns_mvar = Lwt_mvar.create_empty () in
|
let dns_mvar = Lwt_mvar.create_empty () in
|
||||||
let nameservers = `Udp, [ config.Dao.dns, 53 ; config.Dao.dns2, 53 ] in
|
let nameservers = `Udp, [ config.Dao.dns, 53 ; config.Dao.dns2, 53 ] in
|
||||||
let dns_client = Dns_client.create ~nameservers (router, send_dns_query, dns_mvar) in
|
let dns_client = Dns_client.create ~nameservers (router, send_dns_query, dns_mvar) in
|
||||||
|
Loading…
Reference in New Issue
Block a user