[master] ECS authoritative support
3936. [func] Added authoritative support for the EDNS Client Subnet (ECS) option. ACLs can now include "ecs" elements which specify an address or network prefix; if an ECS option is included in a DNS query, then the address encoded in the option will be matched against "ecs" ACL elements. Also, if an ECS address is included in a query, then it will be used instead of the client source address when matching "geoip" ACL elements. This behavior can be overridden with "geoip-use-ecs no;". When "ecs" or "geoip" ACL elements are used to select a view for a query, the response will include an ECS option to indicate which client network the answer is valid for. (Thanks to Vincent Bernat.) [RT #36781]
This commit is contained in:
Evan Hunt
@@ -5,3 +5,4 @@
|
||||
10.53.0.5/32 CL
|
||||
10.53.0.6/32 DE
|
||||
10.53.0.7/32 EH
|
||||
192.0.2/24 O1
|
||||
|
||||
|
Reference in New Issue
Block a user