DOT listens on all interfaces, refers to #281

2020-11-04 03:14:27 +00:00
parent 0c9f74ffa4
commit b5fb2b849a
3 changed files with 4 additions and 4 deletions
--- a/internal/dns/conf.go
+++ b/internal/dns/conf.go
@@ -66,7 +66,7 @@ func generateUnboundConf(ctx context.Context, settings settings.DNS,
 		// Network
 		"do-ip4":    "yes",
 		"do-ip6":    doIPv6,
-		"interface": "127.0.0.1",
+		"interface": "0.0.0.0",
 		"port":      "53",
 		// Other
 		"username": "\"nonrootuser\"",
--- a/internal/dns/conf_test.go
+++ b/internal/dns/conf_test.go
@@ -54,7 +54,7 @@ server:
  harden-referral-path: yes
  hide-identity: yes
  hide-version: yes
-  interface: 127.0.0.1
+  interface: 0.0.0.0
  key-cache-size: 16m
  key-cache-slabs: 4
  msg-cache-size: 4m
--- a/internal/routing/reader.go
+++ b/internal/routing/reader.go
@@ -128,7 +128,7 @@ func (r *routing) VPNDestinationIP() (ip net.IP, err error) {
 	for _, route := range routes {
 		if route.LinkIndex == defaultLinkIndex &&
 			route.Dst != nil &&
-			!ipIsPrivate(route.Dst.IP) &&
+			!IPIsPrivate(route.Dst.IP) &&
 			bytes.Equal(route.Dst.Mask, net.IPMask{255, 255, 255, 255}) {
 			return route.Dst.IP, nil
 		}
@@ -156,7 +156,7 @@ func (r *routing) VPNLocalGatewayIP() (ip net.IP, err error) {
 	return nil, fmt.Errorf("cannot find VPN local gateway IP address from ip routes")
 }

-func ipIsPrivate(ip net.IP) bool {
+func IPIsPrivate(ip net.IP) bool {
 	if ip.IsLoopback() || ip.IsLinkLocalUnicast() || ip.IsLinkLocalMulticast() {
 		return true
 	}