start_instance() {
local cfg="$1"
- local ipset port dns
+ local ipset ipset6 port dns
config_get ipset "$cfg" ipset
- [ -n "$ipset" ] || {
+ config_get ipset6 "$cfg" ipset6
+ [ -n "$ipset$ipset6" ] || {
echo "No ipset specified for instance $cfg" >&2
return 1
}
config_get port "$cfg" port $((PORT++))
SERVICE_PID_FILE="/var/run/ipset-dns-$port.pid" \
- service_start /usr/sbin/ipset-dns "$ipset" "$port" "$dns"
+ service_start /usr/sbin/ipset-dns "$ipset" "$ipset6" "$port" "$dns"
}
start() {
--- /dev/null
+--- a/ipset-dns.c
++++ b/ipset-dns.c
+@@ -307,19 +307,20 @@ int main(int argc, char *argv[])
+ struct timeval tv;
+ char msg[512];
+ char ip[INET6_ADDRSTRLEN];
+- char *ipset;
++ char *ipset, *ipset6;
+ int listen_sock, upstream_sock;
+ int pos, i, size, af;
+ socklen_t len;
+ size_t received;
+ pid_t child;
+
+- if (argc != 4) {
+- fprintf(stderr, "Usage: %s ipset port upstream\n", argv[0]);
++ if (argc != 5) {
++ fprintf(stderr, "Usage: %s ipv4-ipset ipv6-ipset port upstream\n", argv[0]);
+ return 1;
+ }
+
+ ipset = argv[1];
++ ipset6 = argv[2];
+
+ listen_sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+ if (listen_sock < 0) {
+@@ -329,7 +330,7 @@ int main(int argc, char *argv[])
+
+ memset(&listen_addr, 0, sizeof(listen_addr));
+ listen_addr.sin_family = AF_INET;
+- listen_addr.sin_port = htons(atoi(argv[2]));
++ listen_addr.sin_port = htons(atoi(argv[3]));
+ listen_addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+ i = 1;
+ setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i));
+@@ -341,7 +342,7 @@ int main(int argc, char *argv[])
+ memset(&upstream_addr, 0, sizeof(upstream_addr));
+ upstream_addr.sin_family = AF_INET;
+ upstream_addr.sin_port = htons(53);
+- inet_aton(argv[3], &upstream_addr.sin_addr);
++ inet_aton(argv[4], &upstream_addr.sin_addr);
+
+ /* TODO: Put all of the below code in several forks all listening on the same sock. */
+
+@@ -434,8 +435,11 @@ int main(int argc, char *argv[])
+ continue;
+ }
+
++ if ((af == AF_INET && !*ipset) || (af == AF_INET6 && !*ipset6))
++ continue;
++
+ printf("%s: %s\n", answer.dotted, ip);
+- if (add_to_ipset(ipset, answer.rdata, af) < 0)
++ if (add_to_ipset((af == AF_INET) ? ipset : ipset6, answer.rdata, af) < 0)
+ perror("add_to_ipset");
+ }
+