Security enhancement for the "never forward non-FQDNs" feature. This should prevent all local queries from being forwarded (will show up as blocked by regex) as well as any hostname without a domain (for example one word searches from the address bar in browsers). This fixes #3303

Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER 2020-10-10 11:01:01 +02:00
parent 0445559610
commit d631cd8b04
No known key found for this signature in database
GPG key ID: 00135ACBD90B28DD

View file

@ -167,9 +167,11 @@ ProcessDNSSettings() {
fi fi
delete_dnsmasq_setting "domain-needed" delete_dnsmasq_setting "domain-needed"
delete_dnsmasq_setting "expand-hosts"
if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
add_dnsmasq_setting "domain-needed" add_dnsmasq_setting "domain-needed"
add_dnsmasq_setting "expand-hosts"
fi fi
delete_dnsmasq_setting "bogus-priv" delete_dnsmasq_setting "bogus-priv"
@ -370,6 +372,7 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}" echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
echo "local=/${PIHOLE_DOMAIN}/" >> "${dhcpconfig}"
fi fi
# Sourced from setupVars # Sourced from setupVars