diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-06-23 09:28:27 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-06-23 09:28:27 -0400 |
| commit | 80360ed9fa86c22ee3f9cf7e14076ef64466918a (patch) | |
| tree | 73865a8fe8eb6cd18edd19c27ce0b6deb3db2e27 /src/or/dns.c | |
| parent | 90046a09dd95c789e28f63c320c1c16e58ecf57a (diff) | |
| parent | 96fab4aaa60cacd123b3125d7b7c2e68704f8df1 (diff) | |
| download | tor-80360ed9fa86c22ee3f9cf7e14076ef64466918a.tar.gz tor-80360ed9fa86c22ee3f9cf7e14076ef64466918a.zip | |
Merge branch 'bug3056_squashed'
Diffstat (limited to 'src/or/dns.c')
| -rw-r--r-- | src/or/dns.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/or/dns.c b/src/or/dns.c index 98b684c904..722c5925d8 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -182,6 +182,18 @@ evdns_log_cb(int warn, const char *msg) } else if (!strcmp(msg, "All nameservers have failed")) { control_event_server_status(LOG_WARN, "NAMESERVER_ALL_DOWN"); all_down = 1; + } else if (!strcmpstart(msg, "Address mismatch on received DNS")) { + static ratelim_t mismatch_limit = RATELIM_INIT(3600); + const char *src = strstr(msg, " Apparent source"); + if (!src || get_options()->SafeLogging) { + src = ""; + } + log_fn_ratelim(&mismatch_limit, severity, LD_EXIT, + "eventdns: Received a DNS packet from " + "an IP address to which we did not send a request. This " + "could be a DNS spoofing attempt, or some kind of " + "misconfiguration.%s", src); + return; } tor_log(severity, LD_EXIT, "eventdns: %s", msg); } |