From 6775c82ad3714dcfde47a37b41dc4535043045f1 Mon Sep 17 00:00:00 2001
From: Moekr <highter@outlook.com>
Date: Wed, 3 May 2017 19:07:03 +0800
Subject: [PATCH] Modify IPv6 Address Filtering Strategy

If ChinaDNS received an AAAA record, drop if it's from China DNS server and pass if not so that users won't get a poisoned AAAA record.
This strategy may be very useful for users of IPv6 (like CERNET2) if their IPv6 network has higher priority than IPv4.
---
 src/chinadns.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/chinadns.c b/src/chinadns.c
index 6716554..08d9bad 100644
--- a/src/chinadns.c
+++ b/src/chinadns.c
@@ -806,8 +806,11 @@ static int should_filter_query(ns_msg msg, struct in_addr dns_addr) {
           return 1;
         }
       }
-    } else if (type == ns_t_aaaa || type == ns_t_ptr) {
-      // if we've got an IPv6 result or a PTR result, pass
+    } else if (type == ns_t_aaaa) {
+      if (dns_is_chn) {
+        return 1;
+      }
+    } else if (type == ns_t_ptr) {
       return 0;
     }
   }