From d5c478a29fb101cdb921741a035d6d176a6ffb0f Mon Sep 17 00:00:00 2001
From: John Crispin <blogic@openwrt.org>
Date: Thu, 4 Sep 2014 17:44:46 +0200
Subject: [PATCH] silently drop unicast questions that dont originate from port
 5353

Signed-off-by: John Crispin <blogic@openwrt.org>
---
 dns.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/dns.c b/dns.c
index df855eb..3f6ecbe 100644
--- a/dns.c
+++ b/dns.c
@@ -359,6 +359,10 @@ dns_handle_packet(struct interface *iface, struct sockaddr *s, uint16_t port, ui
 		return;
 	}
 
+	if (h->questions && !iface->multicast && port != 5353)
+		// silently drop unicast questions that dont originate from port 5353  
+		return;
+
 	while (h->questions-- > 0) {
 		char *name = dns_consume_name(buffer, len, &b, &rlen);
 		struct dns_question *q;
-- 
2.11.0