diff options
| -rw-r--r-- | plugin/pkg/proxy/connect.go | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/plugin/pkg/proxy/connect.go b/plugin/pkg/proxy/connect.go index 29274d92d..b60a1a237 100644 --- a/plugin/pkg/proxy/connect.go +++ b/plugin/pkg/proxy/connect.go @@ -7,6 +7,7 @@ package proxy import ( "context" "io" + "net" "strconv" "sync/atomic" "time" @@ -117,11 +118,20 @@ func (p *Proxy) Connect(ctx context.Context, state request.Request, opts Options for { ret, err = pc.c.ReadMsg() if err != nil { - pc.c.Close() // not giving it back + // For UDP, if the error is not a network error keep waiting for a valid response to prevent malformed + // spoofs from blocking the upstream response. + // In the case this is a legitimate malformed response from the upstream, this will result in a timeout. + if proto == "udp" { + if _, ok := err.(net.Error); !ok { + continue + } + } + pc.c.Close() // connection closed by peer, close the persistent connection if err == io.EOF && cached { return nil, ErrCachedClosed } - // recovery the origin Id after upstream. + + // recover the origin Id after upstream. if ret != nil { ret.Id = originId } |