diff --git a/src/dns_client.c b/src/dns_client.c
index f54b1b822c..cd87eaf200 100644
--- a/src/dns_client.c
+++ b/src/dns_client.c
@@ -1804,6 +1804,20 @@ static void _dns_replied_check_remove(struct dns_query_struct *dns_query, struct
 	}
 }
 
+static int _dns_client_server_package_address_match(struct dns_server_info *server_info, struct sockaddr *addr,
+													socklen_t addr_len)
+{
+	if (addr_len != server_info->ai_addrlen) {
+		return -1;
+	}
+
+	if (memcmp(addr, &server_info->addr, addr_len) != 0) {
+		return -1;
+	}
+
+	return 0;
+}
+
 static int _dns_client_recv(struct dns_server_info *server_info, unsigned char *inpacket, int inpacket_len,
 							struct sockaddr *from, socklen_t from_len)
 {
@@ -1824,6 +1838,11 @@ static int _dns_client_recv(struct dns_server_info *server_info, unsigned char *
 
 	packet->head.tc = 0;
 
+	if (_dns_client_server_package_address_match(server_info, from, from_len) != 0) {
+		tlog(TLOG_DEBUG, "packet from invalid server.");
+		return -1;
+	}
+
 	/* decode domain from udp packet */
 	len = dns_decode(packet, DNS_PACKSIZE, inpacket, inpacket_len);
 	if (len != 0) {
diff --git a/src/tlog.c b/src/tlog.c
index 2f008852d4..db88af4098 100644
--- a/src/tlog.c
+++ b/src/tlog.c
@@ -1080,16 +1080,17 @@ static void _tlog_close_all_fd(void)
         }
     }
 
-    close(dir_fd);
 
     if (bytes < 0) {
         goto errout;
     }
 
+    close(dir_fd);
     return;
 errout:
     if (dir_fd > 0) {
         close(dir_fd);
+        dir_fd = -1;
     }
 #endif
     _tlog_close_all_fd_by_res();