Merge: - DNS: "custom_ip" blocking mode didn't work after app restart
Close #1262 Squashed commit of the following: commit bacd683ef5b52e275323a3c07b370ca08702403e Author: Simon Zolin <s.zolin@adguard.com> Date: Mon Dec 16 17:00:49 2019 +0300 fix commit 3d4f9626460de3e13a621f2b8e535e9e0939e2bb Author: Simon Zolin <s.zolin@adguard.com> Date: Mon Dec 16 16:54:23 2019 +0300 fix commit bf924bf90e9b705883bec88f8d7af11c39c1f322 Author: Simon Zolin <s.zolin@adguard.com> Date: Mon Dec 16 16:45:41 2019 +0300 add test commit 43338ea3645a025d69dd838bc732344255960bed Author: Simon Zolin <s.zolin@adguard.com> Date: Mon Dec 16 16:07:51 2019 +0300 - DNS: "custom_ip" blocking mode didn't work after app restart commit 220f32e713a95d2c67355c61e419dd09df9d42b2 Author: Simon Zolin <s.zolin@adguard.com> Date: Mon Dec 16 15:46:01 2019 +0300 - first run: fix panic on stop in case initialization didn't complete e.g. when Stats module can't be initialized because of incompatible file system
This commit is contained in:
parent
6a2430b799
commit
04de9d0f7b
|
@ -233,6 +233,13 @@ func (s *Server) startInternal() error {
|
||||||
func (s *Server) Prepare(config *ServerConfig) error {
|
func (s *Server) Prepare(config *ServerConfig) error {
|
||||||
if config != nil {
|
if config != nil {
|
||||||
s.conf = *config
|
s.conf = *config
|
||||||
|
if s.conf.BlockingMode == "custom_ip" {
|
||||||
|
s.conf.BlockingIPAddrv4 = net.ParseIP(s.conf.BlockingIPv4)
|
||||||
|
s.conf.BlockingIPAddrv6 = net.ParseIP(s.conf.BlockingIPv6)
|
||||||
|
if s.conf.BlockingIPAddrv4 == nil || s.conf.BlockingIPAddrv6 == nil {
|
||||||
|
return fmt.Errorf("DNS: invalid custom blocking IP address specified")
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(s.conf.UpstreamDNS) == 0 {
|
if len(s.conf.UpstreamDNS) == 0 {
|
||||||
|
|
|
@ -424,6 +424,55 @@ func TestNullBlockedRequest(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestBlockedCustomIP(t *testing.T) {
|
||||||
|
rules := "||nxdomain.example.org^\n||null.example.org^\n127.0.0.1 host.example.org\n@@||whitelist.example.org^\n||127.0.0.255\n"
|
||||||
|
filters := map[int]string{}
|
||||||
|
filters[0] = rules
|
||||||
|
c := dnsfilter.Config{}
|
||||||
|
|
||||||
|
f := dnsfilter.New(&c, filters)
|
||||||
|
s := NewServer(f, nil, nil)
|
||||||
|
conf := ServerConfig{}
|
||||||
|
conf.UDPListenAddr = &net.UDPAddr{Port: 0}
|
||||||
|
conf.TCPListenAddr = &net.TCPAddr{Port: 0}
|
||||||
|
conf.ProtectionEnabled = true
|
||||||
|
conf.BlockingMode = "custom_ip"
|
||||||
|
conf.BlockingIPv4 = "bad IP"
|
||||||
|
conf.UpstreamDNS = []string{"8.8.8.8:53", "8.8.4.4:53"}
|
||||||
|
err := s.Prepare(&conf)
|
||||||
|
assert.True(t, err != nil) // invalid BlockingIPv4
|
||||||
|
|
||||||
|
conf.BlockingIPv4 = "0.0.0.1"
|
||||||
|
conf.BlockingIPv6 = "::1"
|
||||||
|
err = s.Prepare(&conf)
|
||||||
|
assert.True(t, err == nil)
|
||||||
|
err = s.Start()
|
||||||
|
assert.True(t, err == nil, "%s", err)
|
||||||
|
|
||||||
|
addr := s.dnsProxy.Addr(proxy.ProtoUDP)
|
||||||
|
|
||||||
|
req := createTestMessageWithType("null.example.org.", dns.TypeA)
|
||||||
|
reply, err := dns.Exchange(req, addr.String())
|
||||||
|
assert.True(t, err == nil)
|
||||||
|
assert.True(t, len(reply.Answer) == 1)
|
||||||
|
a, ok := reply.Answer[0].(*dns.A)
|
||||||
|
assert.True(t, ok)
|
||||||
|
assert.True(t, a.A.String() == "0.0.0.1")
|
||||||
|
|
||||||
|
req = createTestMessageWithType("null.example.org.", dns.TypeAAAA)
|
||||||
|
reply, err = dns.Exchange(req, addr.String())
|
||||||
|
assert.True(t, err == nil)
|
||||||
|
assert.True(t, len(reply.Answer) == 1)
|
||||||
|
a6, ok := reply.Answer[0].(*dns.AAAA)
|
||||||
|
assert.True(t, ok)
|
||||||
|
assert.True(t, a6.AAAA.String() == "::1")
|
||||||
|
|
||||||
|
err = s.Stop()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("DNS server failed to stop: %s", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestBlockedByHosts(t *testing.T) {
|
func TestBlockedByHosts(t *testing.T) {
|
||||||
s := createTestServer(t)
|
s := createTestServer(t)
|
||||||
err := s.Start()
|
err := s.Start()
|
||||||
|
@ -652,6 +701,16 @@ func createTestMessage(host string) *dns.Msg {
|
||||||
return &req
|
return &req
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func createTestMessageWithType(host string, qtype uint16) *dns.Msg {
|
||||||
|
req := dns.Msg{}
|
||||||
|
req.Id = dns.Id()
|
||||||
|
req.RecursionDesired = true
|
||||||
|
req.Question = []dns.Question{
|
||||||
|
{Name: host, Qtype: qtype, Qclass: dns.ClassINET},
|
||||||
|
}
|
||||||
|
return &req
|
||||||
|
}
|
||||||
|
|
||||||
func assertGoogleAResponse(t *testing.T, reply *dns.Msg) {
|
func assertGoogleAResponse(t *testing.T, reply *dns.Msg) {
|
||||||
assertResponse(t, reply, "8.8.8.8")
|
assertResponse(t, reply, "8.8.8.8")
|
||||||
}
|
}
|
||||||
|
|
|
@ -70,6 +70,9 @@ func initDNSServer() error {
|
||||||
|
|
||||||
sessFilename := filepath.Join(baseDir, "sessions.db")
|
sessFilename := filepath.Join(baseDir, "sessions.db")
|
||||||
config.auth = InitAuth(sessFilename, config.Users, config.WebSessionTTLHours*60*60)
|
config.auth = InitAuth(sessFilename, config.Users, config.WebSessionTTLHours*60*60)
|
||||||
|
if config.auth == nil {
|
||||||
|
return fmt.Errorf("Couldn't initialize Auth module")
|
||||||
|
}
|
||||||
config.Users = nil
|
config.Users = nil
|
||||||
|
|
||||||
Context.rdns = InitRDNS(Context.dnsServer, &Context.clients)
|
Context.rdns = InitRDNS(Context.dnsServer, &Context.clients)
|
||||||
|
@ -254,6 +257,10 @@ func reconfigureDNSServer() error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func stopDNSServer() error {
|
func stopDNSServer() error {
|
||||||
|
if !isRunning() {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
err := Context.dnsServer.Stop()
|
err := Context.dnsServer.Stop()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return errorx.Decorate(err, "Couldn't stop forwarding DNS server")
|
return errorx.Decorate(err, "Couldn't stop forwarding DNS server")
|
||||||
|
|
Loading…
Reference in New Issue