diff --git a/config.go b/config.go index 2db48d38..829cec37 100644 --- a/config.go +++ b/config.go @@ -68,6 +68,8 @@ type coreDNSConfig struct { ParentalSensitivity int `yaml:"parental_sensitivity"` BlockedResponseTTL int `yaml:"blocked_response_ttl"` QueryLogEnabled bool `yaml:"querylog_enabled"` + Ratelimit int `yaml:"-"` + RefuseAny bool `yaml:"-"` Pprof string `yaml:"-"` Cache string `yaml:"-"` Prometheus string `yaml:"-"` @@ -102,6 +104,8 @@ var config = configuration{ SafeBrowsingEnabled: false, BlockedResponseTTL: 10, // in seconds QueryLogEnabled: true, + Ratelimit: 20, + RefuseAny: true, BootstrapDNS: "8.8.8.8:53", UpstreamDNS: defaultDNS, Cache: "cache", @@ -253,7 +257,8 @@ const coreDNSConfigTemplate = `.:{{.Port}} { {{end}} }{{end}} {{.Pprof}} - ratelimit + {{if .RefuseAny}}refuseany{{end}} + {{if gt .Ratelimit 0}}ratelimit {{.Ratelimit}}{{end}} hosts { fallthrough } diff --git a/coredns.go b/coredns.go index 45854056..376e6210 100644 --- a/coredns.go +++ b/coredns.go @@ -9,6 +9,7 @@ import ( _ "github.com/AdguardTeam/AdGuardHome/coredns_plugin" _ "github.com/AdguardTeam/AdGuardHome/coredns_plugin/ratelimit" + _ "github.com/AdguardTeam/AdGuardHome/coredns_plugin/refuseany" _ "github.com/AdguardTeam/AdGuardHome/upstream" "github.com/coredns/coredns/core/dnsserver" "github.com/coredns/coredns/coremain" @@ -65,6 +66,7 @@ var directives = []string{ "prometheus", "errors", "log", + "refuseany", "ratelimit", "dnsfilter", "dnstap", diff --git a/coredns_plugin/refuseany/refuseany.go b/coredns_plugin/refuseany/refuseany.go index 02721cc1..92d5d508 100644 --- a/coredns_plugin/refuseany/refuseany.go +++ b/coredns_plugin/refuseany/refuseany.go @@ -27,8 +27,6 @@ func (p *plug) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) ( q := r.Question[0] if q.Qtype == dns.TypeANY { - log.Printf("Got request with type ANY, will respond with NOTIMP\n") - state := request.Request{W: w, Req: r, Context: ctx} rcode := dns.RcodeNotImplemented