+ rewrites: support exceptions:
*.host -> IP my.host -> my.host *.my.host -> *.my.host Requests for my.host and *.my.host will be passed to upstream servers, while all other requests for *.host will be answered with a rewritten IP
This commit is contained in:
parent
383507bc0c
commit
118b170210
|
@ -390,6 +390,7 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
|
||||||
|
|
||||||
// Process rewrites table
|
// Process rewrites table
|
||||||
// . Find CNAME for a domain name (exact match or by wildcard)
|
// . Find CNAME for a domain name (exact match or by wildcard)
|
||||||
|
// . if found and CNAME equals to domain name - this is an exception; exit
|
||||||
// . if found, set domain name to canonical name
|
// . if found, set domain name to canonical name
|
||||||
// . repeat for the new domain name (Note: we return only the last CNAME)
|
// . repeat for the new domain name (Note: we return only the last CNAME)
|
||||||
// . Find A or AAAA record for a domain name (exact match or by wildcard)
|
// . Find A or AAAA record for a domain name (exact match or by wildcard)
|
||||||
|
@ -409,6 +410,12 @@ func (d *Dnsfilter) processRewrites(host string) Result {
|
||||||
origHost := host
|
origHost := host
|
||||||
for len(rr) != 0 && rr[0].Type == dns.TypeCNAME {
|
for len(rr) != 0 && rr[0].Type == dns.TypeCNAME {
|
||||||
log.Debug("Rewrite: CNAME for %s is %s", host, rr[0].Answer)
|
log.Debug("Rewrite: CNAME for %s is %s", host, rr[0].Answer)
|
||||||
|
|
||||||
|
if host == rr[0].Answer { // "host == CNAME" is an exception
|
||||||
|
res.Reason = 0
|
||||||
|
return res
|
||||||
|
}
|
||||||
|
|
||||||
host = rr[0].Answer
|
host = rr[0].Answer
|
||||||
_, ok := cnames[host]
|
_, ok := cnames[host]
|
||||||
if ok {
|
if ok {
|
||||||
|
|
|
@ -43,14 +43,14 @@ func (a rewritesArray) Len() int { return len(a) }
|
||||||
func (a rewritesArray) Swap(i, j int) { a[i], a[j] = a[j], a[i] }
|
func (a rewritesArray) Swap(i, j int) { a[i], a[j] = a[j], a[i] }
|
||||||
|
|
||||||
// Priority:
|
// Priority:
|
||||||
// . CNAME > A/AAAA;
|
// . CNAME < A/AAAA;
|
||||||
// . exact > wildcard;
|
// . exact < wildcard;
|
||||||
// . higher level wildcard > lower level wildcard
|
// . higher level wildcard < lower level wildcard
|
||||||
func (a rewritesArray) Less(i, j int) bool {
|
func (a rewritesArray) Less(i, j int) bool {
|
||||||
if a[i].Type == dns.TypeCNAME && a[j].Type != dns.TypeCNAME {
|
if a[i].Type == dns.TypeCNAME && a[j].Type != dns.TypeCNAME {
|
||||||
return false
|
|
||||||
} else if a[i].Type != dns.TypeCNAME && a[j].Type == dns.TypeCNAME {
|
|
||||||
return true
|
return true
|
||||||
|
} else if a[i].Type != dns.TypeCNAME && a[j].Type == dns.TypeCNAME {
|
||||||
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
if isWildcard(a[i].Domain) {
|
if isWildcard(a[i].Domain) {
|
||||||
|
|
|
@ -125,3 +125,43 @@ func TestRewritesLevels(t *testing.T) {
|
||||||
assert.Equal(t, 1, len(r.IPList))
|
assert.Equal(t, 1, len(r.IPList))
|
||||||
assert.Equal(t, "3.3.3.3", r.IPList[0].String())
|
assert.Equal(t, "3.3.3.3", r.IPList[0].String())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestRewritesException(t *testing.T) {
|
||||||
|
d := Dnsfilter{}
|
||||||
|
// wildcard; exception for a sub-domain
|
||||||
|
d.Rewrites = []RewriteEntry{
|
||||||
|
RewriteEntry{"*.host.com", "2.2.2.2", 0, nil},
|
||||||
|
RewriteEntry{"sub.host.com", "sub.host.com", 0, nil},
|
||||||
|
}
|
||||||
|
d.prepareRewrites()
|
||||||
|
|
||||||
|
// match sub-domain
|
||||||
|
r := d.processRewrites("my.host.com")
|
||||||
|
assert.Equal(t, ReasonRewrite, r.Reason)
|
||||||
|
assert.Equal(t, 1, len(r.IPList))
|
||||||
|
assert.Equal(t, "2.2.2.2", r.IPList[0].String())
|
||||||
|
|
||||||
|
// match sub-domain, but handle exception
|
||||||
|
r = d.processRewrites("sub.host.com")
|
||||||
|
assert.Equal(t, NotFilteredNotFound, r.Reason)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRewritesExceptionWC(t *testing.T) {
|
||||||
|
d := Dnsfilter{}
|
||||||
|
// wildcard; exception for a sub-wildcard
|
||||||
|
d.Rewrites = []RewriteEntry{
|
||||||
|
RewriteEntry{"*.host.com", "2.2.2.2", 0, nil},
|
||||||
|
RewriteEntry{"*.sub.host.com", "*.sub.host.com", 0, nil},
|
||||||
|
}
|
||||||
|
d.prepareRewrites()
|
||||||
|
|
||||||
|
// match sub-domain
|
||||||
|
r := d.processRewrites("my.host.com")
|
||||||
|
assert.Equal(t, ReasonRewrite, r.Reason)
|
||||||
|
assert.Equal(t, 1, len(r.IPList))
|
||||||
|
assert.Equal(t, "2.2.2.2", r.IPList[0].String())
|
||||||
|
|
||||||
|
// match sub-domain, but handle exception
|
||||||
|
r = d.processRewrites("my.sub.host.com")
|
||||||
|
assert.Equal(t, NotFilteredNotFound, r.Reason)
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue