From 5b9a5fff9704bbf1e9c3950928790e9c3a7faf07 Mon Sep 17 00:00:00 2001 From: Eugene Bujak Date: Fri, 5 Oct 2018 07:25:44 +0300 Subject: [PATCH 1/2] Makefile -- update pprof plugin to survive coredns reloads --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index 454365a9..e2ba977f 100644 --- a/Makefile +++ b/Makefile @@ -32,6 +32,8 @@ coredns: coredns_plugin/*.go dnsfilter/*.go cd $(GOPATH)/src/github.com/coredns/coredns && perl -p -i.bak -e 's/^(trace|route53|federation|kubernetes|etcd):.*//' plugin.cfg cd $(GOPATH)/src/github.com/coredns/coredns && grep -q '^dnsfilter:' plugin.cfg || perl -p -i.bak -e 's|^log:log|log:log\ndnsfilter:github.com/AdguardTeam/AdguardDNS/coredns_plugin|' plugin.cfg grep '^dnsfilter:' $(GOPATH)/src/github.com/coredns/coredns/plugin.cfg ## used to check that plugin.cfg was successfully edited by sed + perl -0777 -p -i.bak -e 's/pprofOnce.Do\(func\(\) {(.*)}\)/\1/ms' $(GOPATH)/src/github.com/coredns/coredns/plugin/pprof/setup.go + perl -0777 -p -i.bak -e 's/c.OnShutdown/c.OnRestart/' $(GOPATH)/src/github.com/coredns/coredns/plugin/pprof/setup.go cd $(GOPATH)/src/github.com/coredns/coredns && GOPATH=$(GOPATH) GOOS=$(NATIVE_GOOS) GOARCH=$(NATIVE_GOARCH) go generate cd $(GOPATH)/src/github.com/coredns/coredns && GOPATH=$(GOPATH) go get -v -d . cd $(GOPATH)/src/github.com/coredns/coredns && GOPATH=$(GOPATH) go build -o $(mkfile_dir)/coredns From 3a7a80f15f0180836077b4f63e504a659133adbb Mon Sep 17 00:00:00 2001 From: Eugene Bujak Date: Fri, 5 Oct 2018 07:31:56 +0300 Subject: [PATCH 2/2] coredns plugin -- fix SHOULD NOT HAPPEN spam when incoming request is for root servers --- coredns_plugin/coredns_plugin.go | 11 +++++++++-- dnsfilter/dnsfilter.go | 4 ++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/coredns_plugin/coredns_plugin.go b/coredns_plugin/coredns_plugin.go index 0c321a4e..8af7601e 100644 --- a/coredns_plugin/coredns_plugin.go +++ b/coredns_plugin/coredns_plugin.go @@ -446,8 +446,15 @@ func (p *plug) serveDNSInternal(ctx context.Context, w dns.ResponseWriter, r *dn return rcode, dnsfilter.Result{}, err } return rcode, result, err + case dnsfilter.FilteredInvalid: + // return NXdomain + rcode, err := p.writeNXdomain(ctx, w, r) + if err != nil { + return rcode, dnsfilter.Result{}, err + } + return rcode, result, err default: - log.Printf("SHOULD NOT HAPPEN -- got unknown reason for filtering: %T %v %s", result.Reason, result.Reason, result.Reason.String()) + log.Printf("SHOULD NOT HAPPEN -- got unknown reason for filtering host \"%s\": %v, %+v", host, result.Reason, result) } } else { switch result.Reason { @@ -457,7 +464,7 @@ func (p *plug) serveDNSInternal(ctx context.Context, w dns.ResponseWriter, r *dn case dnsfilter.NotFilteredNotFound: // do nothing, pass through to lower code default: - log.Printf("SHOULD NOT HAPPEN -- got unknown reason for not filtering: %T %v %s", result.Reason, result.Reason, result.Reason.String()) + log.Printf("SHOULD NOT HAPPEN -- got unknown reason for not filtering host \"%s\": %v, %+v", host, result.Reason, result) } } } diff --git a/dnsfilter/dnsfilter.go b/dnsfilter/dnsfilter.go index 41ca687e..3060b297 100644 --- a/dnsfilter/dnsfilter.go +++ b/dnsfilter/dnsfilter.go @@ -148,9 +148,9 @@ func (r Reason) Matched() bool { // CheckHost tries to match host against rules, then safebrowsing and parental if they are enabled func (d *Dnsfilter) CheckHost(host string) (Result, error) { - // sometimes DNS clients will try to resolve ".", which in turns transforms into "" when it reaches here + // sometimes DNS clients will try to resolve ".", which is a request to get root servers if host == "" { - return Result{Reason: FilteredInvalid}, nil + return Result{Reason: NotFilteredNotFound}, nil } host = strings.ToLower(host)