+ dns: add "edns_client_subnet" setting
This commit is contained in:
parent
197d07f32b
commit
19a94bf789
|
@ -822,6 +822,7 @@ Response:
|
|||
"blocking_mode": "nxdomain" | "null_ip" | "custom_ip",
|
||||
"blocking_ipv4": "1.2.3.4",
|
||||
"blocking_ipv6": "1:2:3::4",
|
||||
"edns_cs_enabled": true | false,
|
||||
}
|
||||
|
||||
|
||||
|
@ -837,6 +838,7 @@ Request:
|
|||
"blocking_mode": "nxdomain" | "null_ip" | "custom_ip",
|
||||
"blocking_ipv4": "1.2.3.4",
|
||||
"blocking_ipv6": "1:2:3::4",
|
||||
"edns_cs_enabled": true | false,
|
||||
}
|
||||
|
||||
Response:
|
||||
|
|
|
@ -112,6 +112,8 @@ type FilteringConfig struct {
|
|||
BootstrapDNS []string `yaml:"bootstrap_dns"` // a list of bootstrap DNS for DoH and DoT (plain DNS only)
|
||||
AllServers bool `yaml:"all_servers"` // if true, parallel queries to all configured upstream servers are enabled
|
||||
|
||||
EnableEDNSClientSubnet bool `yaml:"edns_client_subnet"` // Enable EDNS Client Subnet option
|
||||
|
||||
AllowedClients []string `yaml:"allowed_clients"` // IP addresses of whitelist clients
|
||||
DisallowedClients []string `yaml:"disallowed_clients"` // IP addresses of clients that should be blocked
|
||||
BlockedHosts []string `yaml:"blocked_hosts"` // hosts that should be blocked
|
||||
|
@ -229,6 +231,7 @@ func (s *Server) prepare(config *ServerConfig) error {
|
|||
BeforeRequestHandler: s.beforeRequestHandler,
|
||||
RequestHandler: s.handleDNSRequest,
|
||||
AllServers: s.conf.AllServers,
|
||||
EnableEDNSClientSubnet: s.conf.EnableEDNSClientSubnet,
|
||||
}
|
||||
|
||||
s.access = &accessCtx{}
|
||||
|
|
|
@ -27,6 +27,7 @@ type dnsConfigJSON struct {
|
|||
BlockingMode string `json:"blocking_mode"`
|
||||
BlockingIPv4 string `json:"blocking_ipv4"`
|
||||
BlockingIPv6 string `json:"blocking_ipv6"`
|
||||
EDNSCSEnabled bool `json:"edns_cs_enabled"`
|
||||
}
|
||||
|
||||
func (s *Server) handleGetConfig(w http.ResponseWriter, r *http.Request) {
|
||||
|
@ -37,6 +38,7 @@ func (s *Server) handleGetConfig(w http.ResponseWriter, r *http.Request) {
|
|||
resp.BlockingIPv4 = s.conf.BlockingIPv4
|
||||
resp.BlockingIPv6 = s.conf.BlockingIPv6
|
||||
resp.RateLimit = s.conf.Ratelimit
|
||||
resp.EDNSCSEnabled = s.conf.EnableEDNSClientSubnet
|
||||
s.RUnlock()
|
||||
|
||||
js, err := json.Marshal(resp)
|
||||
|
@ -110,6 +112,11 @@ func (s *Server) handleSetConfig(w http.ResponseWriter, r *http.Request) {
|
|||
s.conf.Ratelimit = req.RateLimit
|
||||
}
|
||||
|
||||
if js.Exists("edns_cs_enabled") {
|
||||
s.conf.EnableEDNSClientSubnet = req.EDNSCSEnabled
|
||||
restart = true
|
||||
}
|
||||
|
||||
s.Unlock()
|
||||
s.conf.ConfigModified()
|
||||
|
||||
|
|
|
@ -1082,6 +1082,8 @@ definitions:
|
|||
type: "string"
|
||||
blocking_ipv6:
|
||||
type: "string"
|
||||
edns_cs_enabled:
|
||||
type: "boolean"
|
||||
|
||||
UpstreamsConfig:
|
||||
type: "object"
|
||||
|
|
Loading…
Reference in New Issue