From 9c1dc6d3738c193f09ab1f67d069b19ab50cd81a Mon Sep 17 00:00:00 2001 From: Eugene Bujak Date: Mon, 10 Sep 2018 17:46:42 +0300 Subject: [PATCH 1/3] Makefile -- Fix cross-compilation --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index ba4df120..8f3e1cbb 100644 --- a/Makefile +++ b/Makefile @@ -24,13 +24,13 @@ AdguardDNS: $(STATIC) *.go coredns: coredns_plugin/*.go dnsfilter/*.go echo mkfile_dir = $(mkfile_dir) go get -v -d github.com/coredns/coredns + cd $(GOPATH)/src/github.com/prometheus/client_golang && git checkout -q v0.8.0 cd $(GOPATH)/src/github.com/coredns/coredns && perl -p -i.bak -e 's/^(trace|route53|federation|kubernetes|etcd):.*//' plugin.cfg cd $(GOPATH)/src/github.com/coredns/coredns && grep -q '^dnsfilter:' plugin.cfg || perl -p -i.bak -e 's|^log:log|log:log\ndnsfilter:github.com/AdguardTeam/AdguardDNS/coredns_plugin|' plugin.cfg grep '^dnsfilter:' $(GOPATH)/src/github.com/coredns/coredns/plugin.cfg ## used to check that plugin.cfg was successfully edited by sed cd $(GOPATH)/src/github.com/coredns/coredns && GOOS=$(NATIVE_GOOS) GOARCH=$(NATIVE_GOARCH) go generate cd $(GOPATH)/src/github.com/coredns/coredns && go get -v -d . - cd $(GOPATH)/src/github.com/coredns/coredns && make - cd $(GOPATH)/src/github.com/coredns/coredns && mv coredns $(mkfile_dir)/coredns + cd $(GOPATH)/src/github.com/coredns/coredns && go build -o $(mkfile_dir)/coredns clean: rm -vf coredns AdguardDNS From c1e16cc5842463bcac21e3fd4e4404cb3ca9a090 Mon Sep 17 00:00:00 2001 From: Eugene Bujak Date: Mon, 10 Sep 2018 20:42:56 +0300 Subject: [PATCH 2/3] Add support for serving /etc/hosts --- config.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/config.go b/config.go index f0923601..3be34373 100644 --- a/config.go +++ b/config.go @@ -165,6 +165,9 @@ const coreDNSConfigTemplate = `. { {{if .QueryLogEnabled}}querylog{{end}} }{{end}} {{.Pprof}} + hosts { + fallthrough + } {{if .UpstreamDNS}}forward . {{range .UpstreamDNS}}{{.}} {{end}}{{end}} {{.Cache}} {{.Prometheus}} From d49e3769a105f4dee639b9dec1112b123b7a23aa Mon Sep 17 00:00:00 2001 From: Eugene Bujak Date: Mon, 10 Sep 2018 20:34:42 +0300 Subject: [PATCH 3/3] dnsfilter -- do not check lookup hosts against themselves to avoid recursion --- dnsfilter/dnsfilter.go | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/dnsfilter/dnsfilter.go b/dnsfilter/dnsfilter.go index b9305948..90db03b7 100644 --- a/dnsfilter/dnsfilter.go +++ b/dnsfilter/dnsfilter.go @@ -28,7 +28,8 @@ const defaultHTTPMaxIdleConnections = 100 const defaultSafebrowsingServer = "sb.adtidy.org" const defaultSafebrowsingURL = "http://%s/safebrowsing-lookup-hash.html?prefixes=%s" -const defaultParentalURL = "http://pctrl.adguard.com/check-parental-control-hash?prefixes=%s&sensitivity=%d" +const defaultParentalServer = "pctrl.adguard.com" +const defaultParentalURL = "http://%s/check-parental-control-hash?prefixes=%s&sensitivity=%d" var ErrInvalidSyntax = errors.New("dnsfilter: invalid rule syntax") var ErrInvalidParental = errors.New("dnsfilter: invalid parental sensitivity, must be either 3, 10, 13 or 17") @@ -43,6 +44,7 @@ type Config struct { safeBrowsingEnabled bool safeBrowsingServer string parentalEnabled bool + parentalServer string parentalSensitivity int // must be either 3, 10, 13 or 17 } @@ -140,6 +142,7 @@ func (d *Dnsfilter) CheckHost(host string) (Result, error) { if host == "" { return Result{Reason: FilteredInvalid}, nil } + host = strings.ToLower(host) // try filter lists first result, err := d.matchHost(host) @@ -487,6 +490,10 @@ func hostnameToHashParam(host string, addslash bool) (string, map[string]bool) { } func (d *Dnsfilter) checkSafeBrowsing(host string) (Result, error) { + // prevent recursion -- checking the host of safebrowsing server makes no sense + if host == d.config.safeBrowsingServer { + return Result{}, nil + } format := func(hashparam string) string { url := fmt.Sprintf(defaultSafebrowsingURL, d.config.safeBrowsingServer, hashparam) return url @@ -521,8 +528,12 @@ func (d *Dnsfilter) checkSafeBrowsing(host string) (Result, error) { } func (d *Dnsfilter) checkParental(host string) (Result, error) { + // prevent recursion -- checking the host of parental safety server makes no sense + if host == d.config.parentalServer { + return Result{}, nil + } format := func(hashparam string) string { - url := fmt.Sprintf(defaultParentalURL, hashparam, d.config.parentalSensitivity) + url := fmt.Sprintf(defaultParentalURL, d.config.parentalServer, hashparam, d.config.parentalSensitivity) return url } handleBody := func(body []byte, hashes map[string]bool) (Result, error) { @@ -723,6 +734,8 @@ func New() *Dnsfilter { Timeout: defaultHTTPTimeout, } d.config.safeBrowsingServer = defaultSafebrowsingServer + d.config.parentalServer = defaultParentalServer + return d }