From 4b9ab972719bee2f3051f40cef025f8bb43e69b3 Mon Sep 17 00:00:00 2001 From: Simon Zolin Date: Fri, 24 Jul 2020 13:18:05 +0300 Subject: [PATCH 1/2] - rewrites: return NOERROR without A records instead of NXDOMAIN For rule "host -> ipv6" we return "ipv6" address for AAAA request and empty answer for A request --- dnsforward/filter.go | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/dnsforward/filter.go b/dnsforward/filter.go index 1591d74f..068c5112 100644 --- a/dnsforward/filter.go +++ b/dnsforward/filter.go @@ -54,8 +54,12 @@ func (s *Server) filterDNSRequest(ctx *dnsContext) (*dnsfilter.Result, error) { // log.Tracef("Host %s is filtered, reason - '%s', matched rule: '%s'", host, res.Reason, res.Rule) d.Res = s.genDNSFilterMessage(d, &res) - } else if (res.Reason == dnsfilter.ReasonRewrite || res.Reason == dnsfilter.RewriteEtcHosts) && - len(res.IPList) != 0 { + } else if res.Reason == dnsfilter.ReasonRewrite && len(res.CanonName) != 0 && len(res.IPList) == 0 { + ctx.origQuestion = d.Req.Question[0] + // resolve canonical name, not the original host name + d.Req.Question[0].Name = dns.Fqdn(res.CanonName) + + } else if res.Reason == dnsfilter.ReasonRewrite || res.Reason == dnsfilter.RewriteEtcHosts { resp := s.makeResponse(req) name := host @@ -78,11 +82,6 @@ func (s *Server) filterDNSRequest(ctx *dnsContext) (*dnsfilter.Result, error) { d.Res = resp - } else if res.Reason == dnsfilter.ReasonRewrite && len(res.CanonName) != 0 { - ctx.origQuestion = d.Req.Question[0] - // resolve canonical name, not the original host name - d.Req.Question[0].Name = dns.Fqdn(res.CanonName) - } else if res.Reason == dnsfilter.RewriteEtcHosts && len(res.ReverseHost) != 0 { resp := s.makeResponse(req) From ad4e85d8f50e1e905329f687c2748d28449d39c4 Mon Sep 17 00:00:00 2001 From: Simon Zolin Date: Fri, 24 Jul 2020 13:27:14 +0300 Subject: [PATCH 2/2] add test --- dnsforward/dnsforward_test.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/dnsforward/dnsforward_test.go b/dnsforward/dnsforward_test.go index 773769ee..0ca5549e 100644 --- a/dnsforward/dnsforward_test.go +++ b/dnsforward/dnsforward_test.go @@ -670,6 +670,11 @@ func TestRewrite(t *testing.T) { assert.True(t, ok) assert.Equal(t, "1.2.3.4", a.A.String()) + req = createTestMessageWithType("test.com.", dns.TypeAAAA) + reply, err = dns.Exchange(req, addr.String()) + assert.Nil(t, err) + assert.Equal(t, 0, len(reply.Answer)) + req = createTestMessageWithType("alias.test.com.", dns.TypeA) reply, err = dns.Exchange(req, addr.String()) assert.Nil(t, err)