a
/
badguardhome
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* (dnsfilter): minor refactoring, comments

This commit is contained in:
Andrey Meshkov 2020-09-11 15:52:46 +03:00
parent a22db5f358
commit 625f1dffe1
1 changed files with 22 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
dnsfilter/dnsfilter.go
View File

@ -316,11 +316,14 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
var result Result var result Result
var err error var err error
// first - check rewrites, they have the highest priority
result = d.processRewrites(host, qtype) result = d.processRewrites(host, qtype)
if result.Reason == ReasonRewrite { if result.Reason == ReasonRewrite {
return result, nil return result, nil
} }
// Now check the hosts file -- do we have any rules for it?
// just like DNS rewrites, it has higher priority than filtering rules.
if d.Config.AutoHosts != nil { if d.Config.AutoHosts != nil {
ips := d.Config.AutoHosts.Process(host, qtype) ips := d.Config.AutoHosts.Process(host, qtype)
if ips != nil { if ips != nil {
@ -337,7 +340,9 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
} }
} }
// try filter lists first // Then check the filter lists.
// if request is blocked -- it should be blocked.
// if it is whitelisted -- we should do nothing with it anymore.
if setts.FilteringEnabled { if setts.FilteringEnabled {
result, err = d.matchHost(host, qtype, *setts) result, err = d.matchHost(host, qtype, *setts)
if err != nil { if err != nil {
@ -348,6 +353,7 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
} }
} }
// are there any blocked services?
if len(setts.ServicesRules) != 0 { if len(setts.ServicesRules) != 0 {
result = matchBlockedServicesRules(host, setts.ServicesRules) result = matchBlockedServicesRules(host, setts.ServicesRules)
if result.Reason.Matched() { if result.Reason.Matched() {
@ -355,18 +361,7 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
} }
} }
if setts.SafeSearchEnabled { // browsing security web service
result, err = d.checkSafeSearch(host)
if err != nil {
log.Info("SafeSearch: failed: %v", err)
return Result{}, nil
}
if result.Reason.Matched() {
return result, nil
}
}
if setts.SafeBrowsingEnabled { if setts.SafeBrowsingEnabled {
result, err = d.checkSafeBrowsing(host) result, err = d.checkSafeBrowsing(host)
if err != nil { if err != nil {
@ -378,6 +373,7 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
} }
} }
// parental control web service
if setts.ParentalEnabled { if setts.ParentalEnabled {
result, err = d.checkParental(host) result, err = d.checkParental(host)
if err != nil { if err != nil {
@ -389,6 +385,19 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
} }
} }
// apply safe search if needed
if setts.SafeSearchEnabled {
result, err = d.checkSafeSearch(host)
if err != nil {
log.Info("SafeSearch: failed: %v", err)
return Result{}, nil
}
if result.Reason.Matched() {
return result, nil
}
}
return Result{}, nil return Result{}, nil
} }