+ DNS Rewrites: support wildcard domain name
This commit is contained in:
parent
28096d6966
commit
8685584bf5
|
@ -916,6 +916,8 @@ Response:
|
||||||
...
|
...
|
||||||
]
|
]
|
||||||
|
|
||||||
|
`domain` can be an exact host name (`www.host.com`) or a wildcard (`*.host.com`).
|
||||||
|
|
||||||
|
|
||||||
### API: Add a rewrite entry
|
### API: Add a rewrite entry
|
||||||
|
|
||||||
|
|
|
@ -334,6 +334,13 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
|
||||||
return Result{}, nil
|
return Result{}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Return TRUE of host name matches a wildcard pattern
|
||||||
|
func matchDomainWildcard(host, wildcard string) bool {
|
||||||
|
return len(wildcard) >= 2 &&
|
||||||
|
wildcard[0] == '*' && wildcard[1] == '.' &&
|
||||||
|
strings.HasSuffix(host, wildcard[1:])
|
||||||
|
}
|
||||||
|
|
||||||
// Process rewrites table
|
// Process rewrites table
|
||||||
// . Find CNAME for a domain name
|
// . Find CNAME for a domain name
|
||||||
// . if found, set domain name to canonical name
|
// . if found, set domain name to canonical name
|
||||||
|
@ -347,7 +354,9 @@ func (d *Dnsfilter) processRewrites(host string, qtype uint16) Result {
|
||||||
|
|
||||||
for _, r := range d.Rewrites {
|
for _, r := range d.Rewrites {
|
||||||
if r.Domain != host {
|
if r.Domain != host {
|
||||||
continue
|
if !matchDomainWildcard(host, r.Domain) {
|
||||||
|
continue
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ip := net.ParseIP(r.Answer)
|
ip := net.ParseIP(r.Answer)
|
||||||
|
@ -362,7 +371,9 @@ func (d *Dnsfilter) processRewrites(host string, qtype uint16) Result {
|
||||||
|
|
||||||
for _, r := range d.Rewrites {
|
for _, r := range d.Rewrites {
|
||||||
if r.Domain != host {
|
if r.Domain != host {
|
||||||
continue
|
if !matchDomainWildcard(host, r.Domain) {
|
||||||
|
continue
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ip := net.ParseIP(r.Answer)
|
ip := net.ParseIP(r.Answer)
|
||||||
|
|
|
@ -474,6 +474,60 @@ func TestClientSettings(t *testing.T) {
|
||||||
assert.True(t, r.IsFiltered && r.Reason == FilteredBlockedService)
|
assert.True(t, r.IsFiltered && r.Reason == FilteredBlockedService)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestRewrites(t *testing.T) {
|
||||||
|
d := Dnsfilter{}
|
||||||
|
// CNAME, A, AAAA
|
||||||
|
d.Rewrites = []RewriteEntry{
|
||||||
|
RewriteEntry{"somecname", "somehost.com"},
|
||||||
|
RewriteEntry{"somehost.com", "0.0.0.0"},
|
||||||
|
|
||||||
|
RewriteEntry{"host.com", "1.2.3.4"},
|
||||||
|
RewriteEntry{"host.com", "1.2.3.5"},
|
||||||
|
RewriteEntry{"host.com", "1:2:3::4"},
|
||||||
|
RewriteEntry{"www.host.com", "host.com"},
|
||||||
|
}
|
||||||
|
r := d.processRewrites("host2.com", dns.TypeA)
|
||||||
|
assert.Equal(t, NotFilteredNotFound, r.Reason)
|
||||||
|
|
||||||
|
r = d.processRewrites("www.host.com", dns.TypeA)
|
||||||
|
assert.Equal(t, ReasonRewrite, r.Reason)
|
||||||
|
assert.Equal(t, "host.com", r.CanonName)
|
||||||
|
assert.True(t, len(r.IPList) == 2)
|
||||||
|
assert.True(t, r.IPList[0].Equal(net.ParseIP("1.2.3.4")))
|
||||||
|
assert.True(t, r.IPList[1].Equal(net.ParseIP("1.2.3.5")))
|
||||||
|
|
||||||
|
r = d.processRewrites("www.host.com", dns.TypeAAAA)
|
||||||
|
assert.Equal(t, ReasonRewrite, r.Reason)
|
||||||
|
assert.True(t, len(r.IPList) == 1)
|
||||||
|
assert.True(t, r.IPList[0].Equal(net.ParseIP("1:2:3::4")))
|
||||||
|
|
||||||
|
// wildcard
|
||||||
|
d.Rewrites = []RewriteEntry{
|
||||||
|
RewriteEntry{"*.host.com", "1.2.3.5"},
|
||||||
|
RewriteEntry{"host.com", "1.2.3.4"},
|
||||||
|
}
|
||||||
|
r = d.processRewrites("host.com", dns.TypeA)
|
||||||
|
assert.Equal(t, ReasonRewrite, r.Reason)
|
||||||
|
assert.True(t, r.IPList[0].Equal(net.ParseIP("1.2.3.4")))
|
||||||
|
|
||||||
|
r = d.processRewrites("www.host.com", dns.TypeA)
|
||||||
|
assert.Equal(t, ReasonRewrite, r.Reason)
|
||||||
|
assert.True(t, r.IPList[0].Equal(net.ParseIP("1.2.3.5")))
|
||||||
|
|
||||||
|
r = d.processRewrites("www.host2.com", dns.TypeA)
|
||||||
|
assert.Equal(t, NotFilteredNotFound, r.Reason)
|
||||||
|
|
||||||
|
// wildcard + CNAME
|
||||||
|
d.Rewrites = []RewriteEntry{
|
||||||
|
RewriteEntry{"*.host.com", "host.com"},
|
||||||
|
RewriteEntry{"host.com", "1.2.3.4"},
|
||||||
|
}
|
||||||
|
r = d.processRewrites("www.host.com", dns.TypeA)
|
||||||
|
assert.Equal(t, ReasonRewrite, r.Reason)
|
||||||
|
assert.Equal(t, "host.com", r.CanonName)
|
||||||
|
assert.True(t, r.IPList[0].Equal(net.ParseIP("1.2.3.4")))
|
||||||
|
}
|
||||||
|
|
||||||
// BENCHMARKS
|
// BENCHMARKS
|
||||||
|
|
||||||
func BenchmarkSafeBrowsing(b *testing.B) {
|
func BenchmarkSafeBrowsing(b *testing.B) {
|
||||||
|
|
Loading…
Reference in New Issue