+ pass client Name and IP to dnsfilter
* use urlfilter v0.11.0
This commit is contained in:
parent
49a92605b8
commit
890876cb05
|
@ -33,8 +33,12 @@ type RequestFilteringSettings struct {
|
|||
SafeSearchEnabled bool
|
||||
SafeBrowsingEnabled bool
|
||||
ParentalEnabled bool
|
||||
ClientTags []string
|
||||
ServicesRules []ServiceEntry
|
||||
|
||||
ClientName string
|
||||
ClientIP string
|
||||
ClientTags []string
|
||||
|
||||
ServicesRules []ServiceEntry
|
||||
}
|
||||
|
||||
// Config allows you to configure DNS filtering with New() or just change variables directly.
|
||||
|
@ -297,7 +301,7 @@ func (d *Dnsfilter) CheckHostRules(host string, qtype uint16, setts *RequestFilt
|
|||
return Result{}, nil
|
||||
}
|
||||
|
||||
return d.matchHost(host, qtype, setts.ClientTags)
|
||||
return d.matchHost(host, qtype, *setts)
|
||||
}
|
||||
|
||||
// CheckHost tries to match the host against filtering rules,
|
||||
|
@ -335,7 +339,7 @@ func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFiltering
|
|||
|
||||
// try filter lists first
|
||||
if setts.FilteringEnabled {
|
||||
result, err = d.matchHost(host, qtype, setts.ClientTags)
|
||||
result, err = d.matchHost(host, qtype, *setts)
|
||||
if err != nil {
|
||||
return result, err
|
||||
}
|
||||
|
@ -545,14 +549,20 @@ func (d *Dnsfilter) initFiltering(allowFilters, blockFilters []Filter) error {
|
|||
}
|
||||
|
||||
// matchHost is a low-level way to check only if hostname is filtered by rules, skipping expensive safebrowsing and parental lookups
|
||||
func (d *Dnsfilter) matchHost(host string, qtype uint16, ctags []string) (Result, error) {
|
||||
func (d *Dnsfilter) matchHost(host string, qtype uint16, setts RequestFilteringSettings) (Result, error) {
|
||||
d.engineLock.RLock()
|
||||
// Keep in mind that this lock must be held no just when calling Match()
|
||||
// but also while using the rules returned by it.
|
||||
defer d.engineLock.RUnlock()
|
||||
|
||||
ureq := urlfilter.DNSRequest{}
|
||||
ureq.Hostname = host
|
||||
ureq.ClientIP = setts.ClientIP
|
||||
ureq.ClientName = setts.ClientName
|
||||
ureq.SortedClientTags = setts.ClientTags
|
||||
|
||||
if d.filteringEngineWhite != nil {
|
||||
rr, ok := d.filteringEngineWhite.Match(host, ctags)
|
||||
rr, ok := d.filteringEngineWhite.MatchRequest(ureq)
|
||||
if ok {
|
||||
var rule rules.Rule
|
||||
if rr.NetworkRule != nil {
|
||||
|
@ -574,7 +584,7 @@ func (d *Dnsfilter) matchHost(host string, qtype uint16, ctags []string) (Result
|
|||
return Result{}, nil
|
||||
}
|
||||
|
||||
rr, ok := d.filteringEngine.Match(host, ctags)
|
||||
rr, ok := d.filteringEngine.MatchRequest(ureq)
|
||||
if !ok {
|
||||
return Result{}, nil
|
||||
}
|
||||
|
|
|
@ -122,7 +122,7 @@ func (a *accessCtx) IsBlockedIP(ip string) bool {
|
|||
// IsBlockedDomain - return TRUE if this domain should be blocked
|
||||
func (a *accessCtx) IsBlockedDomain(host string) bool {
|
||||
a.lock.Lock()
|
||||
_, ok := a.blockedHostsEngine.Match(host, nil)
|
||||
_, ok := a.blockedHostsEngine.Match(host)
|
||||
a.lock.Unlock()
|
||||
return ok
|
||||
}
|
||||
|
|
2
go.mod
2
go.mod
|
@ -5,7 +5,7 @@ go 1.14
|
|||
require (
|
||||
github.com/AdguardTeam/dnsproxy v0.29.0
|
||||
github.com/AdguardTeam/golibs v0.4.2
|
||||
github.com/AdguardTeam/urlfilter v0.10.1
|
||||
github.com/AdguardTeam/urlfilter v0.11.0
|
||||
github.com/NYTimes/gziphandler v1.1.1
|
||||
github.com/fsnotify/fsnotify v1.4.7
|
||||
github.com/gobuffalo/packr v1.30.1
|
||||
|
|
5
go.sum
5
go.sum
|
@ -5,8 +5,9 @@ github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKU
|
|||
github.com/AdguardTeam/golibs v0.4.2 h1:7M28oTZFoFwNmp8eGPb3ImmYbxGaJLyQXeIFVHjME0o=
|
||||
github.com/AdguardTeam/golibs v0.4.2/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
|
||||
github.com/AdguardTeam/gomitmproxy v0.2.0/go.mod h1:Qdv0Mktnzer5zpdpi5rAwixNJzW2FN91LjKJCkVbYGU=
|
||||
github.com/AdguardTeam/urlfilter v0.10.1 h1:ECago6OvZjOTKlOqxU39C+V/ecAslaCDYcf5s+/hwaY=
|
||||
github.com/AdguardTeam/urlfilter v0.10.1/go.mod h1:aMuejlNxpWppOVjiEV87X6z0eMf7wsXHTAIWQuylfZY=
|
||||
github.com/AdguardTeam/urlfilter v0.11.0 h1:tgZss6uZs1UZAaxpovD/QuX+VVIQLDOlKc7rdF8dwNw=
|
||||
github.com/AdguardTeam/urlfilter v0.11.0/go.mod h1:aMuejlNxpWppOVjiEV87X6z0eMf7wsXHTAIWQuylfZY=
|
||||
github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I=
|
||||
github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c=
|
||||
|
|
|
@ -235,6 +235,7 @@ func applyAdditionalFiltering(clientAddr string, setts *dnsfilter.RequestFilteri
|
|||
if len(clientAddr) == 0 {
|
||||
return
|
||||
}
|
||||
setts.ClientIP = clientAddr
|
||||
|
||||
c, ok := Context.clients.Find(clientAddr)
|
||||
if !ok {
|
||||
|
@ -247,6 +248,7 @@ func applyAdditionalFiltering(clientAddr string, setts *dnsfilter.RequestFilteri
|
|||
Context.dnsFilter.ApplyBlockedServices(setts, c.BlockedServices, false)
|
||||
}
|
||||
|
||||
setts.ClientName = c.Name
|
||||
setts.ClientTags = c.Tags
|
||||
|
||||
if !c.UseOwnSettings {
|
||||
|
|
Loading…
Reference in New Issue