Merge: + Clients: use per-client DNS servers
Close #821 * commit '6684a120ac9909140e4ecbe674e09c8f24e87ac4': + client: handle upstream DNS servers for clients * openapi: add "upstreams" to Client struct + use per-client DNS servers
This commit is contained in:
commit
9fd27b9add
@ -669,6 +669,7 @@ Response:
|
|||||||
key: "value"
|
key: "value"
|
||||||
...
|
...
|
||||||
}
|
}
|
||||||
|
upstreams: ["upstream1", ...]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
auto_clients: [
|
auto_clients: [
|
||||||
@ -703,6 +704,7 @@ Request:
|
|||||||
safesearch_enabled: false
|
safesearch_enabled: false
|
||||||
use_global_blocked_services: true
|
use_global_blocked_services: true
|
||||||
blocked_services: [ "name1", ... ]
|
blocked_services: [ "name1", ... ]
|
||||||
|
upstreams: ["upstream1", ...]
|
||||||
}
|
}
|
||||||
|
|
||||||
Response:
|
Response:
|
||||||
@ -732,6 +734,7 @@ Request:
|
|||||||
safesearch_enabled: false
|
safesearch_enabled: false
|
||||||
use_global_blocked_services: true
|
use_global_blocked_services: true
|
||||||
blocked_services: [ "name1", ... ]
|
blocked_services: [ "name1", ... ]
|
||||||
|
upstreams: ["upstream1", ...]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -108,6 +108,7 @@
|
|||||||
"upstream_dns": "Upstream DNS servers",
|
"upstream_dns": "Upstream DNS servers",
|
||||||
"upstream_dns_hint": "If you keep this field empty, AdGuard Home will use <a href='https://www.quad9.net/' target='_blank'>Quad9</a> as an upstream.",
|
"upstream_dns_hint": "If you keep this field empty, AdGuard Home will use <a href='https://www.quad9.net/' target='_blank'>Quad9</a> as an upstream.",
|
||||||
"test_upstream_btn": "Test upstreams",
|
"test_upstream_btn": "Test upstreams",
|
||||||
|
"upstreams": "Upstreams",
|
||||||
"apply_btn": "Apply",
|
"apply_btn": "Apply",
|
||||||
"disabled_filtering_toast": "Disabled filtering",
|
"disabled_filtering_toast": "Disabled filtering",
|
||||||
"enabled_filtering_toast": "Enabled filtering",
|
"enabled_filtering_toast": "Enabled filtering",
|
||||||
|
@ -4,6 +4,7 @@ import { Trans, withNamespaces } from 'react-i18next';
|
|||||||
import ReactTable from 'react-table';
|
import ReactTable from 'react-table';
|
||||||
|
|
||||||
import { MODAL_TYPE } from '../../../helpers/constants';
|
import { MODAL_TYPE } from '../../../helpers/constants';
|
||||||
|
import { normalizeTextarea } from '../../../helpers/helpers';
|
||||||
import Card from '../../ui/Card';
|
import Card from '../../ui/Card';
|
||||||
import Modal from './Modal';
|
import Modal from './Modal';
|
||||||
import WrapCell from './WrapCell';
|
import WrapCell from './WrapCell';
|
||||||
@ -20,13 +21,20 @@ class ClientsTable extends Component {
|
|||||||
};
|
};
|
||||||
|
|
||||||
handleSubmit = (values) => {
|
handleSubmit = (values) => {
|
||||||
let config = values;
|
const config = values;
|
||||||
|
|
||||||
if (values && values.blocked_services) {
|
if (values) {
|
||||||
const blocked_services = Object
|
if (values.blocked_services) {
|
||||||
|
config.blocked_services = Object
|
||||||
.keys(values.blocked_services)
|
.keys(values.blocked_services)
|
||||||
.filter(service => values.blocked_services[service]);
|
.filter(service => values.blocked_services[service]);
|
||||||
config = { ...values, blocked_services };
|
}
|
||||||
|
|
||||||
|
if (values.upstreams && typeof values.upstreams === 'string') {
|
||||||
|
config.upstreams = normalizeTextarea(values.upstreams);
|
||||||
|
} else {
|
||||||
|
config.upstreams = [];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (this.props.modalType === MODAL_TYPE.EDIT) {
|
if (this.props.modalType === MODAL_TYPE.EDIT) {
|
||||||
@ -40,10 +48,10 @@ class ClientsTable extends Component {
|
|||||||
const client = clients.find(item => name === item.name);
|
const client = clients.find(item => name === item.name);
|
||||||
|
|
||||||
if (client) {
|
if (client) {
|
||||||
|
const { upstreams, whois_info, ...values } = client;
|
||||||
return {
|
return {
|
||||||
use_global_settings: true,
|
upstreams: (upstreams && upstreams.join('\n')) || '',
|
||||||
use_global_blocked_services: true,
|
...values,
|
||||||
...client,
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -143,6 +151,24 @@ class ClientsTable extends Component {
|
|||||||
);
|
);
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
Header: this.props.t('upstreams'),
|
||||||
|
accessor: 'upstreams',
|
||||||
|
minWidth: 120,
|
||||||
|
Cell: ({ value }) => {
|
||||||
|
const title = value && value.length > 0 ? (
|
||||||
|
<Trans>settings_custom</Trans>
|
||||||
|
) : (
|
||||||
|
<Trans>settings_global</Trans>
|
||||||
|
);
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div className="logs__row logs__row--overflow">
|
||||||
|
<div className="logs__text">{title}</div>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
Header: this.props.t('whois'),
|
Header: this.props.t('whois'),
|
||||||
accessor: 'whois_info',
|
accessor: 'whois_info',
|
||||||
|
@ -7,6 +7,7 @@ import flow from 'lodash/flow';
|
|||||||
|
|
||||||
import i18n from '../../../i18n';
|
import i18n from '../../../i18n';
|
||||||
import Tabs from '../../ui/Tabs';
|
import Tabs from '../../ui/Tabs';
|
||||||
|
import Examples from '../Dns/Upstream/Examples';
|
||||||
import { toggleAllServices } from '../../../helpers/helpers';
|
import { toggleAllServices } from '../../../helpers/helpers';
|
||||||
import {
|
import {
|
||||||
renderField,
|
renderField,
|
||||||
@ -223,6 +224,17 @@ let Form = (props) => {
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<div label="upstream" title={props.t('upstream_dns')}>
|
||||||
|
<Field
|
||||||
|
id="upstreams"
|
||||||
|
name="upstreams"
|
||||||
|
component="textarea"
|
||||||
|
type="text"
|
||||||
|
className="form-control form-control--textarea mb-5"
|
||||||
|
placeholder={t('upstream_dns')}
|
||||||
|
/>
|
||||||
|
<Examples />
|
||||||
|
</div>
|
||||||
</Tabs>
|
</Tabs>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@ -94,6 +94,9 @@ type FilteringConfig struct {
|
|||||||
// Filtering callback function
|
// Filtering callback function
|
||||||
FilterHandler func(clientAddr string, settings *dnsfilter.RequestFilteringSettings) `yaml:"-"`
|
FilterHandler func(clientAddr string, settings *dnsfilter.RequestFilteringSettings) `yaml:"-"`
|
||||||
|
|
||||||
|
// This callback function returns the list of upstream servers for a client specified by IP address
|
||||||
|
GetUpstreamsByClient func(clientAddr string) []string `yaml:"-"`
|
||||||
|
|
||||||
ProtectionEnabled bool `yaml:"protection_enabled"` // whether or not use any of dnsfilter features
|
ProtectionEnabled bool `yaml:"protection_enabled"` // whether or not use any of dnsfilter features
|
||||||
|
|
||||||
BlockingMode string `yaml:"blocking_mode"` // mode how to answer filtered requests
|
BlockingMode string `yaml:"blocking_mode"` // mode how to answer filtered requests
|
||||||
@ -393,6 +396,19 @@ func (s *Server) handleDNSRequest(p *proxy.Proxy, d *proxy.DNSContext) error {
|
|||||||
d.Req.Question[0].Name = dns.Fqdn(res.CanonName)
|
d.Req.Question[0].Name = dns.Fqdn(res.CanonName)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if d.Addr != nil && s.conf.GetUpstreamsByClient != nil {
|
||||||
|
clientIP, _, _ := net.SplitHostPort(d.Addr.String())
|
||||||
|
upstreams := s.conf.GetUpstreamsByClient(clientIP)
|
||||||
|
for _, us := range upstreams {
|
||||||
|
u, err := upstream.AddressToUpstream(us, upstream.Options{Timeout: 30 * time.Second})
|
||||||
|
if err != nil {
|
||||||
|
log.Error("upstream.AddressToUpstream: %s: %s", us, err)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
d.Upstreams = append(d.Upstreams, u)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// request was not filtered so let it be processed further
|
// request was not filtered so let it be processed further
|
||||||
err = p.Resolve(d)
|
err = p.Resolve(d)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -44,7 +44,7 @@ func (s *Server) handleSetUpstreamConfig(w http.ResponseWriter, r *http.Request)
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
err = validateUpstreams(req.Upstreams)
|
err = ValidateUpstreams(req.Upstreams)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpError(r, w, http.StatusBadRequest, "wrong upstreams specification: %s", err)
|
httpError(r, w, http.StatusBadRequest, "wrong upstreams specification: %s", err)
|
||||||
return
|
return
|
||||||
@ -78,8 +78,8 @@ func (s *Server) handleSetUpstreamConfig(w http.ResponseWriter, r *http.Request)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// validateUpstreams validates each upstream and returns an error if any upstream is invalid or if there are no default upstreams specified
|
// ValidateUpstreams validates each upstream and returns an error if any upstream is invalid or if there are no default upstreams specified
|
||||||
func validateUpstreams(upstreams []string) error {
|
func ValidateUpstreams(upstreams []string) error {
|
||||||
var defaultUpstreamFound bool
|
var defaultUpstreamFound bool
|
||||||
for _, u := range upstreams {
|
for _, u := range upstreams {
|
||||||
d, err := validateUpstream(u)
|
d, err := validateUpstream(u)
|
||||||
|
@ -762,21 +762,21 @@ func TestValidateUpstreamsSet(t *testing.T) {
|
|||||||
"[/host.com/google.com/]8.8.8.8",
|
"[/host.com/google.com/]8.8.8.8",
|
||||||
"[/host/]sdns://AQMAAAAAAAAAFDE3Ni4xMDMuMTMwLjEzMDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20",
|
"[/host/]sdns://AQMAAAAAAAAAFDE3Ni4xMDMuMTMwLjEzMDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20",
|
||||||
}
|
}
|
||||||
err := validateUpstreams(upstreamsSet)
|
err := ValidateUpstreams(upstreamsSet)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
t.Fatalf("there is no default upstream")
|
t.Fatalf("there is no default upstream")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Let's add default upstream
|
// Let's add default upstream
|
||||||
upstreamsSet = append(upstreamsSet, "8.8.8.8")
|
upstreamsSet = append(upstreamsSet, "8.8.8.8")
|
||||||
err = validateUpstreams(upstreamsSet)
|
err = ValidateUpstreams(upstreamsSet)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("upstreams set is valid, but doesn't pass through validation cause: %s", err)
|
t.Fatalf("upstreams set is valid, but doesn't pass through validation cause: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Let's add invalid upstream
|
// Let's add invalid upstream
|
||||||
upstreamsSet = append(upstreamsSet, "dhcp://fake.dns")
|
upstreamsSet = append(upstreamsSet, "dhcp://fake.dns")
|
||||||
err = validateUpstreams(upstreamsSet)
|
err = ValidateUpstreams(upstreamsSet)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
t.Fatalf("there is an invalid upstream in set, but it pass through validation")
|
t.Fatalf("there is an invalid upstream in set, but it pass through validation")
|
||||||
}
|
}
|
||||||
|
@ -13,6 +13,7 @@ import (
|
|||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/AdguardTeam/AdGuardHome/dhcpd"
|
"github.com/AdguardTeam/AdGuardHome/dhcpd"
|
||||||
|
"github.com/AdguardTeam/AdGuardHome/dnsforward"
|
||||||
"github.com/AdguardTeam/golibs/log"
|
"github.com/AdguardTeam/golibs/log"
|
||||||
"github.com/AdguardTeam/golibs/utils"
|
"github.com/AdguardTeam/golibs/utils"
|
||||||
)
|
)
|
||||||
@ -34,6 +35,8 @@ type Client struct {
|
|||||||
|
|
||||||
UseOwnBlockedServices bool // false: use global settings
|
UseOwnBlockedServices bool // false: use global settings
|
||||||
BlockedServices []string
|
BlockedServices []string
|
||||||
|
|
||||||
|
Upstreams []string // list of upstream servers to be used for the client's requests
|
||||||
}
|
}
|
||||||
|
|
||||||
type clientSource uint
|
type clientSource uint
|
||||||
@ -96,6 +99,8 @@ type clientObject struct {
|
|||||||
|
|
||||||
UseGlobalBlockedServices bool `yaml:"use_global_blocked_services"`
|
UseGlobalBlockedServices bool `yaml:"use_global_blocked_services"`
|
||||||
BlockedServices []string `yaml:"blocked_services"`
|
BlockedServices []string `yaml:"blocked_services"`
|
||||||
|
|
||||||
|
Upstreams []string `yaml:"upstreams"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (clients *clientsContainer) addFromConfig(objects []clientObject) {
|
func (clients *clientsContainer) addFromConfig(objects []clientObject) {
|
||||||
@ -111,6 +116,8 @@ func (clients *clientsContainer) addFromConfig(objects []clientObject) {
|
|||||||
|
|
||||||
UseOwnBlockedServices: !cy.UseGlobalBlockedServices,
|
UseOwnBlockedServices: !cy.UseGlobalBlockedServices,
|
||||||
BlockedServices: cy.BlockedServices,
|
BlockedServices: cy.BlockedServices,
|
||||||
|
|
||||||
|
Upstreams: cy.Upstreams,
|
||||||
}
|
}
|
||||||
_, err := clients.Add(cli)
|
_, err := clients.Add(cli)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -134,6 +141,8 @@ func (clients *clientsContainer) WriteDiskConfig(objects *[]clientObject) {
|
|||||||
|
|
||||||
UseGlobalBlockedServices: !cli.UseOwnBlockedServices,
|
UseGlobalBlockedServices: !cli.UseOwnBlockedServices,
|
||||||
BlockedServices: cli.BlockedServices,
|
BlockedServices: cli.BlockedServices,
|
||||||
|
|
||||||
|
Upstreams: cli.Upstreams,
|
||||||
}
|
}
|
||||||
*objects = append(*objects, cy)
|
*objects = append(*objects, cy)
|
||||||
}
|
}
|
||||||
@ -268,6 +277,14 @@ func (c *Client) check() error {
|
|||||||
|
|
||||||
return fmt.Errorf("Invalid ID: %s", id)
|
return fmt.Errorf("Invalid ID: %s", id)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if len(c.Upstreams) != 0 {
|
||||||
|
err := dnsforward.ValidateUpstreams(c.Upstreams)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("Invalid upstream servers: %s", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -20,6 +20,8 @@ type clientJSON struct {
|
|||||||
|
|
||||||
UseGlobalBlockedServices bool `json:"use_global_blocked_services"`
|
UseGlobalBlockedServices bool `json:"use_global_blocked_services"`
|
||||||
BlockedServices []string `json:"blocked_services"`
|
BlockedServices []string `json:"blocked_services"`
|
||||||
|
|
||||||
|
Upstreams []string `json:"upstreams"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type clientHostJSON struct {
|
type clientHostJSON struct {
|
||||||
@ -92,6 +94,8 @@ func jsonToClient(cj clientJSON) (*Client, error) {
|
|||||||
|
|
||||||
UseOwnBlockedServices: !cj.UseGlobalBlockedServices,
|
UseOwnBlockedServices: !cj.UseGlobalBlockedServices,
|
||||||
BlockedServices: cj.BlockedServices,
|
BlockedServices: cj.BlockedServices,
|
||||||
|
|
||||||
|
Upstreams: cj.Upstreams,
|
||||||
}
|
}
|
||||||
return &c, nil
|
return &c, nil
|
||||||
}
|
}
|
||||||
@ -109,6 +113,8 @@ func clientToJSON(c *Client) clientJSON {
|
|||||||
|
|
||||||
UseGlobalBlockedServices: !c.UseOwnBlockedServices,
|
UseGlobalBlockedServices: !c.UseOwnBlockedServices,
|
||||||
BlockedServices: c.BlockedServices,
|
BlockedServices: c.BlockedServices,
|
||||||
|
|
||||||
|
Upstreams: c.Upstreams,
|
||||||
}
|
}
|
||||||
|
|
||||||
cj.WhoisInfo = make(map[string]interface{})
|
cj.WhoisInfo = make(map[string]interface{})
|
||||||
|
10
home/dns.go
10
home/dns.go
@ -170,9 +170,19 @@ func generateServerConfig() (dnsforward.ServerConfig, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
newconfig.FilterHandler = applyAdditionalFiltering
|
newconfig.FilterHandler = applyAdditionalFiltering
|
||||||
|
newconfig.GetUpstreamsByClient = getUpstreamsByClient
|
||||||
return newconfig, nil
|
return newconfig, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func getUpstreamsByClient(clientAddr string) []string {
|
||||||
|
c, ok := config.clients.Find(clientAddr)
|
||||||
|
if !ok {
|
||||||
|
return []string{}
|
||||||
|
}
|
||||||
|
log.Debug("Using upstreams %v for client %s (IP: %s)", c.Upstreams, c.Name, clientAddr)
|
||||||
|
return c.Upstreams
|
||||||
|
}
|
||||||
|
|
||||||
// If a client has his own settings, apply them
|
// If a client has his own settings, apply them
|
||||||
func applyAdditionalFiltering(clientAddr string, setts *dnsfilter.RequestFilteringSettings) {
|
func applyAdditionalFiltering(clientAddr string, setts *dnsfilter.RequestFilteringSettings) {
|
||||||
|
|
||||||
|
@ -1649,6 +1649,10 @@ definitions:
|
|||||||
type: "array"
|
type: "array"
|
||||||
items:
|
items:
|
||||||
type: "string"
|
type: "string"
|
||||||
|
upstreams:
|
||||||
|
type: "array"
|
||||||
|
items:
|
||||||
|
type: "string"
|
||||||
ClientAuto:
|
ClientAuto:
|
||||||
type: "object"
|
type: "object"
|
||||||
description: "Auto-Client information"
|
description: "Auto-Client information"
|
||||||
|
Loading…
Reference in New Issue
Block a user