-(dnsfilter): match DNS response against filtering rules only
Supposedly, this will fix #1290
This commit is contained in:
parent
7c0cf641db
commit
b4f4111609
|
@ -263,7 +263,17 @@ func (r Reason) Matched() bool {
|
||||||
return r != NotFilteredNotFound
|
return r != NotFilteredNotFound
|
||||||
}
|
}
|
||||||
|
|
||||||
// CheckHost tries to match host against rules, then safebrowsing and parental if they are enabled
|
// CheckHostRules tries to match the host against filtering rules only
|
||||||
|
func (d *Dnsfilter) CheckHostRules(host string, qtype uint16, setts *RequestFilteringSettings) (Result, error) {
|
||||||
|
if !setts.FilteringEnabled {
|
||||||
|
return Result{}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return d.matchHost(host, qtype)
|
||||||
|
}
|
||||||
|
|
||||||
|
// CheckHost tries to match the host against filtering rules,
|
||||||
|
// then safebrowsing and parental if they are enabled
|
||||||
func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFilteringSettings) (Result, error) {
|
func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFilteringSettings) (Result, error) {
|
||||||
// sometimes DNS clients will try to resolve ".", which is a request to get root servers
|
// sometimes DNS clients will try to resolve ".", which is a request to get root servers
|
||||||
if host == "" {
|
if host == "" {
|
||||||
|
|
|
@ -492,7 +492,7 @@ func (s *Server) handleDNSRequest(p *proxy.Proxy, d *proxy.DNSContext) error {
|
||||||
|
|
||||||
} else if res.Reason != dnsfilter.NotFilteredWhiteList {
|
} else if res.Reason != dnsfilter.NotFilteredWhiteList {
|
||||||
origResp2 := d.Res
|
origResp2 := d.Res
|
||||||
res, err = s.filterResponse(d)
|
res, err = s.filterDNSResponse(d)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -652,7 +652,7 @@ func (s *Server) filterDNSRequest(d *proxy.DNSContext) (*dnsfilter.Result, error
|
||||||
|
|
||||||
// If response contains CNAME, A or AAAA records, we apply filtering to each canonical host name or IP address.
|
// If response contains CNAME, A or AAAA records, we apply filtering to each canonical host name or IP address.
|
||||||
// If this is a match, we set a new response in d.Res and return.
|
// If this is a match, we set a new response in d.Res and return.
|
||||||
func (s *Server) filterResponse(d *proxy.DNSContext) (*dnsfilter.Result, error) {
|
func (s *Server) filterDNSResponse(d *proxy.DNSContext) (*dnsfilter.Result, error) {
|
||||||
for _, a := range d.Res.Answer {
|
for _, a := range d.Res.Answer {
|
||||||
host := ""
|
host := ""
|
||||||
|
|
||||||
|
@ -681,7 +681,7 @@ func (s *Server) filterResponse(d *proxy.DNSContext) (*dnsfilter.Result, error)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
setts := s.getClientRequestFilteringSettings(d)
|
setts := s.getClientRequestFilteringSettings(d)
|
||||||
res, err := s.dnsFilter.CheckHost(host, d.Req.Question[0].Qtype, setts)
|
res, err := s.dnsFilter.CheckHostRules(host, d.Req.Question[0].Qtype, setts)
|
||||||
s.RUnlock()
|
s.RUnlock()
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in New Issue