-(dnsfilter): match DNS response against filtering rules only

Supposedly, this will fix #1290
This commit is contained in:
Andrey Meshkov 2019-12-23 15:59:49 +03:00
parent 7c0cf641db
commit b4f4111609
2 changed files with 14 additions and 4 deletions

View File

@ -263,7 +263,17 @@ func (r Reason) Matched() bool {
return r != NotFilteredNotFound return r != NotFilteredNotFound
} }
// CheckHost tries to match host against rules, then safebrowsing and parental if they are enabled // CheckHostRules tries to match the host against filtering rules only
func (d *Dnsfilter) CheckHostRules(host string, qtype uint16, setts *RequestFilteringSettings) (Result, error) {
if !setts.FilteringEnabled {
return Result{}, nil
}
return d.matchHost(host, qtype)
}
// CheckHost tries to match the host against filtering rules,
// then safebrowsing and parental if they are enabled
func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFilteringSettings) (Result, error) { func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFilteringSettings) (Result, error) {
// sometimes DNS clients will try to resolve ".", which is a request to get root servers // sometimes DNS clients will try to resolve ".", which is a request to get root servers
if host == "" { if host == "" {

View File

@ -492,7 +492,7 @@ func (s *Server) handleDNSRequest(p *proxy.Proxy, d *proxy.DNSContext) error {
} else if res.Reason != dnsfilter.NotFilteredWhiteList { } else if res.Reason != dnsfilter.NotFilteredWhiteList {
origResp2 := d.Res origResp2 := d.Res
res, err = s.filterResponse(d) res, err = s.filterDNSResponse(d)
if err != nil { if err != nil {
return err return err
} }
@ -652,7 +652,7 @@ func (s *Server) filterDNSRequest(d *proxy.DNSContext) (*dnsfilter.Result, error
// If response contains CNAME, A or AAAA records, we apply filtering to each canonical host name or IP address. // If response contains CNAME, A or AAAA records, we apply filtering to each canonical host name or IP address.
// If this is a match, we set a new response in d.Res and return. // If this is a match, we set a new response in d.Res and return.
func (s *Server) filterResponse(d *proxy.DNSContext) (*dnsfilter.Result, error) { func (s *Server) filterDNSResponse(d *proxy.DNSContext) (*dnsfilter.Result, error) {
for _, a := range d.Res.Answer { for _, a := range d.Res.Answer {
host := "" host := ""
@ -681,7 +681,7 @@ func (s *Server) filterResponse(d *proxy.DNSContext) (*dnsfilter.Result, error)
continue continue
} }
setts := s.getClientRequestFilteringSettings(d) setts := s.getClientRequestFilteringSettings(d)
res, err := s.dnsFilter.CheckHost(host, d.Req.Question[0].Qtype, setts) res, err := s.dnsFilter.CheckHostRules(host, d.Req.Question[0].Qtype, setts)
s.RUnlock() s.RUnlock()
if err != nil { if err != nil {