-(dnsfilter): match DNS response against filtering rules only

Supposedly, this will fix #1290
This commit is contained in:
Andrey Meshkov 2019-12-23 15:59:49 +03:00
parent 7c0cf641db
commit b4f4111609
2 changed files with 14 additions and 4 deletions

View File

@ -263,7 +263,17 @@ func (r Reason) Matched() bool {
return r != NotFilteredNotFound
}
// CheckHost tries to match host against rules, then safebrowsing and parental if they are enabled
// CheckHostRules tries to match the host against filtering rules only
func (d *Dnsfilter) CheckHostRules(host string, qtype uint16, setts *RequestFilteringSettings) (Result, error) {
if !setts.FilteringEnabled {
return Result{}, nil
}
return d.matchHost(host, qtype)
}
// CheckHost tries to match the host against filtering rules,
// then safebrowsing and parental if they are enabled
func (d *Dnsfilter) CheckHost(host string, qtype uint16, setts *RequestFilteringSettings) (Result, error) {
// sometimes DNS clients will try to resolve ".", which is a request to get root servers
if host == "" {

View File

@ -492,7 +492,7 @@ func (s *Server) handleDNSRequest(p *proxy.Proxy, d *proxy.DNSContext) error {
} else if res.Reason != dnsfilter.NotFilteredWhiteList {
origResp2 := d.Res
res, err = s.filterResponse(d)
res, err = s.filterDNSResponse(d)
if err != nil {
return err
}
@ -652,7 +652,7 @@ func (s *Server) filterDNSRequest(d *proxy.DNSContext) (*dnsfilter.Result, error
// If response contains CNAME, A or AAAA records, we apply filtering to each canonical host name or IP address.
// If this is a match, we set a new response in d.Res and return.
func (s *Server) filterResponse(d *proxy.DNSContext) (*dnsfilter.Result, error) {
func (s *Server) filterDNSResponse(d *proxy.DNSContext) (*dnsfilter.Result, error) {
for _, a := range d.Res.Answer {
host := ""
@ -681,7 +681,7 @@ func (s *Server) filterResponse(d *proxy.DNSContext) (*dnsfilter.Result, error)
continue
}
setts := s.getClientRequestFilteringSettings(d)
res, err := s.dnsFilter.CheckHost(host, d.Req.Question[0].Qtype, setts)
res, err := s.dnsFilter.CheckHostRules(host, d.Req.Question[0].Qtype, setts)
s.RUnlock()
if err != nil {