diff --git a/app.go b/app.go index 647ffa63..add8a262 100644 --- a/app.go +++ b/app.go @@ -213,7 +213,10 @@ func promptAndGetPassword(prompt string) (string, error) { } func askUsernamePasswordIfPossible() error { - configfile := filepath.Join(config.ourBinaryDir, config.ourConfigFilename) + configfile := config.ourConfigFilename + if !filepath.IsAbs(configfile) { + configfile = filepath.Join(config.ourBinaryDir, config.ourConfigFilename) + } _, err := os.Stat(configfile) if !os.IsNotExist(err) { // do nothing, file exists diff --git a/client/package-lock.json b/client/package-lock.json index e7080ade..fc6ea4f1 100644 --- a/client/package-lock.json +++ b/client/package-lock.json @@ -6588,7 +6588,7 @@ }, "html-webpack-plugin": { "version": "3.2.0", - "resolved": "http://registry.npmjs.org/html-webpack-plugin/-/html-webpack-plugin-3.2.0.tgz", + "resolved": "https://registry.npmjs.org/html-webpack-plugin/-/html-webpack-plugin-3.2.0.tgz", "integrity": "sha1-sBq71yOsqqeze2r0SS69oD2d03s=", "dev": true, "requires": { @@ -6638,7 +6638,7 @@ }, "readable-stream": { "version": "1.0.34", - "resolved": "http://registry.npmjs.org/readable-stream/-/readable-stream-1.0.34.tgz", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.34.tgz", "integrity": "sha1-Elgg40vIQtLyqq+v5MKRbuMsFXw=", "dev": true, "requires": { @@ -15003,7 +15003,7 @@ }, "through": { "version": "2.3.8", - "resolved": "http://registry.npmjs.org/through/-/through-2.3.8.tgz", + "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz", "integrity": "sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=", "dev": true }, diff --git a/client/src/components/Settings/Upstream.js b/client/src/components/Settings/Upstream.js index b12b119f..c0d0abf3 100644 --- a/client/src/components/Settings/Upstream.js +++ b/client/src/components/Settings/Upstream.js @@ -57,6 +57,24 @@ class Upstream extends Component { +
+
+ examples_title: +
    +
  1. + 1.1.1.1 - { t('example_upstream_regular') } +
    2. +
  2. + tls://1dot1dot1dot1.cloudflare-dns.com - +
    3. +
  3. + https://cloudflare-dns.com/dns-query - +
    4. +
  4. + tcp://1.1.1.1 - { t('example_upstream_tcp') } +
    5. +
+
diff --git a/config.go b/config.go index 2db48d38..829cec37 100644 --- a/config.go +++ b/config.go @@ -68,6 +68,8 @@ type coreDNSConfig struct { ParentalSensitivity int `yaml:"parental_sensitivity"` BlockedResponseTTL int `yaml:"blocked_response_ttl"` QueryLogEnabled bool `yaml:"querylog_enabled"` + Ratelimit int `yaml:"-"` + RefuseAny bool `yaml:"-"` Pprof string `yaml:"-"` Cache string `yaml:"-"` Prometheus string `yaml:"-"` @@ -102,6 +104,8 @@ var config = configuration{ SafeBrowsingEnabled: false, BlockedResponseTTL: 10, // in seconds QueryLogEnabled: true, + Ratelimit: 20, + RefuseAny: true, BootstrapDNS: "8.8.8.8:53", UpstreamDNS: defaultDNS, Cache: "cache", @@ -253,7 +257,8 @@ const coreDNSConfigTemplate = `.:{{.Port}} { {{end}} }{{end}} {{.Pprof}} - ratelimit + {{if .RefuseAny}}refuseany{{end}} + {{if gt .Ratelimit 0}}ratelimit {{.Ratelimit}}{{end}} hosts { fallthrough } diff --git a/coredns.go b/coredns.go index 45854056..376e6210 100644 --- a/coredns.go +++ b/coredns.go @@ -9,6 +9,7 @@ import ( _ "github.com/AdguardTeam/AdGuardHome/coredns_plugin" _ "github.com/AdguardTeam/AdGuardHome/coredns_plugin/ratelimit" + _ "github.com/AdguardTeam/AdGuardHome/coredns_plugin/refuseany" _ "github.com/AdguardTeam/AdGuardHome/upstream" "github.com/coredns/coredns/core/dnsserver" "github.com/coredns/coredns/coremain" @@ -65,6 +66,7 @@ var directives = []string{ "prometheus", "errors", "log", + "refuseany", "ratelimit", "dnsfilter", "dnstap", diff --git a/coredns_plugin/refuseany/refuseany.go b/coredns_plugin/refuseany/refuseany.go index 02721cc1..92d5d508 100644 --- a/coredns_plugin/refuseany/refuseany.go +++ b/coredns_plugin/refuseany/refuseany.go @@ -27,8 +27,6 @@ func (p *plug) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) ( q := r.Question[0] if q.Qtype == dns.TypeANY { - log.Printf("Got request with type ANY, will respond with NOTIMP\n") - state := request.Request{W: w, Req: r, Context: ctx} rcode := dns.RcodeNotImplemented diff --git a/dnsfilter/dnsfilter_test.go b/dnsfilter/dnsfilter_test.go index f186ecce..39b33a44 100644 --- a/dnsfilter/dnsfilter_test.go +++ b/dnsfilter/dnsfilter_test.go @@ -474,6 +474,15 @@ func TestDnsFilterWhitelist(t *testing.T) { d.checkMatch(t, "example.org") d.checkMatchEmpty(t, "test.example.org") d.checkMatchEmpty(t, "test.test.example.org") + + d.checkAddRule(t, "||googleadapis.l.google.com^|") + d.checkMatch(t, "googleadapis.l.google.com") + d.checkMatch(t, "test.googleadapis.l.google.com") + + d.checkAddRule(t, "@@||googleadapis.l.google.com|") + d.checkMatchEmpty(t, "googleadapis.l.google.com") + d.checkMatchEmpty(t, "test.googleadapis.l.google.com") + } func TestDnsFilterImportant(t *testing.T) { diff --git a/dnsfilter/rule_to_regexp.go b/dnsfilter/rule_to_regexp.go index 79c0320d..41d55e30 100644 --- a/dnsfilter/rule_to_regexp.go +++ b/dnsfilter/rule_to_regexp.go @@ -72,6 +72,11 @@ func getSuffix(rule string) (bool, string) { // last char was checked, eat it rule = rule[:len(rule)-1] + // it might also end with ^| + if rule[len(rule)-1] == '^' { + rule = rule[:len(rule)-1] + } + // check that it doesn't have any special characters inside for _, r := range rule { switch r {