Commit Graph

106 Commits

Author SHA1 Message Date
Simon Zolin
8d2a9ce923 * dnsfilter: change DNS answer for host rules
When matched by a host rule, return only the IP address specified in rule.
Respond with an empty IP list to another request type.

:: host -- return nothing to A, return :: to AAAA request
0.0.0.0 host -- return 0.0.0.0 to A, return nothing to AAAA request
2020-01-09 19:31:14 +03:00
Andrey Meshkov
b4f4111609 -(dnsfilter): match DNS response against filtering rules only
Supposedly, this will fix #1290
2019-12-23 15:59:49 +03:00
Simon Zolin
8685584bf5 + DNS Rewrites: support wildcard domain name 2019-12-20 16:45:58 +03:00
Simon Zolin
864c91e524 Merge: - DNS: fix security checks via PC/SB services
Squashed commit of the following:

commit e73bc282d77a11c923a86166035f1b44427d7066
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Fri Dec 13 17:17:36 2019 +0300

    fix

commit f8b5c174816c6fd57fb3930cc465318f468fc8ff
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Fri Dec 13 17:03:13 2019 +0300

    fix

commit 9d5483a2fb89a172218547b5ee356e7122dca609
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Fri Dec 13 16:54:30 2019 +0300

    - fix security checks via PC/SB services
2019-12-13 17:42:01 +03:00
Simon Zolin
8dbdf49c32 * use dnsproxy v0.22.0 and urlfilter v0.7.0 2019-12-03 20:55:45 +03:00
Simon Zolin
2b0ababdc9 Merge: + safesearch: add Pixabay
Close #1159

* commit 'fab63f167ad44f95749f0a779f8805bb39c7d90a':
  + safesearch: add Pixabay
2019-11-20 15:16:28 +03:00
Simon Zolin
fab63f167a + safesearch: add Pixabay 2019-11-08 13:07:25 +03:00
Simon Zolin
7f69848084 + dnsfilter: use AG DNS server for SB/PC services
* move SS/SB/PC services to security.go
* remove old useless code (HTTP client)
2019-11-08 10:38:12 +03:00
Simon Zolin
6ba1d857ac * dnsfilter: windows: store rules in memory
* dnsfilter: ignore cosmetic rules
2019-10-22 16:15:51 +03:00
Simon Zolin
a59e346d4a * dnsfilter: major refactoring
* dnsfilter is controlled by package home, not dnsforward
* move HTTP handlers to dnsfilter/
* apply filtering settings without DNS server restart
* use only 1 goroutine for filters update
* apply new filters quickly (after they are ready to be used)
2019-10-09 20:05:21 +03:00
Simon Zolin
adb422fedf filtering: refactor; change API; add "filters_update_interval" setting
+ config: "filters_update_interval"
* add /control/filtering_info
* remove /control/filtering/enable
* remove /control/filtering/disable

* add /control/filtering_config
* remove /control/filtering/status

* add /control/filtering/set_url
* remove /control/filtering/enable_url
* remove /control/filtering/disable_url
2019-09-12 18:38:13 +03:00
Simon Zolin
c616259e8b * dnsfilter: use golibs/cache
+ config: add cache size settings
+ config: add cache_time setting
2019-09-02 19:12:53 +03:00
Andrey Meshkov
c82e93cfc7 -(dnsforward): fixed sigsegv when protection is disabled
Also, fixed all golint issues

 Closes: #941
2019-08-20 00:55:32 +03:00
Simon Zolin
d46ebe1c8b Revert "+ config: add cache size settings"
This reverts commit 81303b5db7.
2019-08-16 15:17:38 +03:00
Simon Zolin
68d5d595b6 Revert "* dnsfilter: use fastcache instead of gcache"
This reverts commit 6f51df7d2e.
2019-08-16 15:17:38 +03:00
Simon Zolin
56c69cdb79 Revert "fix tests"
This reverts commit d9265aa9a8.
2019-08-16 15:11:57 +03:00
Simon Zolin
ccf72b6008 * safebrowsing/parental: split some code
* dnsfilter.CheckHost() doesn't support host="hostname." (with a trailing dot) anymore
2019-08-08 12:11:24 +03:00
Simon Zolin
15d07a40eb * refactor 2019-08-05 14:12:22 +03:00
Simon Zolin
e81a9c7d56 + dnsfilter: use global and per-client BlockedServices array 2019-08-05 14:12:22 +03:00
Simon Zolin
1bb6638db7 + dnsforward: use Rewrites table 2019-07-29 11:48:24 +03:00
Simon Zolin
b66e370ffc * dnsfilter: refactor: a simple approach to convert Reason to string 2019-07-29 11:37:10 +03:00
Simon Zolin
d9265aa9a8 fix tests 2019-07-23 20:01:50 +03:00
Simon Zolin
6f51df7d2e * dnsfilter: use fastcache instead of gcache 2019-07-23 17:14:13 +03:00
Simon Zolin
81303b5db7 + config: add cache size settings 2019-07-23 15:57:44 +03:00
Simon Zolin
a79643f23e + dnsfilter-test: override global safe-browsing setting with a per-client setting 2019-07-15 14:03:22 +03:00
Simon Zolin
57c510631e - dnsfilter: fix crash when global setting 'SafeSearch' is off
but per-client setting is on
2019-07-15 12:10:43 +03:00
Simon Zolin
0a1d7fd707 - fix tests 2019-07-09 11:35:39 +03:00
Simon Zolin
b0cfd7228e - dnsfilter: fix post-install error "filter file not found"
Right after installation we don't have the filter files downloaded.
While they are being downloaded, we replace them with an empty filter.
2019-07-05 17:35:40 +03:00
Simon Zolin
134d9275bb * use urlfilter v0.4.0
Now we pass filtering rules to urlfilter as filer file names,
 rather than the list of rule strings.
(Note: user rules are still passed as the list of rule strings).

As a result, we don't store the contents of filter files in memory.
2019-07-04 14:10:01 +03:00
Simon Zolin
1c9abd6107 Merge: + dhcpd, clients, dnsfilter: add more tests
#788

* commit '25da23497a19118a22b97d64749fa70337544116':
  + dnsfilter: more tests
  + dhcpd, clients: add more tests
2019-07-01 19:26:27 +03:00
Simon Zolin
64f66cfb5d * dnsfilter: fix tests: pass config object to NewForTest() 2019-07-01 19:24:52 +03:00
Simon Zolin
42b76ada9d rename dnsfContext -> dnsFilterContext 2019-06-27 10:48:12 +03:00
Simon Zolin
25da23497a + dnsfilter: more tests 2019-06-26 18:13:09 +03:00
Simon Zolin
2307f55715 * dnsfilter: use a single global context object 2019-06-24 19:00:03 +03:00
Andrey Meshkov
082354204b Fix #831
This commit fixes panic when customDialContext fails to resolve the host's address.
2019-06-18 16:18:13 +03:00
Andrey Meshkov
07db927246 Fix #727 - use default parental sensitivity when it's not set 2019-06-06 22:42:17 +03:00
Simon Zolin
3baa6919dc - fix tests and linter issues 2019-05-31 12:27:13 +03:00
Simon Zolin
8bf76c331d + dnsfilter: use callback function for applying per-client settings 2019-05-28 18:44:27 +03:00
Simon Zolin
f23507a554 * dnsfilter: parental/safebrowsing: add setting to switch between HTTP and HTTPS 2019-05-27 18:11:05 +03:00
Simon Zolin
e2579c72bd * dnsfilter: fix tests 2019-05-24 18:08:08 +03:00
Simon Zolin
ac8f703407 + dnsforward: support IPv6 (AAAA response)
If question type is AAAA:
 Before this patch we responded with NXDOMAIN.
 Now we send an empty response if host rule is IPv4;
 or we send an AAAA answer if host rule is IPv6.

+ block ipv6 if rule is "0.0.0.0 blockdomain"
2019-05-24 18:08:08 +03:00
Simon Zolin
9ad4bba9ab * dnsfilter: return the correct IP address (host rules) 2019-05-24 18:08:08 +03:00
Simon Zolin
00e1b6ca08 * dnsfilter: use 'https' for safe-browsing and parental control 2019-05-23 17:26:50 +03:00
Simon Zolin
5ec747b30b * dnsfilter: adapt tests to new interface 2019-05-17 18:22:57 +03:00
Simon Zolin
829415da5b * dnsfilter: use urlfilter package
+ new config setting 'filtering_temp_filename'

* remove AddRules(), modify New()
2019-05-17 18:22:57 +03:00
Simon Zolin
3396d68019 * dnsfilter: remove code for filtering rules 2019-05-17 18:22:57 +03:00
Simon Zolin
bd68bf2e25 * dns: rename dnsfilter.Filter.Rule -> dnsfilter.Filter.Data 2019-05-17 18:22:57 +03:00
Simon Zolin
d918e5b418 use maxDialCacheSize constant 2019-05-15 12:03:20 +03:00
Simon Zolin
b3461d37ca rename functions and container 2019-05-13 14:47:55 +03:00
Simon Zolin
24ae61de3e + dnsfilter: cache IP addresses of safebrowsing and parental control servers 2019-05-13 14:16:07 +03:00