Simon Zolin
75b864f25e
* dnsforward: create dnsfilter asynchronously
2019-09-23 20:00:11 +03:00
Simon Zolin
d7f256ba7f
- fix crash after stats module is closed
...
Close DNS forward module BEFORE stats.
2019-09-19 12:47:55 +03:00
Simon Zolin
f4c29715b5
- rewrites: AAAA rewrites didn't work
2019-09-16 16:28:00 +03:00
Simon Zolin
30ca77303b
Merge: Add Filters Update Interval setting; refactor
...
Close #641
* commit 'd0fc1dc54dfbc017f28c6c0afa4623c6259af557':
+ client: handle filters configuration
* openapi: update /filtering
filtering: refactor; change API; add "filters_update_interval" setting
2019-09-12 19:06:39 +03:00
Simon Zolin
df5b41458f
Merge: + dnsforward: disable Mozilla DoH - block use-application-dns.net
...
#988
* commit '47e29f96dfb9f254babcf4763912dc5e9a07ee2a':
+ dnsforward: disable Mozilla DoH - block use-application-dns.net
2019-09-12 19:05:29 +03:00
Simon Zolin
47e29f96df
+ dnsforward: disable Mozilla DoH - block use-application-dns.net
2019-09-12 18:56:11 +03:00
Simon Zolin
adb422fedf
filtering: refactor; change API; add "filters_update_interval" setting
...
+ config: "filters_update_interval"
* add /control/filtering_info
* remove /control/filtering/enable
* remove /control/filtering/disable
* add /control/filtering_config
* remove /control/filtering/status
* add /control/filtering/set_url
* remove /control/filtering/enable_url
* remove /control/filtering/disable_url
2019-09-12 18:38:13 +03:00
Simon Zolin
8104c902ee
* querylog: move code to a separate package
...
+ config: "querylog_interval" setting
/control/querylog_config, /control/querylog_info
+ POST /control/querylog_clear
2019-09-12 18:35:13 +03:00
Simon Zolin
04e2566e9e
* stats: use uint32 or uint64 integer values, not int
2019-09-12 17:53:27 +03:00
Simon Zolin
4a58266ba3
+ statistics: store in separate file
...
+ GET /control/stats handler
2019-09-04 10:12:02 +03:00
Simon Zolin
60eb55bdce
* stats: remove old code
2019-09-04 10:12:01 +03:00
Simon Zolin
c616259e8b
* dnsfilter: use golibs/cache
...
+ config: add cache size settings
+ config: add cache_time setting
2019-09-02 19:12:53 +03:00
Simon Zolin
24bb708b21
+ config: add certificate_path, private_key_path
...
* POST /control/tls/configure: support certificate_path and private_key_path
2019-08-30 19:18:14 +03:00
Andrey Meshkov
64d40bdc47
Merge: - config: global "blocked_services" settings were reset on startup
...
* commit 'b1ca7c90d3ef0e72d3535b7cf195adfe83d34e5a':
- config: global "blocked_services" settings were reset on startup
2019-08-22 15:38:24 +03:00
Simon Zolin
b1ca7c90d3
- config: global "blocked_services" settings were reset on startup
2019-08-22 15:30:48 +03:00
Simon Zolin
a370cd0bf0
- dnsforward: don't use dnsfilter object after it's closed (additional check)
2019-08-22 12:01:59 +03:00
Simon Zolin
94552a30d7
- dnsforward: don't use dnsfilter object after it's closed
2019-08-20 15:07:39 +03:00
Andrey Meshkov
c82e93cfc7
-(dnsforward): fixed sigsegv when protection is disabled
...
Also, fixed all golint issues
✅ Closes : #941
2019-08-20 00:55:32 +03:00
Simon Zolin
b37208564b
- fix build: we're using a new gcache module now
2019-08-16 15:43:12 +03:00
Simon Zolin
56c69cdb79
Revert "fix tests"
...
This reverts commit d9265aa9a8
.
2019-08-16 15:11:57 +03:00
Simon Zolin
15d07a40eb
* refactor
2019-08-05 14:12:22 +03:00
Simon Zolin
e81a9c7d56
+ dnsfilter: use global and per-client BlockedServices array
2019-08-05 14:12:22 +03:00
Simon Zolin
1bb6638db7
+ dnsforward: use Rewrites table
2019-07-29 11:48:24 +03:00
Simon Zolin
a9fbb93f0f
Merge: + Add "parental_block_host" and "safebrowsing_block_host" settings
...
#454
* commit 'fdf7ee2c08d4177d78fcdc20571bc7d2b61320ae':
* refactor: don't set new configuration while running DNS server
* refactor
* dnsforward: parental control server can be an IP address, not just host name
+ dnsforward, config: add "parental_block_host" and "safebrowsing_block_host" settings
2019-07-24 19:35:46 +03:00
Simon Zolin
d9265aa9a8
fix tests
2019-07-23 20:01:50 +03:00
Simon Zolin
fdf7ee2c08
* refactor: don't set new configuration while running DNS server
2019-07-22 12:52:27 +03:00
Simon Zolin
5a3de2a276
* refactor
2019-07-22 12:33:58 +03:00
Simon Zolin
4a05ab0057
* dnsforward: parental control server can be an IP address, not just host name
2019-07-22 12:33:45 +03:00
Simon Zolin
4134a8c30e
+ dnsforward, config: add "parental_block_host" and "safebrowsing_block_host" settings
2019-07-22 12:16:30 +03:00
Simon Zolin
2bbd262968
* dnsforward: move initialization of periodic tasks to NewServer()
2019-07-19 12:18:16 +03:00
Simon Zolin
0a1d7fd707
- fix tests
2019-07-09 11:35:39 +03:00
Simon Zolin
134d9275bb
* use urlfilter v0.4.0
...
Now we pass filtering rules to urlfilter as filer file names,
rather than the list of rule strings.
(Note: user rules are still passed as the list of rule strings).
As a result, we don't store the contents of filter files in memory.
2019-07-04 14:10:01 +03:00
Andrey Meshkov
07db927246
Fix #727 - use default parental sensitivity when it's not set
2019-06-06 22:42:17 +03:00
Andrey Meshkov
a3b8d4d923
Fix #706 -- rDNS for DOH/DOT clients
2019-06-04 20:38:53 +03:00
Simon Zolin
1d09ff0562
Merge: + dnsforward: add access settings for blocking DNS requests
...
Close #728
* commit 'e4532a27cd2a6f92aaf724fddbffa00fcecb064c':
- openapi: correct format
+ client: handle access settings
* go.mod: update dnsproxy
+ control: /access/list, /access/set handlers
+ dnsforward: add access settings for blocking DNS requests
2019-06-03 15:04:52 +03:00
Simon Zolin
3baa6919dc
- fix tests and linter issues
2019-05-31 12:27:13 +03:00
Simon Zolin
36ffcf7d22
+ dnsforward: add access settings for blocking DNS requests
...
Block by client IP or target domain name.
2019-05-30 18:21:36 +03:00
Simon Zolin
a12f01793f
+ clients: find DNS client's hostname by IP using rDNS
2019-05-28 19:07:57 +03:00
Simon Zolin
8bf76c331d
+ dnsfilter: use callback function for applying per-client settings
2019-05-28 18:44:27 +03:00
Simon Zolin
ac8f703407
+ dnsforward: support IPv6 (AAAA response)
...
If question type is AAAA:
Before this patch we responded with NXDOMAIN.
Now we send an empty response if host rule is IPv4;
or we send an AAAA answer if host rule is IPv6.
+ block ipv6 if rule is "0.0.0.0 blockdomain"
2019-05-24 18:08:08 +03:00
Simon Zolin
096a959987
* dnsforward: use new dnsfilter interface
2019-05-17 18:22:57 +03:00
Simon Zolin
9644f79a03
* dnsforward: use separate ServerConfig object
2019-05-17 18:22:57 +03:00
Simon Zolin
d5f6dd1a46
- dns query log: robust file flushing mechanism
...
Before this patch we could exit the process without waiting for
file writing task to complete.
As a result a file could become corrupted or a large chunk of data
could be missing.
Now the main thread either waits until file writing task completes
or it writes log buffer to file itself.
2019-05-15 13:12:03 +03:00
Simon Zolin
0f28a989e9
* improve logging
2019-05-15 13:12:03 +03:00
Alexander Turcic
cd2dd00da3
* dnsforward_test: add test for null filter
2019-05-14 16:53:09 +03:00
Alexander Turcic
07ffcbec3d
* dnsforward, config: add unspecified IP blocking option
...
* dnsforward: prioritize host files over null filter
* dnsforward, config: adjust setting variable to blocking_mode
* dnsforward: use net.IPv4zero for null IP
2019-05-14 16:53:06 +03:00
Aleksey Dmitrevskiy
c82887d3aa
* app, dnsforward: add MinVersion for TLS configs
2019-04-17 12:02:56 +03:00
Aleksey Dmitrevskiy
9ea5c1abe1
+ control, dns, client: add ability to set DNS upstream per domain
2019-03-20 14:24:33 +03:00
Aleksey Dmitrevskiy
bc4c2e2ff7
Merge branch 'master' into fix/596
2019-03-06 18:25:42 +03:00
Aleksey Dmitrevskiy
53d680a5df
Fix #597 - [bugfix] querylog_top: Empty domain gets to the Top Queried domains
2019-02-28 16:19:23 +03:00
Aleksey Dmitrevskiy
acb4a98466
[change] dnsforward: Add comments for public fields
2019-02-28 13:40:40 +03:00
Aleksey Dmitrevskiy
3929f0da44
[change] control: Handle upstream config with JSON
2019-02-28 13:01:41 +03:00
Aleksey Dmitrevskiy
81e88472cb
Merge branch 'fix/542' into fix/596
2019-02-28 11:16:03 +03:00
Aleksey Dmitrevskiy
967a1e6b87
Merge branch 'master' into fix/596
2019-02-27 18:56:36 +03:00
Aleksey Dmitrevskiy
ffa4429818
Merge branch 'master' into fix/542
2019-02-27 18:47:01 +03:00
Simon Zolin
5cb6d97cd7
* use new logger - AdguardTeam/golibs/log
2019-02-27 15:02:11 +03:00
Aleksey Dmitrevskiy
dc05556c5a
Fix #542 - Add Bootstrap DNS resolver settings
2019-02-27 11:15:18 +03:00
Aleksey Dmitrevskiy
5bc6d00aa0
Fix #596 - Intelligent Optimal DNS Resolution
2019-02-26 18:19:05 +03:00
Andrey Meshkov
c71d6ed433
Fix race in safesearch tests
2019-02-25 18:56:51 +03:00
Aleksey Dmitrevskiy
86279f19b0
Add TODO
2019-02-25 17:15:50 +03:00
Aleksey Dmitrevskiy
3d901a82ad
Fix merge issues
2019-02-25 17:07:26 +03:00
Aleksey Dmitrevskiy
d351ed82c1
Merge branch 'master' into fix/576
2019-02-25 17:07:02 +03:00
Aleksey Dmitrevskiy
8e13f22aa5
Add stats assertions
2019-02-25 17:01:57 +03:00
Aleksey Dmitrevskiy
d0f4f22e0d
Add safesearch test for dnsforward
2019-02-25 14:58:54 +03:00
Andrey Meshkov
1da954fa97
Fix tests
2019-02-22 18:41:59 +03:00
Andrey Meshkov
ad4b58472f
Update dnsproxy to 0.11.0
2019-02-22 18:16:47 +03:00
Andrey Meshkov
e8898811fe
Added DOH url
2019-02-22 15:52:12 +03:00
Andrey Meshkov
71df659dc9
Added DNS-over-TLS unit-test and a test looking for race-conditions
2019-02-22 15:23:39 +03:00
Andrey Meshkov
37431735fd
Added new config fields to readme
2019-02-21 17:48:18 +03:00
Eugene Bujak
229ef78085
Activate DNS-over-TLS server when certificates, keys and ports are configured.
2019-02-15 16:28:28 +03:00
Andrey Meshkov
a40ddb094b
Fix review comments
2019-02-11 14:22:36 +03:00
Andrey Meshkov
9ff420bb52
Do not store last_updated in the config file anymore
2019-02-10 21:44:16 +03:00
Andrey Meshkov
9a03190a62
Fix #579
...
1. Added --workdir command-line argument that lets configure the working dir.
2. Made "dnsforward" use this workdir parameter when saving/reading querylog.
3. Reworked "dnsforward" -- moved http handlers out of there to control.go
2019-02-10 20:47:43 +03:00
Eugene Bujak
68c8a4d484
Demote some log.printf into log.tracef
2019-02-07 18:24:43 +03:00
Andrey Meshkov
ec6b1f7c42
Added golangci-lint configuration and prepared for the integrattion
2019-01-25 20:13:57 +03:00
Andrey Meshkov
a0157e39c6
Use EnableAll in gometalinter config
2019-01-25 20:13:57 +03:00
Andrey Meshkov
d078851246
gometalinter
2019-01-25 20:13:57 +03:00
Andrey Meshkov
c4ba284964
fix tests
2019-01-05 22:24:07 +03:00
Andrey Meshkov
f3a97ed7ab
Added TCPListenAddr
2019-01-05 22:15:20 +03:00
Eugene Bujak
cbe83e2053
Merge pull request #126 in DNS/adguard-dns from feature/423 to master
...
* commit 'b0c4d88d5454f8dd5a92a73615cce3a31450f56b': (45 commits)
Indicate that DHCP is experimental
Update dnsproxy and dnscrypt, and run go mod tidy.
Fix race conditions found by -race
move log wrapper library outside into hmage/golibs/log
Added check for active DHCP before enable
Use new log wrapper and add more functions to it.
Implement a log wrapper
/dhcp/status -- give out hostname for UI
dhcpd -- Remember hostname, for UI.
Update comment why filter_conn.go is needed.
Fixup of previous commit.
/dhcp/find_active_dhcp -- use interface name from request body
Don't try to start DHCP server if it's not enabled.
Get rid of logrus, it's TTY output is not friendly or human parseable if we will want users to send us logs.
Flag parser -- support options without values, move code for help and verbose into table.
verbose output parameter
Pretty-format leases so it shows human readable MAC address.
Start DHCP on launch if it's enabled in config.
Update makefile to detect changes in dhcpd/*.go
DHCPD — don't forget to make Lease fields public.
...
2018-12-29 20:07:14 +03:00
Eugene Bujak
4d3f1b83a6
Fix race conditions found by -race
2018-12-29 19:13:00 +03:00
Eugene Bujak
368e2d1ebd
move log wrapper library outside into hmage/golibs/log
2018-12-29 19:12:45 +03:00
Eugene Bujak
243603e04c
Fix panic when DNS query doesn't have questions.
...
Closes #491 .
2018-12-29 17:47:50 +03:00
Eugene Bujak
d8802a9709
Use new log wrapper and add more functions to it.
2018-12-29 17:37:18 +03:00
Eugene Bujak
55a7ff7447
Get rid of logrus, it's TTY output is not friendly or human parseable if we will want users to send us logs.
2018-12-29 14:55:35 +03:00
Andrey Meshkov
cc96593ebf
upd to 0.9.3, removed jedist1/xsecretbox from dependencies
2018-12-25 01:59:38 +03:00
Andrey Meshkov
3ade62301b
upgraded dnsproxy to 0.9.2
2018-12-25 00:08:51 +03:00
Andrey Meshkov
62606db1af
fix client IP address
2018-12-24 23:06:36 +03:00
Andrey Meshkov
374a0dc2e5
Fixing review comments
2018-12-24 18:47:33 +03:00
Andrey Meshkov
2bc1d737cc
fix imports
2018-12-24 16:58:48 +03:00
Andrey Meshkov
0a977fee87
changed to logrus
2018-12-24 15:27:14 +03:00
Andrey Meshkov
e711f6e5fe
Start using dnsproxy
2018-12-24 15:19:52 +03:00
Andrey Meshkov
3d17907966
upgrade dnscrypt client to v1.0.0
2018-12-18 13:24:15 +03:00
Andrey Meshkov
45626b139d
Handle cert expiration or rotation
2018-12-18 01:45:19 +03:00
Andrey Meshkov
b30b6b1d66
Fix #284
...
Added DNSCrypt upstreams support
Added DNS Stamps support
2018-12-18 01:20:38 +03:00
Eugene Bujak
1c89e1df32
Resolve into a stub page when blocked by parental or safebrowsing.
...
Closes #475 .
2018-12-11 15:09:07 +03:00
Eugene Bujak
5c4ec62d96
Check if protection is enabled before running the host through dnsfilter.
...
Closes #476 .
2018-12-11 14:20:14 +03:00
Eugene Bujak
8411de8887
Don't log ANY requests if refuseAny is enabled.
...
Closes #472 .
2018-12-07 14:12:26 +03:00
Eugene Bujak
253d8a4016
Pointer for dnsfilter.Result in querylog didn't make things simpler, revert that change and all related changes.
2018-12-06 17:27:38 +03:00
Eugene Bujak
2ba5cb48b2
Fixup of previous commit -- remove unused import.
2018-12-06 17:19:57 +03:00
Eugene Bujak
e056fb2eb9
Remove unused code.
2018-12-06 17:19:04 +03:00
Eugene Bujak
15f3c82238
dnsforward -- fix panic on ANY request
2018-12-06 16:55:05 +03:00
Eugene Bujak
0f5dd661f5
Add support for bootstrapping upstream DNS servers by hostname.
2018-12-06 00:22:20 +03:00
Eugene Bujak
ff1c19cac5
dnsforward -- support tcp:// schema
2018-12-05 21:33:32 +03:00
Eugene Bujak
2a1059107a
dnsforward -- add upstream tests.
2018-12-05 21:33:07 +03:00
Eugene Bujak
bb6c596b22
dnsforward -- add a simple test that launches a server and queries well-known value through it
2018-12-05 20:13:35 +03:00
Eugene Bujak
478ce03386
dnsforward -- implement ratelimit and refuseany
2018-12-05 18:49:19 +03:00
Eugene Bujak
b0149972cc
dnsforward -- give only ip address to querylog, without port
2018-12-05 16:57:21 +03:00
Eugene Bujak
9b43e07d7f
dnsforward -- flush querylog to file on server stop
2018-12-05 16:57:21 +03:00
Eugene Bujak
052f975762
dnsforward -- Move querylog from coredns plugin, a more complex migration with proper API took too long so a simple move was used instead to save time.
2018-12-05 16:57:21 +03:00
Eugene Bujak
e5d2f883ac
dnsforward -- Make Upstream interface give access to Address field.
2018-12-05 16:57:21 +03:00
Eugene Bujak
8396dc2fdb
Update docs for formatting in godoc.
2018-12-05 16:57:21 +03:00
Eugene Bujak
09fb539875
Simplify two lines into one line.
2018-12-05 16:57:21 +03:00
Eugene Bujak
be4b65fdca
dnsforward -- use dnsfilter before cache -- changed settings or filters would require cache invalidation otherwise
2018-12-05 16:57:21 +03:00
Eugene Bujak
0502ef6cc7
dnsforward -- initialize all dnsfilter settings at start and reconfigure
2018-12-05 16:57:21 +03:00
Eugene Bujak
7d2e39ed52
dnsfilter -- Add a convinience function to add all rules from all filters.
2018-12-05 16:57:21 +03:00
Eugene Bujak
e26837d9e8
dnsfilter -- Add parameter to New() to supply optional initial config.
2018-12-05 16:57:21 +03:00
Eugene Bujak
057db71f3b
Get rid of duplicate variable definitions
2018-12-05 16:57:21 +03:00
Eugene Bujak
87c54ebd4c
Move Filter definition from dnsforward to dnsfilter, it belongs there.
2018-12-05 16:57:21 +03:00
Eugene Bujak
a6e0a17454
dnsforward -- trim dot in the end of hostname, dnsfilter does not expect it there
2018-12-05 16:56:11 +03:00
Eugene Bujak
9d87ae95e6
dnsforward -- if given addresses without ports, assign default ports
2018-12-05 16:56:11 +03:00
Eugene Bujak
8316d39b42
Move filtering setting fields from main app to dnsforward.
2018-12-05 16:56:11 +03:00
Eugene Bujak
7120f551c8
dnsforward -- rename BlockedTTL to BlockedResponseTTL to be in line with app's config variable.
2018-12-05 16:56:11 +03:00
Eugene Bujak
e4a3564706
Fix a logical race that wasn't detectable by -race -- we were closing a connection that was already reestablished.
2018-12-05 16:56:11 +03:00
Eugene Bujak
4eb122e973
Avoid duplication of fields in filter struct.
2018-12-05 16:56:11 +03:00
Eugene Bujak
a904f85e61
dnsforward library -- default to plain DNS for high-performance testing.
2018-12-05 16:54:56 +03:00
Eugene Bujak
584f441141
dnsforward library -- introduce IsRunning()
2018-12-05 16:54:56 +03:00
Eugene Bujak
7944f23d95
dnsforward library -- consistently nullify and close listening socket when we're done with it.
2018-12-05 16:54:56 +03:00
Eugene Bujak
639b34c7d1
dnsforward library -- Fix race conditions found by -race
2018-12-05 16:54:56 +03:00
Eugene Bujak
5a548be16c
Add dns forwarding server library
2018-12-05 16:54:56 +03:00