+ dns: support blocking_mode=custom_ip

dnsforward/dnsforward.go

@@ -99,7 +99,12 @@ type FilteringConfig struct {
 
 	ProtectionEnabled bool `yaml:"protection_enabled"` // whether or not use any of dnsfilter features
 
-	BlockingMode       string   `yaml:"blocking_mode"`        // mode how to answer filtered requests
+	BlockingMode     string `yaml:"blocking_mode"` // mode how to answer filtered requests
+	BlockingIPv4     string `yaml:"blocking_ipv4"` // IP address to be returned for a blocked A request
+	BlockingIPv6     string `yaml:"blocking_ipv6"` // IP address to be returned for a blocked AAAA request
+	BlockingIPAddrv4 net.IP `yaml:"-"`
+	BlockingIPAddrv6 net.IP `yaml:"-"`
+
 	BlockedResponseTTL uint32   `yaml:"blocked_response_ttl"` // if 0, then default is used (3600)
 	Ratelimit          uint32   `yaml:"ratelimit"`            // max number of requests per second from a given IP (0 to disable)
 	RatelimitWhitelist []string `yaml:"ratelimit_whitelist"`  // a list of whitelisted client IP addresses
@@ -657,6 +662,14 @@ func (s *Server) genDNSFilterMessage(d *proxy.DNSContext, result *dnsfilter.Resu
 			case dns.TypeAAAA:
 				return s.genAAAARecord(m, net.IPv6zero)
 			}
+
+		} else if s.conf.BlockingMode == "custom_ip" {
+			switch m.Question[0].Qtype {
+			case dns.TypeA:
+				return s.genARecord(m, s.conf.BlockingIPAddrv4)
+			case dns.TypeAAAA:
+				return s.genAAAARecord(m, s.conf.BlockingIPAddrv6)
+			}
 		}
 
 		return s.genNXDomain(m)