* DNS: set default blocking mode to Null IP for A/AAAA, empty response for others

Close #1914 Squashed commit of the following: commit cb127a9a409b2f228848fb838535f3db6e9d32a9 Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Oct 2 12:37:11 2020 +0300 return empty response if not A/AAAA qtype commit 175a736d7d69619022db92a9250c382ad7fc9996 Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Oct 2 12:21:51 2020 +0300 fix commit 03aab89d2da00ede3aad6eb5a5bb2d545444a186 Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Oct 2 12:18:11 2020 +0300 fix tests commit 4225d511df910aae2df4651231c01a8a13bb937f Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Oct 2 12:02:11 2020 +0300 * DNS: set default blocking mode to Null IP for A/AAAA, NXDOMAIN for others
2020-10-02 12:51:55 +03:00
parent 128229ad73
commit 69a740714f
4 changed files with 29 additions and 16 deletions
--- a/dnsforward/msg.go
+++ b/dnsforward/msg.go
@@ -24,7 +24,10 @@ func (s *Server) genDNSFilterMessage(d *proxy.DNSContext, result *dnsfilter.Resu
 	m := d.Req

 	if m.Question[0].Qtype != dns.TypeA && m.Question[0].Qtype != dns.TypeAAAA {
-		return s.makeResponseREFUSED(m)
+		if s.conf.BlockingMode == "null_ip" {
+			return s.makeResponse(m)
+		}
+		return s.genNXDomain(m)
 	}

 	switch result.Reason {
@@ -42,13 +45,7 @@ func (s *Server) genDNSFilterMessage(d *proxy.DNSContext, result *dnsfilter.Resu

 		if s.conf.BlockingMode == "null_ip" {
 			// it means that we should return 0.0.0.0 or :: for any blocked request
-
-			switch m.Question[0].Qtype {
-			case dns.TypeA:
-				return s.genARecord(m, []byte{0, 0, 0, 0})
-			case dns.TypeAAAA:
-				return s.genAAAARecord(m, net.IPv6zero)
-			}
+			return s.makeResponseNullIP(m)

 		} else if s.conf.BlockingMode == "custom_ip" {
 			// means that we should return custom IP for any blocked request
@@ -73,11 +70,12 @@ func (s *Server) genDNSFilterMessage(d *proxy.DNSContext, result *dnsfilter.Resu

 		// Default blocking mode
 		// If there's an IP specified in the rule, return it
-		// If there is no IP, return REFUSED
+		// For host-type rules, return null IP
 		if result.IP != nil {
 			return s.genResponseWithIP(m, result.IP)
 		}
-		return s.makeResponseREFUSED(m)
+
+		return s.makeResponseNullIP(m)
 	}
 }

@@ -138,6 +136,17 @@ func (s *Server) genResponseWithIP(req *dns.Msg, ip net.IP) *dns.Msg {
 	return resp
 }

+// Respond with 0.0.0.0 for A, :: for AAAA, empty response for other types
+func (s *Server) makeResponseNullIP(req *dns.Msg) *dns.Msg {
+	if req.Question[0].Qtype == dns.TypeA {
+		return s.genARecord(req, []byte{0, 0, 0, 0})
+	} else if req.Question[0].Qtype == dns.TypeAAAA {
+		return s.genAAAARecord(req, net.IPv6zero)
+	}
+
+	return s.makeResponse(req)
+}
+
 func (s *Server) genBlockedHost(request *dns.Msg, newAddr string, d *proxy.DNSContext) *dns.Msg {

 	ip := net.ParseIP(newAddr)