+ use per-client DNS servers

2019-11-06 17:24:15 +03:00
parent b6b26c0681
commit 7313c3bc53
7 changed files with 58 additions and 6 deletions
--- a/dnsforward/dnsforward.go
+++ b/dnsforward/dnsforward.go
@@ -94,6 +94,9 @@ type FilteringConfig struct {
 	// Filtering callback function
 	FilterHandler func(clientAddr string, settings *dnsfilter.RequestFilteringSettings) `yaml:"-"`

+	// This callback function returns the list of upstream servers for a client specified by IP address
+	GetUpstreamsByClient func(clientAddr string) []string `yaml:"-"`
+
 	ProtectionEnabled bool `yaml:"protection_enabled"` // whether or not use any of dnsfilter features

 	BlockingMode       string   `yaml:"blocking_mode"`        // mode how to answer filtered requests
@@ -393,6 +396,19 @@ func (s *Server) handleDNSRequest(p *proxy.Proxy, d *proxy.DNSContext) error {
 			d.Req.Question[0].Name = dns.Fqdn(res.CanonName)
 		}

+		if d.Addr != nil && s.conf.GetUpstreamsByClient != nil {
+			clientIP, _, _ := net.SplitHostPort(d.Addr.String())
+			upstreams := s.conf.GetUpstreamsByClient(clientIP)
+			for _, us := range upstreams {
+				u, err := upstream.AddressToUpstream(us, upstream.Options{Timeout: 30 * time.Second})
+				if err != nil {
+					log.Error("upstream.AddressToUpstream: %s: %s", us, err)
+					continue
+				}
+				d.Upstreams = append(d.Upstreams, u)
+			}
+		}
+
 		// request was not filtered so let it be processed further
 		err = p.Resolve(d)
 		if err != nil {
--- a/dnsforward/dnsforward_http.go
+++ b/dnsforward/dnsforward_http.go
@@ -44,7 +44,7 @@ func (s *Server) handleSetUpstreamConfig(w http.ResponseWriter, r *http.Request)
 		return
 	}

-	err = validateUpstreams(req.Upstreams)
+	err = ValidateUpstreams(req.Upstreams)
 	if err != nil {
 		httpError(r, w, http.StatusBadRequest, "wrong upstreams specification: %s", err)
 		return
@@ -78,8 +78,8 @@ func (s *Server) handleSetUpstreamConfig(w http.ResponseWriter, r *http.Request)
 	}
 }

-// validateUpstreams validates each upstream and returns an error if any upstream is invalid or if there are no default upstreams specified
-func validateUpstreams(upstreams []string) error {
+// ValidateUpstreams validates each upstream and returns an error if any upstream is invalid or if there are no default upstreams specified
+func ValidateUpstreams(upstreams []string) error {
 	var defaultUpstreamFound bool
 	for _, u := range upstreams {
 		d, err := validateUpstream(u)
--- a/dnsforward/dnsforward_test.go
+++ b/dnsforward/dnsforward_test.go
@@ -762,21 +762,21 @@ func TestValidateUpstreamsSet(t *testing.T) {
 		"[/host.com/google.com/]8.8.8.8",
 		"[/host/]sdns://AQMAAAAAAAAAFDE3Ni4xMDMuMTMwLjEzMDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20",
 	}
-	err := validateUpstreams(upstreamsSet)
+	err := ValidateUpstreams(upstreamsSet)
 	if err == nil {
 		t.Fatalf("there is no default upstream")
 	}

 	// Let's add default upstream
 	upstreamsSet = append(upstreamsSet, "8.8.8.8")
-	err = validateUpstreams(upstreamsSet)
+	err = ValidateUpstreams(upstreamsSet)
 	if err != nil {
 		t.Fatalf("upstreams set is valid, but doesn't pass through validation cause: %s", err)
 	}

 	// Let's add invalid upstream
 	upstreamsSet = append(upstreamsSet, "dhcp://fake.dns")
-	err = validateUpstreams(upstreamsSet)
+	err = ValidateUpstreams(upstreamsSet)
 	if err == nil {
 		t.Fatalf("there is an invalid upstream in set, but it pass through validation")
 	}