daxi20/AdGuardHome
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* dnsfilter: change DNS answer for host rules

Browse Source 
When matched by a host rule, return only the IP address specified in rule.
Respond with an empty IP list to another request type.

:: host -- return nothing to A, return :: to AAAA request
0.0.0.0 host -- return 0.0.0.0 to A, return nothing to AAAA request
This commit is contained in:
Simon Zolin
2020-01-09 19:31:14 +03:00
parent 94d86eee10
commit 8d2a9ce923
3 changed files with 19 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
dnsfilter/dnsfilter_test.go
View File

@@ -98,7 +98,7 @@ func (d *Dnsfilter) checkMatchEmpty(t *testing.T, hostname string) {
func TestEtcHostsMatching(t *testing.T) {
addr := "216.239.38.120"
addr6 := "::1"
text := fmt.Sprintf(" %s google.com www.google.com # enforce google's safesearch \n%s google.com\n0.0.0.0 block.com\n",
text := fmt.Sprintf(" %s google.com www.google.com # enforce google's safesearch \n%s ipv6.com\n0.0.0.0 block.com\n",
addr, addr6)
filters := make(map[int]string)
filters[0] = text
@@ -110,12 +110,19 @@ func TestEtcHostsMatching(t *testing.T) {
d.checkMatchEmpty(t, "subdomain.google.com")
d.checkMatchEmpty(t, "example.org")
// IPv6 address
d.checkMatchIP(t, "google.com", addr6, dns.TypeAAAA)
// block both IPv4 and IPv6
// IPv4
d.checkMatchIP(t, "block.com", "0.0.0.0", dns.TypeA)
d.checkMatchIP(t, "block.com", "::", dns.TypeAAAA)
// ...but empty IPv6
ret, err := d.CheckHost("block.com", dns.TypeAAAA, &setts)
assert.True(t, err == nil && ret.IsFiltered && ret.IP != nil && len(ret.IP) == 0)
// IPv6
d.checkMatchIP(t, "ipv6.com", addr6, dns.TypeAAAA)
// ...but empty IPv4
ret, err = d.CheckHost("ipv6.com", dns.TypeA, &setts)
assert.True(t, err == nil && ret.IsFiltered && ret.IP != nil && len(ret.IP) == 0)
}
// SAFE BROWSING