feat: add dns.ipset_file setting
This commit is contained in:
hellodword
@@ -131,6 +131,10 @@ type FilteringConfig struct {
|
||||
// DOMAIN[,DOMAIN].../IPSET_NAME
|
||||
//
|
||||
IpsetList []string `yaml:"ipset"`
|
||||
|
||||
// IpsetListFileName, if set, points to the file with ipset configuration.
|
||||
// The format is the same as in IpsetList.
|
||||
IpsetListFileName string `yaml:"ipset_file"`
|
||||
}
|
||||
|
||||
// TLSConfig is the TLS configuration for HTTPS, DNS-over-HTTPS, and DNS-over-TLS
|
||||
@@ -501,3 +505,22 @@ func (s *Server) onGetCertificate(ch *tls.ClientHelloInfo) (*tls.Certificate, er
|
||||
}
|
||||
return &s.conf.cert, nil
|
||||
}
|
||||
|
||||
// prepareIpsetListSettings - prepares ipset list settings
|
||||
func (s *Server) prepareIpsetListSettings() error {
|
||||
var ipsets []string
|
||||
if s.conf.IpsetListFileName != "" {
|
||||
data, err := os.ReadFile(s.conf.IpsetListFileName)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ipsets = stringutil.SplitTrimmed(string(data), "\n")
|
||||
|
||||
log.Debug("dns: using %d ipset list from file %s", len(ipsets), s.conf.IpsetListFileName)
|
||||
} else {
|
||||
ipsets = s.conf.IpsetList
|
||||
}
|
||||
|
||||
return s.ipset.init(ipsets)
|
||||
}
|
||||
|
||||
@@ -446,7 +446,7 @@ func (s *Server) Prepare(conf *ServerConfig) (err error) {
|
||||
|
||||
s.initDefaultSettings()
|
||||
|
||||
err = s.ipset.init(s.conf.IpsetList)
|
||||
err = s.prepareIpsetListSettings()
|
||||
if err != nil {
|
||||
// Don't wrap the error, because it's informative enough as is.
|
||||
return err
|
||||
|
||||
Reference in New Issue
Block a user