+ dnsfilter: use global and per-client BlockedServices array

home/blocked_services.go

@@ -0,0 +1,70 @@
+package home
+
+import (
+	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
+	"github.com/AdguardTeam/golibs/log"
+	"github.com/AdguardTeam/urlfilter"
+)
+
+var serviceRules map[string][]*urlfilter.NetworkRule // service name -> filtering rules
+
+type svc struct {
+	name  string
+	rules []string
+}
+
+// Keep in sync with:
+// client/src/helpers/constants.js
+// client/src/components/ui/Icons.js
+var serviceRulesArray = []svc{
+	{"whatsapp", []string{"||whatsapp.net^"}},
+	{"facebook", []string{"||facebook.com^"}},
+	{"twitter", []string{"||twitter.com^", "||t.co^", "||twimg.com^"}},
+	{"youtube", []string{"||youtube.com^", "||ytimg.com^"}},
+	{"messenger", []string{"||fb.com^", "||facebook.com^"}},
+	{"twitch", []string{"||twitch.tv^", "||ttvnw.net^"}},
+	{"netflix", []string{"||nflxext.com^", "||netflix.com^"}},
+	{"instagram", []string{"||instagram.com^"}},
+	{"snapchat", []string{"||snapchat.com^"}},
+	{"discord", []string{"||discord.gg^", "||discordapp.net^", "||discordapp.com^"}},
+	{"ok", []string{"||ok.ru^"}},
+	{"skype", []string{"||skype.com^"}},
+	{"vk", []string{"||vk.com^"}},
+	{"steam", []string{"||steam.com^"}},
+	{"mail_ru", []string{"||mail.ru^"}},
+}
+
+// convert array to map
+func initServices() {
+	serviceRules = make(map[string][]*urlfilter.NetworkRule)
+	for _, s := range serviceRulesArray {
+		rules := []*urlfilter.NetworkRule{}
+		for _, text := range s.rules {
+			rule, err := urlfilter.NewNetworkRule(text, 0)
+			if err != nil {
+				log.Error("urlfilter.NewNetworkRule: %s  rule: %s", err, text)
+				continue
+			}
+			rules = append(rules, rule)
+		}
+		serviceRules[s.name] = rules
+	}
+}
+
+// ApplyBlockedServices - set blocked services settings for this DNS request
+func ApplyBlockedServices(setts *dnsfilter.RequestFilteringSettings, list []string) {
+	setts.ServicesRules = []dnsfilter.ServiceEntry{}
+	for _, name := range list {
+		rules, ok := serviceRules[name]
+
+		if !ok {
+			log.Error("unknown service name: %s", name)
+			continue
+		}
+
+		s := dnsfilter.ServiceEntry{}
+		s.Name = name
+		s.Rules = rules
+		setts.ServicesRules = append(setts.ServicesRules, s)
+	}
+}

home/dns.go

@@ -54,6 +54,7 @@ func initDNSServer(baseDir string) {
 		log.Error("upstream.AddressToUpstream: %s", err)
 		return
 	}
+
 	config.dnsctx.rdnsIP = make(map[string]bool)
 	config.dnsctx.rdnsChannel = make(chan string, 256)
 	go asyncRDNSLoop()
@@ -210,19 +211,35 @@ func generateServerConfig() (dnsforward.ServerConfig, error) {
 	newconfig.Upstreams = upstreamConfig.Upstreams
 	newconfig.DomainsReservedUpstreams = upstreamConfig.DomainReservedUpstreams
 	newconfig.AllServers = config.DNS.AllServers
-	newconfig.FilterHandler = applyClientSettings
+	newconfig.FilterHandler = applyAdditionalFiltering
 	newconfig.OnDNSRequest = onDNSRequest
 	return newconfig, nil
 }
 
 // If a client has his own settings, apply them
-func applyClientSettings(clientAddr string, setts *dnsfilter.RequestFilteringSettings) {
+func applyAdditionalFiltering(clientAddr string, setts *dnsfilter.RequestFilteringSettings) {
+
+	ApplyBlockedServices(setts, config.DNS.BlockedServices)
+
+	if len(clientAddr) == 0 {
+		return
+	}
+
 	c, ok := config.clients.Find(clientAddr)
-	if !ok || !c.UseOwnSettings {
+	if !ok {
 		return
 	}
 
 	log.Debug("Using settings for client with IP %s", clientAddr)
+
+	if c.UseOwnBlockedServices {
+		ApplyBlockedServices(setts, c.BlockedServices)
+	}
+
+	if !c.UseOwnSettings {
+		return
+	}
+
 	setts.FilteringEnabled = c.FilteringEnabled
 	setts.SafeSearchEnabled = c.SafeSearchEnabled
 	setts.SafeBrowsingEnabled = c.SafeBrowsingEnabled

home/home.go

@@ -101,6 +101,7 @@ func run(args options) {
 
 	initConfig()
 	config.clients.Init()
+	initServices()
 
 	if !config.firstRun {
 		// Do the upgrade if necessary