Bump version to v0.92-hotfix2

Merge pull request #131 in DNS/adguard-dns from fix/521 to master
* commit 'c4ba2849643b27a0b454fe83a4a87f7c46138038': fix tests Added TCPListenAddr
2019-01-11 15:28:16 +03:00 · 2019-01-09 12:50:55 +03:00 · 2019-01-05 22:24:07 +03:00 · 2019-01-05 22:15:20 +03:00 · 2019-01-04 22:18:53 +03:00 · 2019-01-04 22:12:43 +03:00
119 changed files with 8290 additions and 3093 deletions
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1 @@
+client/* linguist-vendored
--- a/.gitignore
+++ b/.gitignore
@@ -1,12 +1,16 @@
 .DS_Store
-.vscode
-debug
+/.vscode
+/.idea
 /AdGuardHome
 /AdGuardHome.yaml
+/data/
 /build/
 /client/node_modules/
-/coredns
-/Corefile
-/dnsfilter.txt
 /querylog.json
-/querylog.json.1
+/querylog.json.1
+/scripts/translations/node_modules
+/scripts/translations/oneskyapp.json
+
+# Test output
+dnsfilter/dnsfilter.TestLotsOfRules*.pprof
+tests/top-1m.csv
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,20 +1,30 @@
 language: go
 sudo: false
 go:
-  - 1.10.x
  - 1.11.x
  - 1.x

+cache:
+  directories:
+    - $HOME/.cache/go-build
+    - $HOME/gopath/pkg/mod
+    - $HOME/Library/Caches/go-build
+
 os:
  - linux
  - osx

+before_install:
+  - nvm install node
+  - npm install -g npm
+
 install:
-  - go get -v -d -t ./...
  - npm --prefix client install

 script:
-  - (cd `go env GOPATH`/src/github.com/prometheus/client_golang && git checkout -q v0.8.0)
+  - node -v
+  - npm -v
  - go test ./...
+  - make build/static/index.html
  - make

--- a/Dockerfile.arm
+++ b/Dockerfile.arm
@@ -0,0 +1,48 @@
+FROM easypi/alpine-arm:latest
+LABEL maintainer="Erik Rogers <erik.rogers@live.com>"
+
+# AdGuard version
+ARG ADGUARD_VERSION="0.92-hotfix2"
+ENV ADGUARD_VERSION $ADGUARD_VERSION
+
+# AdGuard architecture and package info
+ARG ADGUARD_ARCH="linux_arm"
+ENV ADGUARD_ARCH ${ADGUARD_ARCH}
+ENV ADGUARD_PACKAGE "AdGuardHome_v${ADGUARD_VERSION}_${ADGUARD_ARCH}"
+
+# AdGuard release info
+ARG ADGUARD_ARCHIVE="${ADGUARD_PACKAGE}.tar.gz"
+ENV ADGUARD_ARCHIVE ${ADGUARD_ARCHIVE}
+ARG ADGUARD_RELEASE="https://github.com/AdguardTeam/AdGuardHome/releases/download/v${ADGUARD_VERSION}/${ADGUARD_ARCHIVE}"
+ENV ADGUARD_RELEASE ${ADGUARD_RELEASE}
+
+# AdGuard directory
+ARG ADGUARD_DIR="/data/adguard"
+ENV ADGUARD_DIR ${ADGUARD_DIR}
+
+# Update CA certs and download AdGuard binaries
+RUN apk --no-cache --update add ca-certificates \
+  && cd /tmp \
+  && wget ${ADGUARD_RELEASE} \
+  && tar xvf ${ADGUARD_ARCHIVE} \
+  && mkdir -p "${ADGUARD_DIR}" \
+  && cp "AdGuardHome/AdGuardHome" "${ADGUARD_DIR}" \
+  && chmod +x "${ADGUARD_DIR}/AdGuardHome" \
+  && rm -rf "AdGuardHome" \
+  && rm ${ADGUARD_ARCHIVE}
+
+# Expose DNS port 53
+EXPOSE 53
+
+# Expose UI port 3000
+ARG ADGUARD_UI_HOST="0.0.0.0"
+ENV ADGUARD_UI_HOST ${ADGUARD_UI_HOST}
+ARG ADGUARD_UI_PORT="3000"
+ENV ADGUARD_UI_PORT ${ADGUARD_UI_PORT}
+
+EXPOSE ${ADGUARD_UI_PORT}
+
+# Run AdGuardHome
+WORKDIR ${ADGUARD_DIR}
+VOLUME ${ADGUARD_DIR}
+ENTRYPOINT ./AdGuardHome --host ${ADGUARD_UI_HOST} --port ${ADGUARD_UI_PORT}
--- a/Dockerfile.linux
+++ b/Dockerfile.linux
@@ -0,0 +1,48 @@
+FROM alpine:latest
+LABEL maintainer="Erik Rogers <erik.rogers@live.com>"
+
+# AdGuard version
+ARG ADGUARD_VERSION="0.92-hotfix2"
+ENV ADGUARD_VERSION $ADGUARD_VERSION
+
+# AdGuard architecture and package info
+ARG ADGUARD_ARCH="linux_386"
+ENV ADGUARD_ARCH ${ADGUARD_ARCH}
+ENV ADGUARD_PACKAGE "AdGuardHome_v${ADGUARD_VERSION}_${ADGUARD_ARCH}"
+
+# AdGuard release info
+ARG ADGUARD_ARCHIVE="${ADGUARD_PACKAGE}.tar.gz"
+ENV ADGUARD_ARCHIVE ${ADGUARD_ARCHIVE}
+ARG ADGUARD_RELEASE="https://github.com/AdguardTeam/AdGuardHome/releases/download/v${ADGUARD_VERSION}/${ADGUARD_ARCHIVE}"
+ENV ADGUARD_RELEASE ${ADGUARD_RELEASE}
+
+# AdGuard directory
+ARG ADGUARD_DIR="/data/adguard"
+ENV ADGUARD_DIR ${ADGUARD_DIR}
+
+# Update CA certs and download AdGuard binaries
+RUN apk --no-cache --update add ca-certificates \
+  && cd /tmp \
+  && wget ${ADGUARD_RELEASE} \
+  && tar xvf ${ADGUARD_ARCHIVE} \
+  && mkdir -p "${ADGUARD_DIR}" \
+  && cp "AdGuardHome/AdGuardHome" "${ADGUARD_DIR}" \
+  && chmod +x "${ADGUARD_DIR}/AdGuardHome" \
+  && rm -rf "AdGuardHome" \
+  && rm ${ADGUARD_ARCHIVE}
+
+# Expose DNS port 53
+EXPOSE 53
+
+# Expose UI port 3000
+ARG ADGUARD_UI_HOST="0.0.0.0"
+ENV ADGUARD_UI_HOST ${ADGUARD_UI_HOST}
+ARG ADGUARD_UI_PORT="3000"
+ENV ADGUARD_UI_PORT ${ADGUARD_UI_PORT}
+
+EXPOSE ${ADGUARD_UI_PORT}
+
+# Run AdGuardHome
+WORKDIR ${ADGUARD_DIR}
+VOLUME ${ADGUARD_DIR}
+ENTRYPOINT ./AdGuardHome --host ${ADGUARD_UI_HOST} --port ${ADGUARD_UI_PORT}
--- a/Dockerfile.linux64
+++ b/Dockerfile.linux64
@@ -0,0 +1,48 @@
+FROM alpine:latest
+LABEL maintainer="Erik Rogers <erik.rogers@live.com>"
+
+# AdGuard version
+ARG ADGUARD_VERSION="0.92-hotfix2"
+ENV ADGUARD_VERSION $ADGUARD_VERSION
+
+# AdGuard architecture and package info
+ARG ADGUARD_ARCH="linux_amd64"
+ENV ADGUARD_ARCH ${ADGUARD_ARCH}
+ENV ADGUARD_PACKAGE "AdGuardHome_v${ADGUARD_VERSION}_${ADGUARD_ARCH}"
+
+# AdGuard release info
+ARG ADGUARD_ARCHIVE="${ADGUARD_PACKAGE}.tar.gz"
+ENV ADGUARD_ARCHIVE ${ADGUARD_ARCHIVE}
+ARG ADGUARD_RELEASE="https://github.com/AdguardTeam/AdGuardHome/releases/download/v${ADGUARD_VERSION}/${ADGUARD_ARCHIVE}"
+ENV ADGUARD_RELEASE ${ADGUARD_RELEASE}
+
+# AdGuard directory
+ARG ADGUARD_DIR="/data/adguard"
+ENV ADGUARD_DIR ${ADGUARD_DIR}
+
+# Update CA certs and download AdGuard binaries
+RUN apk --no-cache --update add ca-certificates \
+  && cd /tmp \
+  && wget ${ADGUARD_RELEASE} \
+  && tar xvf ${ADGUARD_ARCHIVE} \
+  && mkdir -p "${ADGUARD_DIR}" \
+  && cp "AdGuardHome/AdGuardHome" "${ADGUARD_DIR}" \
+  && chmod +x "${ADGUARD_DIR}/AdGuardHome" \
+  && rm -rf "AdGuardHome" \
+  && rm ${ADGUARD_ARCHIVE}
+
+# Expose DNS port 53
+EXPOSE 53
+
+# Expose UI port 3000
+ARG ADGUARD_UI_HOST="0.0.0.0"
+ENV ADGUARD_UI_HOST ${ADGUARD_UI_HOST}
+ARG ADGUARD_UI_PORT="3000"
+ENV ADGUARD_UI_PORT ${ADGUARD_UI_PORT}
+
+EXPOSE ${ADGUARD_UI_PORT}
+
+# Run AdGuardHome
+WORKDIR ${ADGUARD_DIR}
+VOLUME ${ADGUARD_DIR}
+ENTRYPOINT ./AdGuardHome --host ${ADGUARD_UI_HOST} --port ${ADGUARD_UI_PORT}
--- a/20
+++ b/20
@@ -1,9 +1,7 @@
 GIT_VERSION := $(shell git describe --abbrev=4 --dirty --always --tags)
 NATIVE_GOOS = $(shell unset GOOS; go env GOOS)
 NATIVE_GOARCH = $(shell unset GOARCH; go env GOARCH)
-mkfile_path := $(abspath $(lastword $(MAKEFILE_LIST)))
-mkfile_dir := $(patsubst %/,%,$(dir $(mkfile_path)))
-GOPATH := $(mkfile_dir)/build/gopath
+GOPATH := $(shell go env GOPATH)
 JSFILES = $(shell find client -path client/node_modules -prune -o -type f -name '*.js')
 STATIC = build/static/index.html

@@ -21,16 +19,12 @@ client/node_modules: client/package.json client/package-lock.json
 $(STATIC): $(JSFILES) client/node_modules
 	npm --prefix client run build-prod

-$(TARGET): $(STATIC) *.go coredns_plugin/*.go dnsfilter/*.go
-	mkdir -p $(GOPATH)/src/github.com/AdguardTeam
-	if [ ! -h $(GOPATH)/src/github.com/AdguardTeam/AdGuardHome ]; then rm -rf $(GOPATH)/src/github.com/AdguardTeam/AdGuardHome && ln -fs ../../../../.. $(GOPATH)/src/github.com/AdguardTeam/AdGuardHome; fi
-	GOPATH=$(GOPATH) go get -v -d .
-	GOPATH=$(GOPATH) GOOS=$(NATIVE_GOOS) GOARCH=$(NATIVE_GOARCH) go get -v github.com/gobuffalo/packr/...
-	mkdir -p $(GOPATH)/src/github.com/AdguardTeam/AdGuardHome/build/static ## work around packr bug
-	cd $(GOPATH)/src/github.com/prometheus/client_golang && git reset --hard v0.8.0
-	perl -0777 -p -i.bak -e 's/pprofOnce.Do\(func\(\) {(.*)}\)/\1/ms' $(GOPATH)/src/github.com/coredns/coredns/plugin/pprof/setup.go
-	perl -0777 -p -i.bak -e 's/c.OnShutdown/c.OnRestart/' $(GOPATH)/src/github.com/coredns/coredns/plugin/pprof/setup.go
-	GOPATH=$(GOPATH) PATH=$(GOPATH)/bin:$(PATH) packr build -ldflags="-X main.VersionString=$(GIT_VERSION)" -o $(TARGET)
+$(TARGET): $(STATIC) *.go dhcpd/*.go dnsfilter/*.go dnsforward/*.go
+	go get -d .
+	GOOS=$(NATIVE_GOOS) GOARCH=$(NATIVE_GOARCH) GO111MODULE=off go get -v github.com/gobuffalo/packr/...
+	PATH=$(GOPATH)/bin:$(PATH) packr -z
+	CGO_ENABLED=0 go build -ldflags="-s -w -X main.VersionString=$(GIT_VERSION)" -asmflags="-trimpath=$(PWD)" -gcflags="-trimpath=$(PWD)"
+	PATH=$(GOPATH)/bin:$(PATH) packr clean

 clean:
 	$(MAKE) cleanfast
--- a/README.md
+++ b/README.md
@@ -51,19 +51,33 @@ In the future, AdGuard Home is supposed to become more than just a DNS server.

 ### Mac

-Download this file: [AdguardDNS_0.9_MacOS.zip](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.9/AdguardDNS_0.9_MacOS.zip), then unpack it and follow ["How to run"](#how-to-run) instructions below.
+Download this file: [AdGuardHome_v0.92-hotfix2_MacOS.zip](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92-hotfix2/AdGuardHome_v0.92-hotfix2_MacOS.zip), then unpack it and follow ["How to run"](#how-to-run) instructions below.
+
+### Windows 64-bit
+
+Download this file: [AdGuardHome_v0.92-hotfix2_Windows.zip](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92-hotfix2/AdGuardHome_v0.92-hotfix2_Windows.zip), then unpack it and follow ["How to run"](#how-to-run) instructions below.

 ### Linux 64-bit Intel

-Download this file: [AdguardDNS_0.9_linux_amd64.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.9/AdguardDNS_0.9_linux_amd64.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.
+Download this file: [AdGuardHome_v0.92-hotfix2_linux_amd64.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92-hotfix2/AdGuardHome_v0.92-hotfix2_linux_amd64.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.

 ### Linux 32-bit Intel

-Download this file: [AdguardDNS_0.9_linux_386.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.9/AdguardDNS_0.9_linux_386.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.
+Download this file: [AdGuardHome_v0.92-hotfix2_linux_386.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92-hotfix2/AdGuardHome_v0.92-hotfix2_linux_386.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.

 ### Raspberry Pi (32-bit ARM)

-Download this file: [AdguardDNS_0.9_linux_arm.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.9/AdguardDNS_0.9_linux_arm.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.
+Download this file: [AdGuardHome_v0.92-hotfix2_linux_arm.tar.gz](https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.92-hotfix2/AdGuardHome_v0.92-hotfix2_linux_arm.tar.gz), then unpack it and follow ["How to run"](#how-to-run) instructions below.
+
+## How to update
+
+We have not yet implemented an auto-update of AdGuard Home, but it is planned for future versions: #448.
+
+At the moment, the update procedure is manual:
+
+1. Download the new AdGuard Home binary.
+2. Replace the old file with the new one.
+3. Restart AdGuard Home.

 ## How to run

@@ -77,10 +91,26 @@ Now open the browser and navigate to http://localhost:3000/ to control your AdGu

 ### Running without superuser

-You can run AdGuard Home without superuser privileges, but you need to instruct it to use a different port rather than 53. You can do that by editing `AdGuardHome.yaml` and finding these two lines:
+You can run AdGuard Home without superuser privileges, but you need to either grant the binary a capability (on Linux) or instruct it to use a different port (all platforms).
+
+#### Granting the CAP_NET_BIND_SERVICE capability (on Linux)
+
+Note: using this method requires the `setcap` utility.  You may need to install it using your Linux distribution's package manager.
+
+To allow AdGuard Home running on Linux to listen on port 53 without superuser privileges, run:
+
+```bash
+sudo setcap CAP_NET_BIND_SERVICE=+eip ./AdGuardHome
+```
+
+Then run `./AdGuardHome` as a unprivileged user.
+
+#### Changing the DNS listen port
+
+To configure AdGuard Home to listen on a port that does not require superuser privileges, edit `AdGuardHome.yaml` and find these two lines:

 ```yaml
-coredns:
+dns:
  port: 53
 ```

@@ -94,23 +124,32 @@ Upon the first execution, a file named `AdGuardHome.yaml` will be created, with

 Settings are stored in [YAML format](https://en.wikipedia.org/wiki/YAML), possible parameters that you can configure are listed below:

- * `bind_host` — Web interface IP address to listen on
- * `bind_port` — Web interface IP port to listen on
- * `auth_name` — Web interface optional authorization username
- * `auth_pass` — Web interface optional authorization password
- * `coredns` — CoreDNS configuration section
-   * `port` — DNS server port to listen on
-   * `filtering_enabled` — Filtering of DNS requests based on filter lists
-   * `safebrowsing_enabled` — Filtering of DNS requests based on safebrowsing
-   * `safesearch_enabled` — Enforcing "Safe search" option for search engines, when possible
-   * `parental_enabled` — Parental control-based DNS requests filtering
-   * `parental_sensitivity` — Age group for parental control-based filtering, must be either 3, 10, 13 or 17
-   * `querylog_enabled` — Query logging (also used to calculate top 50 clients, blocked domains and requested domains for statistic purposes)
-   * `upstream_dns` — List of upstream DNS servers
+ * `bind_host` — Web interface IP address to listen on.
+ * `bind_port` — Web interface IP port to listen on.
+ * `auth_name` — Web interface optional authorization username.
+ * `auth_pass` — Web interface optional authorization password.
+ * `dns` — DNS configuration section.
+   * `port` — DNS server port to listen on.
+   * `protection_enabled` — Whether any kind of filtering and protection should be done, when off it works as a plain dns forwarder.
+   * `filtering_enabled` — Filtering of DNS requests based on filter lists.
+   * `blocked_response_ttl` — For how many seconds the clients should cache a filtered response. Low values are useful on LAN if you change filters very often, high values are useful to increase performance and save traffic.
+   * `querylog_enabled` — Query logging (also used to calculate top 50 clients, blocked domains and requested domains for statistical purposes).
+   * `ratelimit` — DDoS protection, specifies in how many packets per second a client should receive. Anything above that is silently dropped. To disable set 0, default is 20. Safe to disable if DNS server is not available from internet.
+   * `ratelimit_whitelist` — If you want exclude some IP addresses from ratelimiting but keep ratelimiting on for others, put them here.
+   * `refuse_any` — Another DDoS protection mechanism. Requests of type ANY are rarely needed, so refusing to serve them mitigates against attackers trying to use your DNS as a reflection. Safe to disable if DNS server is not available from internet.
+   * `bootstrap_dns` — DNS server used for initial hostname resolution in case if upstream server name is a hostname.
+   * `parental_sensitivity` — Age group for parental control-based filtering, must be either 3, 10, 13 or 17 if enabled.
+   * `parental_enabled` — Parental control-based DNS requests filtering.
+   * `safesearch_enabled` — Enforcing "Safe search" option for search engines, when possible.
+   * `safebrowsing_enabled` — Filtering of DNS requests based on safebrowsing.
+   * `upstream_dns` — List of upstream DNS servers.
 * `filters` — List of filters, each filter has the following values:
-   * `url` — URL pointing to the filter contents (filtering rules)
-   * `enabled` — Current filter's status (enabled/disabled)
- * `user_rules` — User-specified filtering rules
+   * `enabled` — Current filter's status (enabled/disabled).
+   * `url` — URL pointing to the filter contents (filtering rules).
+   * `name` — Name of the filter. If it's an adguard syntax filter it will get updated automatically, otherwise it stays unchanged.
+   * `last_updated` — Time when the filter was last updated from server.
+   * `ID` - filter ID (must be unique).
+ * `user_rules` — User-specified filtering rules.

 Removing an entry from settings file will reset it to the default value. Deleting the file will reset all settings to the default values.

@@ -120,7 +159,7 @@ Removing an entry from settings file will reset it to the default value. Deletin

 You will need:

- * [go](https://golang.org/dl/)
+ * [go](https://golang.org/dl/) v1.11 or later.
 * [node.js](https://nodejs.org/en/download/)

 You can either install it via the provided links or use [brew.sh](https://brew.sh/) if you're on Mac:
@@ -143,6 +182,40 @@ make

 You are welcome to fork this repository, make your changes and submit a pull request — https://github.com/AdguardTeam/AdGuardHome/pulls

+### How to update translations
+
+If you want to help with AdGuard Home translations, please learn more about translating AdGuard products here: https://kb.adguard.com/en/general/adguard-translations
+
+Here is a direct link to AdGuard Home project: http://translate.adguard.com/collaboration/project?id=153384
+
+Before updating translations you need to install dependencies:
+```
+cd scripts/translations
+npm install
+```
+
+Create file `oneskyapp.json` in `scripts/translations` folder.
+
+Example of `oneskyapp.json`
+```
+{
+    "url": "https://platform.api.onesky.io/1/projects/",
+    "projectId": <PROJECT ID>,
+    "apiKey": <API KEY>,
+    "secretKey": <SECRET KEY>
+}
+```
+
+#### Upload translations
+```
+node upload.js
+```
+
+#### Download translations
+```
+node download.js
+```
+
 ## Reporting issues

 If you run into any problem or have a suggestion, head to [this page](https://github.com/AdguardTeam/AdGuardHome/issues) and click on the `New issue` button.
@@ -152,7 +225,6 @@ If you run into any problem or have a suggestion, head to [this page](https://gi
 This software wouldn't have been possible without:

 * [Go](https://golang.org/dl/) and it's libraries:
-   * [CoreDNS](https://coredns.io)
   * [packr](https://github.com/gobuffalo/packr)
   * [gcache](https://github.com/bluele/gcache)
   * [miekg's dns](https://github.com/miekg/dns)
@@ -163,4 +235,6 @@ This software wouldn't have been possible without:
   * And many more node.js packages.
 * [whotracks.me data](https://github.com/cliqz-oss/whotracks.me)

+You might have seen that [CoreDNS](https://coredns.io) was mentioned here before — we've stopped using it in AdGuardHome. While we still use it on our servers for [AdGuard DNS](https://adguard.com/adguard-dns/overview.html) service, it seemed like an overkill for Home as it impeded with Home features that we plan to implement.
+
 For a full list of all node.js packages in use, please take a look at [client/package.json](https://github.com/AdguardTeam/AdGuardHome/blob/master/client/package.json) file.
--- a/app.go
+++ b/app.go
@@ -3,14 +3,17 @@ package main
 import (
 	"bufio"
 	"fmt"
-	"log"
 	"net"
 	"net/http"
 	"os"
+	"os/signal"
 	"path/filepath"
 	"strconv"
+	"syscall"
+	"time"

 	"github.com/gobuffalo/packr"
+	"github.com/hmage/golibs/log"
 	"golang.org/x/crypto/ssh/terminal"
 )

@@ -25,35 +28,46 @@ func main() {
 		if err != nil {
 			panic(err)
 		}
-		config.ourBinaryDir = filepath.Dir(executable)
-	}

-	doConfigRename := true
+		executableName := filepath.Base(executable)
+		if executableName == "AdGuardHome" {
+			// Binary build
+			config.ourBinaryDir = filepath.Dir(executable)
+		} else {
+			// Most likely we're debugging -- using current working directory in this case
+			workDir, _ := os.Getwd()
+			config.ourBinaryDir = workDir
+		}
+		log.Printf("Current working directory is %s", config.ourBinaryDir)
+	}

 	// config can be specified, which reads options from there, but other command line flags have to override config values
 	// therefore, we must do it manually instead of using a lib
 	{
+		var printHelp func()
 		var configFilename *string
 		var bindHost *string
 		var bindPort *int
 		var opts = []struct {
-			longName    string
-			shortName   string
-			description string
-			callback    func(value string)
+			longName          string
+			shortName         string
+			description       string
+			callbackWithValue func(value string)
+			callbackNoValue   func()
 		}{
-			{"config", "c", "path to config file", func(value string) { configFilename = &value }},
-			{"host", "h", "host address to bind HTTP server on", func(value string) { bindHost = &value }},
+			{"config", "c", "path to config file", func(value string) { configFilename = &value }, nil},
+			{"host", "h", "host address to bind HTTP server on", func(value string) { bindHost = &value }, nil},
 			{"port", "p", "port to serve HTTP pages on", func(value string) {
 				v, err := strconv.Atoi(value)
 				if err != nil {
 					panic("Got port that is not a number")
 				}
 				bindPort = &v
-			}},
-			{"help", "h", "print this help", nil},
+			}, nil},
+			{"verbose", "v", "enable verbose output", nil, func() { log.Verbose = true }},
+			{"help", "h", "print this help", nil, func() { printHelp(); os.Exit(64) }},
 		}
-		printHelp := func() {
+		printHelp = func() {
 			fmt.Printf("Usage:\n\n")
 			fmt.Printf("%s [options]\n\n", os.Args[0])
 			fmt.Printf("Options:\n")
@@ -63,30 +77,19 @@ func main() {
 		}
 		for i := 1; i < len(os.Args); i++ {
 			v := os.Args[i]
-			// short-circuit for help
-			if v == "--help" || v == "-h" {
-				printHelp()
-				os.Exit(64)
-			}
 			knownParam := false
 			for _, opt := range opts {
-				if v == "--"+opt.longName {
-					if i+1 > len(os.Args) {
-						log.Printf("ERROR: Got %s without argument\n", v)
-						os.Exit(64)
+				if v == "--"+opt.longName || v == "-"+opt.shortName {
+					if opt.callbackWithValue != nil {
+						if i+1 > len(os.Args) {
+							log.Printf("ERROR: Got %s without argument\n", v)
+							os.Exit(64)
+						}
+						i++
+						opt.callbackWithValue(os.Args[i])
+					} else if opt.callbackNoValue != nil {
+						opt.callbackNoValue()
 					}
-					i++
-					opt.callback(os.Args[i])
-					knownParam = true
-					break
-				}
-				if v == "-"+opt.shortName {
-					if i+1 > len(os.Args) {
-						log.Printf("ERROR: Got %s without argument\n", v)
-						os.Exit(64)
-					}
-					i++
-					opt.callback(os.Args[i])
 					knownParam = true
 					break
 				}
@@ -98,19 +101,16 @@ func main() {
 			}
 		}
 		if configFilename != nil {
-			// config was manually specified, don't do anything
-			doConfigRename = false
 			config.ourConfigFilename = *configFilename
 		}

-		if doConfigRename {
-			err := renameOldConfigIfNeccessary()
-			if err != nil {
-				panic(err)
-			}
+		err := askUsernamePasswordIfPossible()
+		if err != nil {
+			log.Fatal(err)
 		}

-		err := askUsernamePasswordIfPossible()
+		// Do the upgrade if necessary
+		err = upgradeConfig()
 		if err != nil {
 			log.Fatal(err)
 		}
@@ -120,6 +120,8 @@ func main() {
 		if err != nil {
 			log.Fatal(err)
 		}
+
+		// override bind host/port from the console
 		if bindHost != nil {
 			config.BindHost = *bindHost
 		}
@@ -128,19 +130,51 @@ func main() {
 		}
 	}

-	// eat all args so that coredns can start happily
-	if len(os.Args) > 1 {
-		os.Args = os.Args[:1]
+	// Load filters from the disk
+	// And if any filter has zero ID, assign a new one
+	for i := range config.Filters {
+		filter := &config.Filters[i] // otherwise we're operating on a copy
+		if filter.ID == 0 {
+			filter.ID = assignUniqueFilterID()
+		}
+		err := filter.load()
+		if err != nil {
+			// This is okay for the first start, the filter will be loaded later
+			log.Printf("Couldn't load filter %d contents due to %s", filter.ID, err)
+			// clear LastUpdated so it gets fetched right away
+		}
+		if len(filter.Rules) == 0 {
+			filter.LastUpdated = time.Time{}
+		}
 	}

-	err := writeConfig()
+	// Update filters we've just loaded right away, don't wait for periodic update timer
+	go func() {
+		refreshFiltersIfNeccessary(false)
+		// Save the updated config
+		err := config.write()
+		if err != nil {
+			log.Fatal(err)
+		}
+	}()
+
+	signalChannel := make(chan os.Signal)
+	signal.Notify(signalChannel, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP, syscall.SIGQUIT)
+	go func() {
+		<-signalChannel
+		cleanup()
+		os.Exit(0)
+	}()
+
+	// Save the updated config
+	err := config.write()
 	if err != nil {
 		log.Fatal(err)
 	}

 	address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.BindPort))

-	runFilterRefreshers()
+	go periodicallyRefreshFilters()

 	http.Handle("/", optionalAuthHandler(http.FileServer(box)))
 	registerControlHandlers()
@@ -150,11 +184,23 @@ func main() {
 		log.Fatal(err)
 	}

+	err = startDHCPServer()
+	if err != nil {
+		log.Fatal(err)
+	}
+
 	URL := fmt.Sprintf("http://%s", address)
 	log.Println("Go to " + URL)
 	log.Fatal(http.ListenAndServe(address, nil))
 }

+func cleanup() {
+	err := stopDNSServer()
+	if err != nil {
+		log.Printf("Couldn't stop DNS server: %s", err)
+	}
+}
+
 func getInput() (string, error) {
 	scanner := bufio.NewScanner(os.Stdin)
 	scanner.Scan()
@@ -165,7 +211,7 @@ func getInput() (string, error) {

 func promptAndGet(prompt string) (string, error) {
 	for {
-		fmt.Printf(prompt)
+		fmt.Print(prompt)
 		input, err := getInput()
 		if err != nil {
 			log.Printf("Failed to get input, aborting: %s", err)
@@ -176,14 +222,13 @@ func promptAndGet(prompt string) (string, error) {
 		}
 		// try again
 	}
-	return "", nil
 }

 func promptAndGetPassword(prompt string) (string, error) {
 	for {
-		fmt.Printf(prompt)
+		fmt.Print(prompt)
 		password, err := terminal.ReadPassword(int(os.Stdin.Fd()))
-		fmt.Printf("\n")
+		fmt.Print("\n")
 		if err != nil {
 			log.Printf("Failed to get input, aborting: %s", err)
 			return "", err
@@ -196,11 +241,13 @@ func promptAndGetPassword(prompt string) (string, error) {
 }

 func askUsernamePasswordIfPossible() error {
-	configfile := filepath.Join(config.ourBinaryDir, config.ourConfigFilename)
+	configfile := config.ourConfigFilename
+	if !filepath.IsAbs(configfile) {
+		configfile = filepath.Join(config.ourBinaryDir, config.ourConfigFilename)
+	}
 	_, err := os.Stat(configfile)
 	if !os.IsNotExist(err) {
 		// do nothing, file exists
-		trace("File %s exists, won't ask for password", configfile)
 		return nil
 	}
 	if !terminal.IsTerminal(int(os.Stdin.Fd())) {
@@ -240,29 +287,3 @@ func askUsernamePasswordIfPossible() error {
 	config.AuthPass = password
 	return nil
 }
-
-func renameOldConfigIfNeccessary() error {
-	oldConfigFile := filepath.Join(config.ourBinaryDir, "AdguardDNS.yaml")
-	_, err := os.Stat(oldConfigFile)
-	if os.IsNotExist(err) {
-		// do nothing, file doesn't exist
-		trace("File %s doesn't exist, nothing to do", oldConfigFile)
-		return nil
-	}
-
-	newConfigFile := filepath.Join(config.ourBinaryDir, config.ourConfigFilename)
-	_, err = os.Stat(newConfigFile)
-	if !os.IsNotExist(err) {
-		// do nothing, file doesn't exist
-		trace("File %s already exists, will not overwrite", newConfigFile)
-		return nil
-	}
-
-	err = os.Rename(oldConfigFile, newConfigFile)
-	if err != nil {
-		log.Printf("Failed to rename %s to %s: %s", oldConfigFile, newConfigFile, err)
-		return err
-	}
-
-	return nil
-}
--- a/client/package-lock.json
+++ b/client/package-lock.json
@@ -94,6 +94,21 @@
      "integrity": "sha1-J87C30Cd9gr1gnDtj2qlVAnqhvY=",
      "dev": true
    },
+    "@babel/runtime": {
+      "version": "7.1.5",
+      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.1.5.tgz",
+      "integrity": "sha512-xKnPpXG/pvK1B90JkwwxSGii90rQGKtzcMt2gI5G6+M0REXaq6rOHsGC2ay6/d0Uje7zzvSzjEzfR3ENhFlrfA==",
+      "requires": {
+        "regenerator-runtime": "^0.12.0"
+      },
+      "dependencies": {
+        "regenerator-runtime": {
+          "version": "0.12.1",
+          "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.12.1.tgz",
+          "integrity": "sha512-odxIc1/vDlo4iZcfXqRYFj0vpXFNoGdKMAUieAlFYO6m/nl5e9KR/beGf41z4a1FI+aQgtjhuaSlDxQ0hmkrHg=="
+        }
+      }
+    },
    "@babel/template": {
      "version": "7.0.0-beta.44",
      "resolved": "http://registry.npmjs.org/@babel/template/-/template-7.0.0-beta.44.tgz",
@@ -3111,6 +3126,15 @@
        "sha.js": "^2.4.8"
      }
    },
+    "create-react-context": {
+      "version": "0.2.3",
+      "resolved": "https://registry.npmjs.org/create-react-context/-/create-react-context-0.2.3.tgz",
+      "integrity": "sha512-CQBmD0+QGgTaxDL3OX1IDXYqjkp2It4RIbcb99jS6AEg27Ga+a9G3JtK6SIu0HBwPLZlmwt9F7UwWA4Bn92Rag==",
+      "requires": {
+        "fbjs": "^0.8.0",
+        "gud": "^1.0.0"
+      }
+    },
    "cross-spawn": {
      "version": "5.1.0",
      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-5.1.0.tgz",
@@ -4102,6 +4126,11 @@
        "next-tick": "1"
      }
    },
+    "es6-error": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/es6-error/-/es6-error-4.1.1.tgz",
+      "integrity": "sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg=="
+    },
    "es6-iterator": {
      "version": "2.0.3",
      "resolved": "https://registry.npmjs.org/es6-iterator/-/es6-iterator-2.0.3.tgz",
@@ -6230,6 +6259,11 @@
      "integrity": "sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=",
      "dev": true
    },
+    "gud": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/gud/-/gud-1.0.0.tgz",
+      "integrity": "sha512-zGEOVKFM5sVPPrYs7J5/hYEw2Pof8KCyOwyhG8sAF26mCAeUFAcYPu1mwB7hhpIP29zOIBaDqwuHdLp0jvZXjw=="
+    },
    "handle-thing": {
      "version": "1.2.5",
      "resolved": "https://registry.npmjs.org/handle-thing/-/handle-thing-1.2.5.tgz",
@@ -6543,6 +6577,14 @@
        "uglify-js": "3.4.x"
      }
    },
+    "html-parse-stringify2": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/html-parse-stringify2/-/html-parse-stringify2-2.0.1.tgz",
+      "integrity": "sha1-3FZwtyksoVi3vJFsmmc1rIhyg0o=",
+      "requires": {
+        "void-elements": "^2.0.1"
+      }
+    },
    "html-tags": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/html-tags/-/html-tags-2.0.0.tgz",
@@ -6551,7 +6593,7 @@
    },
    "html-webpack-plugin": {
      "version": "3.2.0",
-      "resolved": "https://registry.npmjs.org/html-webpack-plugin/-/html-webpack-plugin-3.2.0.tgz",
+      "resolved": "http://registry.npmjs.org/html-webpack-plugin/-/html-webpack-plugin-3.2.0.tgz",
      "integrity": "sha1-sBq71yOsqqeze2r0SS69oD2d03s=",
      "dev": true,
      "requires": {
@@ -6601,7 +6643,7 @@
        },
        "readable-stream": {
          "version": "1.0.34",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.34.tgz",
+          "resolved": "http://registry.npmjs.org/readable-stream/-/readable-stream-1.0.34.tgz",
          "integrity": "sha1-Elgg40vIQtLyqq+v5MKRbuMsFXw=",
          "dev": true,
          "requires": {
@@ -6700,6 +6742,16 @@
      "integrity": "sha1-7AbBDgo0wPL68Zn3/X/Hj//QPHM=",
      "dev": true
    },
+    "i18next": {
+      "version": "12.0.0",
+      "resolved": "https://registry.npmjs.org/i18next/-/i18next-12.0.0.tgz",
+      "integrity": "sha512-Zy/nFpmBZxgmi6k9HkHbf+MwvAwiY5BDzNjNfvyLPKyalc2YBwwZtblESDlTKLDO8XSv23qYRY2uZcADDlRSjQ=="
+    },
+    "i18next-browser-languagedetector": {
+      "version": "2.2.3",
+      "resolved": "https://registry.npmjs.org/i18next-browser-languagedetector/-/i18next-browser-languagedetector-2.2.3.tgz",
+      "integrity": "sha512-sJZ2n9Vgax0vGer23hJMwyO3FRO7P0dq2DXZPXWE329g3snfJUcw+S24Mp3lqJaxL/0McDu4BD75ds6pzIfhhw=="
+    },
    "iconv-lite": {
      "version": "0.4.24",
      "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
@@ -7340,8 +7392,7 @@
    "is-promise": {
      "version": "2.1.0",
      "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-2.1.0.tgz",
-      "integrity": "sha1-eaKp7OfwlugPNtKy87wWwf9L8/o=",
-      "dev": true
+      "integrity": "sha1-eaKp7OfwlugPNtKy87wWwf9L8/o="
    },
    "is-regex": {
      "version": "1.0.4",
@@ -12850,6 +12901,32 @@
        "prop-types": "^15.6.0"
      }
    },
+    "react-i18next": {
+      "version": "8.3.8",
+      "resolved": "https://registry.npmjs.org/react-i18next/-/react-i18next-8.3.8.tgz",
+      "integrity": "sha512-ZcSpakSBcDxPJkl34fv/SI0TaoTDvVDrk4WpDF+WElorine+dHUjGMAA6RG5Km2KcLNW1t4GLunHprgKiqDrSw==",
+      "requires": {
+        "@babel/runtime": "^7.1.2",
+        "create-react-context": "0.2.3",
+        "hoist-non-react-statics": "3.0.1",
+        "html-parse-stringify2": "2.0.1"
+      },
+      "dependencies": {
+        "hoist-non-react-statics": {
+          "version": "3.0.1",
+          "resolved": "https://registry.npmjs.org/hoist-non-react-statics/-/hoist-non-react-statics-3.0.1.tgz",
+          "integrity": "sha512-1kXwPsOi0OGQIZNVMPvgWJ9tSnGMiMfJdihqEzrPEXlHOBh9AAHXX/QYmAJTXztnz/K+PQ8ryCb4eGaN6HlGbQ==",
+          "requires": {
+            "react-is": "^16.3.2"
+          }
+        }
+      }
+    },
+    "react-is": {
+      "version": "16.6.3",
+      "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.6.3.tgz",
+      "integrity": "sha512-u7FDWtthB4rWibG/+mFbVd5FvdI20yde86qKGx4lVUTWmPlSWQ4QxbBIrrs+HnXGbxOUlUzTAP/VDmvCwaP2yA=="
+    },
    "react-lifecycles-compat": {
      "version": "3.0.4",
      "resolved": "https://registry.npmjs.org/react-lifecycles-compat/-/react-lifecycles-compat-3.0.4.tgz",
@@ -13129,6 +13206,21 @@
        "reduce-reducers": "^0.1.0"
      }
    },
+    "redux-form": {
+      "version": "7.4.2",
+      "resolved": "https://registry.npmjs.org/redux-form/-/redux-form-7.4.2.tgz",
+      "integrity": "sha512-QxC36s4Lelx5Cr8dbpxqvl23dwYOydeAX8c6YPmgkz/Dhj053C16S2qoyZN6LO6HJ2oUF00rKsAyE94GwOUhFA==",
+      "requires": {
+        "es6-error": "^4.1.1",
+        "hoist-non-react-statics": "^2.5.4",
+        "invariant": "^2.2.4",
+        "is-promise": "^2.1.0",
+        "lodash": "^4.17.10",
+        "lodash-es": "^4.17.10",
+        "prop-types": "^15.6.1",
+        "react-lifecycles-compat": "^3.0.4"
+      }
+    },
    "redux-thunk": {
      "version": "2.3.0",
      "resolved": "https://registry.npmjs.org/redux-thunk/-/redux-thunk-2.3.0.tgz",
@@ -14930,7 +15022,7 @@
    },
    "through": {
      "version": "2.3.8",
-      "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz",
+      "resolved": "http://registry.npmjs.org/through/-/through-2.3.8.tgz",
      "integrity": "sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=",
      "dev": true
    },
@@ -14965,11 +15057,6 @@
        "setimmediate": "^1.0.4"
      }
    },
-    "tiny-version-compare": {
-      "version": "0.9.1",
-      "resolved": "https://registry.npmjs.org/tiny-version-compare/-/tiny-version-compare-0.9.1.tgz",
-      "integrity": "sha512-kYim94l7ptSmj9rqxUMkrcMCJ448CS+hwqjA7OFcRi0ISdi0zjgdSUklQ4velVVECCjCo5frU3tNZ3oSgIKzsA=="
-    },
    "tmp": {
      "version": "0.0.33",
      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz",
@@ -15604,6 +15691,11 @@
        "indexof": "0.0.1"
      }
    },
+    "void-elements": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/void-elements/-/void-elements-2.0.1.tgz",
+      "integrity": "sha1-wGavtYK7HLQSjWDqkjkulNXp2+w="
+    },
    "walker": {
      "version": "1.0.7",
      "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.7.tgz",
--- a/client/package.json
+++ b/client/package.json
@@ -14,12 +14,15 @@
    "classnames": "^2.2.6",
    "date-fns": "^1.29.0",
    "file-saver": "^1.3.8",
+    "i18next": "^12.0.0",
+    "i18next-browser-languagedetector": "^2.2.3",
    "lodash": "^4.17.10",
    "nanoid": "^1.2.3",
    "prop-types": "^15.6.1",
    "react": "^16.4.0",
    "react-click-outside": "^3.0.1",
    "react-dom": "^16.4.0",
+    "react-i18next": "^8.2.0",
    "react-modal": "^3.4.5",
    "react-redux": "^5.0.7",
    "react-redux-loading-bar": "^4.0.7",
@@ -28,9 +31,9 @@
    "react-transition-group": "^2.4.0",
    "redux": "^4.0.0",
    "redux-actions": "^2.4.0",
+    "redux-form": "^7.4.2",
    "redux-thunk": "^2.3.0",
    "svg-url-loader": "^2.3.2",
-    "tiny-version-compare": "^0.9.1",
    "whatwg-fetch": "2.0.3"
  },
  "devDependencies": {
--- a/client/src/__locales/en.json
+++ b/client/src/__locales/en.json
@@ -0,0 +1,157 @@
+{
+    "check_dhcp_servers": "Check for DHCP servers",
+    "save_config": "Save config",
+    "enabled_dhcp": "DHCP server enabled",
+    "disabled_dhcp": "DHCP server disabled",
+    "dhcp_title": "DHCP server (experimental!)",
+    "dhcp_description": "If your router does not provide DHCP settings, you can use AdGuard's own built-in DHCP server.",
+    "dhcp_enable": "Enable DHCP server",
+    "dhcp_disable": "Disable DHCP server",
+    "dhcp_not_found": "No active DHCP servers found on the network. It is safe to enable the built-in DHCP server.",
+    "dhcp_found": "Found active DHCP servers found on the network. It is not safe to enable the built-in DHCP server.",
+    "dhcp_leases": "DHCP leases",
+    "dhcp_leases_not_found": "No DHCP leases found",
+    "dhcp_config_saved": "Saved DHCP server config",
+    "form_error_required": "Required field",
+    "form_error_ip_format": "Invalid IPv4 format",
+    "form_error_positive": "Must be greater than 0",
+    "dhcp_form_gateway_input": "Gateway IP",
+    "dhcp_form_subnet_input": "Subnet mask",
+    "dhcp_form_range_title": "Range of IP addresses",
+    "dhcp_form_range_start": "Range start",
+    "dhcp_form_range_end": "Range end",
+    "dhcp_form_lease_title": "DHCP lease time (in seconds)",
+    "dhcp_form_lease_input": "Lease duration",
+    "dhcp_interface_select": "Select DHCP interface",
+    "dhcp_hardware_address": "Hardware address",
+    "dhcp_ip_addresses": "IP addresses",
+    "back": "Back",
+    "dashboard": "Dashboard",
+    "settings": "Settings",
+    "filters": "Filters",
+    "query_log": "Query Log",
+    "faq": "FAQ",
+    "version": "version",
+    "address": "address",
+    "on": "ON",
+    "off": "OFF",
+    "copyright": "Copyright",
+    "homepage": "Homepage",
+    "report_an_issue": "Report an issue",
+    "enable_protection": "Enable protection",
+    "enabled_protection": "Enabled protection",
+    "disable_protection": "Disable protection",
+    "disabled_protection": "Disabled protection",
+    "refresh_statics": "Refresh statistics",
+    "dns_query": "DNS Queries",
+    "blocked_by": "Blocked by Filters",
+    "stats_malware_phishing": "Blocked malware\/phishing",
+    "stats_adult": "Blocked adult websites",
+    "stats_query_domain": "Top queried domains",
+    "for_last_24_hours": "for the last 24 hours",
+    "no_domains_found": "No domains found",
+    "requests_count": "Requests count",
+    "top_blocked_domains": "Top blocked domains",
+    "top_clients": "Top clients",
+    "no_clients_found": "No clients found",
+    "general_statistics": "General statistics",
+    "number_of_dns_query_24_hours": "A number of DNS quieries processed for the last 24 hours",
+    "number_of_dns_query_blocked_24_hours": "A number of DNS requests blocked by adblock filters and hosts blocklists",
+    "number_of_dns_query_blocked_24_hours_by_sec": "A number of DNS requests blocked by the AdGuard browsing security module",
+    "number_of_dns_query_blocked_24_hours_adult": "A number of adult websites blocked",
+    "enforced_save_search": "Enforced safe search",
+    "number_of_dns_query_to_safe_search": "A number of DNS requests to search engines for which Safe Search was enforced",
+    "average_processing_time": "Average processing time",
+    "average_processing_time_hint": "Average time in milliseconds on processing a DNS request",
+    "block_domain_use_filters_and_hosts": "Block domains using filters and hosts files",
+    "filters_block_toggle_hint": "You can setup blocking rules in the <a href='#filters'>Filters<\/a> settings.",
+    "use_adguard_browsing_sec": "Use AdGuard browsing security web service",
+    "use_adguard_browsing_sec_hint": "AdGuard Home will check if domain is blacklisted by the browsing security web service. It will use privacy-friendly lookup API to perform the check: only a short prefix of the domain name SHA256 hash is sent to the server.",
+    "use_adguard_parental": "Use AdGuard parental control web service",
+    "use_adguard_parental_hint": "AdGuard Home will check if domain contains adult materials. It uses the same privacy-friendly API as the browsing security web service.",
+    "enforce_safe_search": "Enforce safe search",
+    "enforce_save_search_hint": "AdGuard Home can enforce safe search in the following search engines: Google, Youtube, Bing, and Yandex.",
+    "no_servers_specified": "No servers specified",
+    "no_settings": "No settings",
+    "general_settings": "General settings",
+    "upstream_dns": "Upstream DNS servers",
+    "upstream_dns_hint": "If you keep this field empty, AdGuard Home will use <a href='https:\/\/1.1.1.1\/' target='_blank'>Cloudflare DNS<\/a> as an upstream. Use tls:\/\/ prefix for DNS over TLS servers.",
+    "test_upstream_btn": "Test upstreams",
+    "apply_btn": "Apply",
+    "disabled_filtering_toast": "Disabled filtering",
+    "enabled_filtering_toast": "Enabled filtering",
+    "disabled_safe_browsing_toast": "Disabled safebrowsing",
+    "enabled_safe_browsing_toast": "Enabled safebrowsing",
+    "disabled_parental_toast": "Disabled parental control",
+    "enabled_parental_toast": "Enabled parental control",
+    "disabled_safe_search_toast": "Disabled safe search",
+    "enabled_save_search_toast": "Enabled safe search",
+    "enabled_table_header": "Enabled",
+    "name_table_header": "Name",
+    "filter_url_table_header": "Filter URL",
+    "rules_count_table_header": "Rules count",
+    "last_time_updated_table_header": "Last time updated",
+    "actions_table_header": "Actions",
+    "delete_table_action": "Delete",
+    "filters_and_hosts": "Filters and hosts blocklists",
+    "filters_and_hosts_hint": "AdGuard Home understands basic adblock rules and hosts files syntax.",
+    "no_filters_added": "No filters added",
+    "add_filter_btn": "Add filter",
+    "cancel_btn": "Cancel",
+    "enter_name_hint": "Enter name",
+    "enter_url_hint": "Enter URL",
+    "check_updates_btn": "Check updates",
+    "new_filter_btn": "New filter subscription",
+    "enter_valid_filter_url": "Enter a valid URL to a filter subscription or a hosts file.",
+    "custom_filter_rules": "Custom filtering rules",
+    "custom_filter_rules_hint": "Enter one rule on a line. You can use either adblock rules or hosts files syntax.",
+    "examples_title": "Examples",
+    "example_meaning_filter_block": "block access to the example.org domain and all its subdomains",
+    "example_meaning_filter_whitelist": "unblock access to the example.org domain and all its subdomains",
+    "example_meaning_host_block": "AdGuard Home will now return 127.0.0.1 address for the example.org domain (but not its subdomains).",
+    "example_comment": "! Here goes a comment",
+    "example_comment_meaning": "just a comment",
+    "example_comment_hash": "# Also a comment",
+    "example_upstream_regular": "regular DNS (over UDP)",
+    "example_upstream_dot": "encrypted <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>DNS-over-TLS<\/a>",
+    "example_upstream_doh": "encrypted <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS<\/a>",
+    "example_upstream_sdns": "you can use <a href='https:\/\/dnscrypt.info\/stamps\/' target='_blank'>DNS Stamps<\/a> for <a href='https:\/\/dnscrypt.info\/' target='_blank'>DNSCrypt<\/a> or <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS<\/a> resolvers",
+    "example_upstream_tcp": "regular DNS (over TCP)",
+    "all_filters_up_to_date_toast": "All filters are already up-to-date",
+    "updated_upstream_dns_toast": "Updated the upstream DNS servers",
+    "dns_test_ok_toast": "Specified DNS servers are working correctly",
+    "dns_test_not_ok_toast": "Server \"{{key}}\": could not be used, please check that you've written it correctly",
+    "unblock_btn": "Unblock",
+    "block_btn": "Block",
+    "time_table_header": "Time",
+    "domain_name_table_header": "Domain name",
+    "type_table_header": "Type",
+    "response_table_header": "Response",
+    "client_table_header": "Client",
+    "empty_response_status": "Empty",
+    "show_all_filter_type": "Show all",
+    "show_filtered_type": "Show filtered",
+    "no_logs_found": "No logs found",
+    "disabled_log_btn": "Disable log",
+    "download_log_file_btn": "Download log file",
+    "refresh_btn": "Refresh",
+    "enabled_log_btn": "Enable log",
+    "last_dns_queries": "Last 5000 DNS queries",
+    "previous_btn": "Previous",
+    "next_btn": "Next",
+    "loading_table_status": "Loading...",
+    "page_table_footer_text": "Page",
+    "of_table_footer_text": "of",
+    "rows_table_footer_text": "rows",
+    "updated_custom_filtering_toast": "Updated the custom filtering rules",
+    "rule_removed_from_custom_filtering_toast": "Rule removed from the custom filtering rules",
+    "rule_added_to_custom_filtering_toast": "Rule added to the custom filtering rules",
+    "query_log_disabled_toast": "Query log disabled",
+    "query_log_enabled_toast": "Query log enabled",
+    "source_label": "Source",
+    "found_in_known_domain_db": "Found in the known domains database.",
+    "category_label": "Category",
+    "rule_label": "Rule",
+    "filter_label": "Filter",
+    "unknown_filter": "Unknown filter {{filterId}}"
+}
--- a/client/src/__locales/es.json
+++ b/client/src/__locales/es.json
@@ -0,0 +1,157 @@
+{
+    "check_dhcp_servers": "Compruebe si hay servidores DHCP",
+    "save_config": "Guardar config",
+    "enabled_dhcp": "Servidor DHCP habilitado",
+    "disabled_dhcp": "Servidor DHCP deshabilitado",
+    "dhcp_title": "Servidor DHCP",
+    "dhcp_description": "Si su enrutador no proporciona la configuraci\u00f3n DHCP, puede utilizar el propio servidor DHCP incorporado de AdGuard.",
+    "dhcp_enable": "Habilitar servidor DHCP",
+    "dhcp_disable": "Deshabilitar el servidor DHCP",
+    "dhcp_not_found": "No se han encontrado servidores DHCP activos en la red. Es seguro habilitar el servidor DHCP incorporado.",
+    "dhcp_found": "Se encontraron servidores DHCP activos encontrados en la red. No es seguro habilitar el servidor DHCP incorporado.",
+    "dhcp_leases": "concesi\u00f3nes DHCP",
+    "dhcp_leases_not_found": "No se encontraron concesi\u00f3nes DHCP",
+    "dhcp_config_saved": "Configuraci\u00f3n del servidor DHCP guardada",
+    "form_error_required": "Campo obligatorio",
+    "form_error_ip_format": "Formato IPv4 no v\u00e1lido",
+    "form_error_positive": "Debe ser mayor que 0",
+    "dhcp_form_gateway_input": "IP de acceso",
+    "dhcp_form_subnet_input": "M\u00e1scara de subred",
+    "dhcp_form_range_title": "Rango de direcciones IP",
+    "dhcp_form_range_start": "Inicio de rango",
+    "dhcp_form_range_end": "Final de rango",
+    "dhcp_form_lease_title": "Tiempo de concesi\u00f3n DHCP (en segundos)",
+    "dhcp_form_lease_input": "duraci\u00f3n de la concesi\u00f3n",
+    "dhcp_interface_select": "Seleccione la interfaz DHCP",
+    "dhcp_hardware_address": "Direcci\u00f3n de hardware",
+    "dhcp_ip_addresses": "Direcciones IP",
+    "back": "Atr\u00e1s",
+    "dashboard": "Tablero de rendimiento",
+    "settings": "Ajustes",
+    "filters": "Filtros",
+    "query_log": "Log de consulta",
+    "faq": "FAQ",
+    "version": "versi\u00f3n",
+    "address": "direcci\u00f3n",
+    "on": "Activado",
+    "off": "Desactivado",
+    "copyright": "Derechos de autor",
+    "homepage": "P\u00e1gina de inicio",
+    "report_an_issue": "Reportar un error",
+    "enable_protection": "Activar la protecci\u00f3n",
+    "enabled_protection": "Protecci\u00f3n activada",
+    "disable_protection": "Desactivar protecci\u00f3n",
+    "disabled_protection": "Protecci\u00f3n desactivada",
+    "refresh_statics": "Restablecer estad\u00edsticas",
+    "dns_query": "Consultas DNS",
+    "blocked_by": "Bloqueado por Filtros",
+    "stats_malware_phishing": "Malware\/phishing bloqueado",
+    "stats_adult": "Contenido para adultos bloqueado",
+    "stats_query_domain": "Dominios m\u00e1s solicitados",
+    "for_last_24_hours": "en las \u00faltimas 24 horas",
+    "no_domains_found": "Dominios no encontrados",
+    "requests_count": "N\u00famero de solicitudes",
+    "top_blocked_domains": "Dominios m\u00e1s bloqueados",
+    "top_clients": "Clientes m\u00e1s populares",
+    "no_clients_found": "No hay clientes",
+    "general_statistics": "Estad\u00edsticas generales",
+    "number_of_dns_query_24_hours": "Una serie de consultas DNS procesadas durante las \u00faltimas 24 horas",
+    "number_of_dns_query_blocked_24_hours": "El n\u00famero de solicitudes de DNS bloqueadas por los filtros de publicidad y listas de bloqueo de hosts",
+    "number_of_dns_query_blocked_24_hours_by_sec": "Un n\u00famero de solicitudes de DNS bloqueadas por el m\u00f3dulo de navegaci\u00f3n segura de AdGuard",
+    "number_of_dns_query_blocked_24_hours_adult": "Un n\u00famero de sitios para adultos bloqueados",
+    "enforced_save_search": "B\u00fasqueda segura forzada",
+    "number_of_dns_query_to_safe_search": "Una serie de solicitudes de DNS a los motores de b\u00fasqueda para los que se aplic\u00f3 la B\u00fasqueda Segura",
+    "average_processing_time": "Tiempo promedio de procesamiento",
+    "average_processing_time_hint": "Tiempo promedio en milisegundos al procesar una solicitud DNS",
+    "block_domain_use_filters_and_hosts": "Bloquear dominios usando filtros y archivos hosts",
+    "filters_block_toggle_hint": "Puede configurar las reglas de bloqueo en los ajustes <a href='#filters'>Filtros<\/a>.",
+    "use_adguard_browsing_sec": "Usar el servicio web de Seguridad de navegaci\u00f3n de AdGuard",
+    "use_adguard_browsing_sec_hint": "AdGuard Home comprobar\u00e1 si el dominio est\u00e1 en la lista negra del servicio web de seguridad de navegaci\u00f3n. Utilizar\u00e1 una API de b\u00fasqueda amigable con la privacidad para realizar la comprobaci\u00f3n: s\u00f3lo se env\u00eda al servidor un prefijo corto del hash del nombre de dominio SHA256.",
+    "use_adguard_parental": "Usar Control Parental de AdGuard ",
+    "use_adguard_parental_hint": "AdGuard Home comprobar\u00e1 si el dominio contiene materiales para adultos. Utiliza la misma API amigable con la privacidad que el servicio web de seguridad de navegaci\u00f3n.",
+    "enforce_safe_search": "Forzar b\u00fasqueda segura",
+    "enforce_save_search_hint": "AdGuard Home puede forzar la b\u00fasqueda segura en los siguientes motores de b\u00fasqueda: Google, Youtube, Bing y Yandex.",
+    "no_servers_specified": "No hay servidores especificados",
+    "no_settings": "No hay ajustes",
+    "general_settings": "Ajustes generales",
+    "upstream_dns": "Servidores DNS upstream",
+    "upstream_dns_hint": "Si mantiene este campo vac\u00edo, AdGuard Home utilizar\u00e1 <a href='https:\/\/1.1.1.1\/' target='_blank'>Cloudflare DNS<\/a> como upstream. Utilice el prefijo tls:\/\/ para DNS sobre servidores TLS.",
+    "test_upstream_btn": "Probar upstream",
+    "apply_btn": "Aplicar",
+    "disabled_filtering_toast": "Desactivar filtrado",
+    "enabled_filtering_toast": "Filtrado activado",
+    "disabled_safe_browsing_toast": "Navegaci\u00f3n segura desactivada",
+    "enabled_safe_browsing_toast": "Navegaci\u00f3n segura activada",
+    "disabled_parental_toast": "Control parental desactivado",
+    "enabled_parental_toast": "Control parental activado",
+    "disabled_safe_search_toast": "B\u00fasqueda segura desactivada",
+    "enabled_save_search_toast": "B\u00fasqueda segura activada",
+    "enabled_table_header": "Activado",
+    "name_table_header": "Nombre",
+    "filter_url_table_header": "Filtro URL",
+    "rules_count_table_header": "N\u00famero de reglas",
+    "last_time_updated_table_header": "\u00daltima actualizaci\u00f3n",
+    "actions_table_header": "Acciones",
+    "delete_table_action": "Eliminar",
+    "filters_and_hosts": "Filtros y listas de bloqueo de hosts",
+    "filters_and_hosts_hint": "AdGuard Home entiende reglas b\u00e1sicas de bloqueo y la sintaxis de los archivos de hosts.",
+    "no_filters_added": "No hay filtros agregados",
+    "add_filter_btn": "Agregar filtro",
+    "cancel_btn": "Cancelar",
+    "enter_name_hint": "Ingresar nombre",
+    "enter_url_hint": "Ingresar URL",
+    "check_updates_btn": "Revisar si hay actualizaciones",
+    "new_filter_btn": "Nueva suscripci\u00f3n de filtro",
+    "enter_valid_filter_url": "Ingrese una URL v\u00e1lida para suscribirse o un archivo de hosts.",
+    "custom_filter_rules": "Personalizar reglas del filtrado",
+    "custom_filter_rules_hint": "Introduzca una regla en una l\u00ednea. Puede utilizar reglas de bloqueo de anuncios o sintaxis de archivos de hosts.",
+    "examples_title": "Ejemplos",
+    "example_meaning_filter_block": "bloquear acceso al dominio ejemplo.org\ny a todos sus subdominios",
+    "example_meaning_filter_whitelist": "desbloquear el acceso al dominio ejemplo.org y a sus subdominios",
+    "example_meaning_host_block": "AdGuard Home regresar\u00e1 la direcci\u00f3n 127.0.0.1 para el dominio ejemplo.org (pero no para sus subdominios).",
+    "example_comment": "! Aqu\u00ed va un comentario",
+    "example_comment_meaning": "solo un comentario",
+    "example_comment_hash": "# Tambi\u00e9n un comentario",
+    "example_upstream_regular": "DNS regular (a trav\u00e9s de UDP)",
+    "example_upstream_dot": "encriptado <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>DNS-a-trav\u00e9s-de-TLS<\/a>",
+    "example_upstream_doh": "encriptado  <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-a-trav\u00e9s-de-TLS<\/a>",
+    "example_upstream_sdns": "puedes usar <a href='https:\/\/dnscrypt.info\/stamps\/' target='_blank'>DNS Stamps<\/a> para <a href='https:\/\/dnscrypt.info\/' target='_blank'>DNSCrypt<\/a> o <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS<\/a> resolutores",
+    "example_upstream_tcp": "DNS regular (a trav\u00e9s de TCP)",
+    "all_filters_up_to_date_toast": "Todos los filtros son actualizados",
+    "updated_upstream_dns_toast": "Servidores DNS upstream actualizados",
+    "dns_test_ok_toast": "Servidores DNS especificados funcionan correctamente",
+    "dns_test_not_ok_toast": "Servidor \"{{key}}\": no puede ser usado, por favor, revise si lo ha escrito correctamente",
+    "unblock_btn": "Desbloquear",
+    "block_btn": "Bloquear",
+    "time_table_header": "Tiempo",
+    "domain_name_table_header": "Nombre de dominio",
+    "type_table_header": "Tipo",
+    "response_table_header": "Respuesta",
+    "client_table_header": "Cliente",
+    "empty_response_status": "Vac\u00edo",
+    "show_all_filter_type": "Mostrar todo",
+    "show_filtered_type": "Mostrar filtrados",
+    "no_logs_found": "No se han encontrado registros",
+    "disabled_log_btn": "Desactivar registro",
+    "download_log_file_btn": "Descargar el archivo de registro",
+    "refresh_btn": "Refrescar",
+    "enabled_log_btn": "Activar registro",
+    "last_dns_queries": "\u00daltimas 500 solicitudes de DNS",
+    "previous_btn": "Anterior",
+    "next_btn": "Siguiente",
+    "loading_table_status": "Cargando...",
+    "page_table_footer_text": "P\u00e1gina",
+    "of_table_footer_text": "de",
+    "rows_table_footer_text": "filas",
+    "updated_custom_filtering_toast": "Actualizadas las reglas de filtrado personalizadas",
+    "rule_removed_from_custom_filtering_toast": "Regla eliminada de las reglas de filtrado personalizadas",
+    "rule_added_to_custom_filtering_toast": "Regla a\u00f1adida a las reglas de filtrado personalizadas",
+    "query_log_disabled_toast": "Log de consulta desactivado",
+    "query_log_enabled_toast": "Log de consulta activado",
+    "source_label": "Fuente",
+    "found_in_known_domain_db": "Encontrado en la base de datos de dominios conocidos.",
+    "category_label": "Categor\u00eda",
+    "rule_label": "Regla",
+    "filter_label": "Filtro",
+    "unknown_filter": "Filtro desconocido {{filterId}}"
+}
--- a/client/src/__locales/fr.json
+++ b/client/src/__locales/fr.json
@@ -0,0 +1,129 @@
+{
+    "back": "Retour",
+    "dashboard": "Tableau de bord",
+    "settings": "Param\u00e8tres",
+    "filters": "Filtres",
+    "query_log": "Journal des requ\u00eates\u001c",
+    "faq": "FAQ",
+    "version": "version",
+    "address": "addresse",
+    "on": "Activ\u00e9",
+    "off": "\u00c9teint",
+    "copyright": "Copyright",
+    "homepage": "Page d'accueil",
+    "report_an_issue": "Signaler un probl\u00e8me",
+    "enable_protection": "Activer la protection",
+    "enabled_protection": "Protection activ\u00e9e",
+    "disable_protection": "D\u00e9sactiver la protection",
+    "disabled_protection": "Protection d\u00e9sactiv\u00e9e",
+    "refresh_statics": "Renouveler les statistiques",
+    "dns_query": "Requ\u00eates\u001c DNS",
+    "blocked_by": "Bloqu\u00e9 par Filtres",
+    "stats_malware_phishing": "Tentative de malware\/hamme\u00e7onnage bloqu\u00e9e",
+    "stats_adult": "Sites \u00e0 contenu adulte bloqu\u00e9s",
+    "stats_query_domain": "Domaines les plus recherch\u00e9s",
+    "for_last_24_hours": "pendant les derni\u00e8res 24 heures",
+    "no_domains_found": "Pas de domaines trouv\u00e9s",
+    "requests_count": "Nombre de requ\u00eates",
+    "top_blocked_domains": "Les domaines les plus fr\u00e9quemment bloqu\u00e9s",
+    "top_clients": "Meilleurs clients",
+    "no_clients_found": "Pas de clients trouv\u00e9s",
+    "general_statistics": "Statistiques g\u00e9n\u00e9rales",
+    "number_of_dns_query_24_hours": "Un nombre de requ\u00eates DNS quieries trait\u00e9es pendant les 24 heures derni\u00e8res",
+    "number_of_dns_query_blocked_24_hours": "Un nombre de requ\u00eates DNS bloqu\u00e9es par les filtres  adblock et les listes de blocage des hosts",
+    "number_of_dns_query_blocked_24_hours_by_sec": "Un nombre de requ\u00eates DNS bloqu\u00e9es par le module S\u00e9curit\u00e9 de navigation d'AdGuard",
+    "number_of_dns_query_blocked_24_hours_adult": "Un nombre de sites \u00e0 contenu adulte bloqu\u00e9s",
+    "enforced_save_search": "Recherche s\u00e9curis\u00e9e renforc\u00e9e",
+    "number_of_dns_query_to_safe_search": "Un nombre de requ\u00eates DNS faites avec la Recherche securis\u00e9e",
+    "average_processing_time": "Temps moyen de traitement",
+    "average_processing_time_hint": "Temps moyen (en millisecondes) de traitement d'une requ\u00eate DNS",
+    "block_domain_use_filters_and_hosts": "Bloquez les domaines \u00e0 l'aide des filtres et fichiers hosts",
+    "filters_block_toggle_hint": "Vous pouvez configurer les r\u00e8gles de filtrage dans les param\u00e8tres des <a href='#filters'>Filtres<\/a>.",
+    "use_adguard_browsing_sec": "Utilisez le service S\u00e9curit\u00e9 de navigation d'AdGuard",
+    "use_adguard_browsing_sec_hint": "AdGuard Home va v\u00e9rifier si le domaine est dans la liste noire du service de s\u00e9curit\u00e9 de navigation. Pour cela il va utiliser un lookup API discret : le pr\u00e9fixe court du hash du nom de domaine SHA256 sera envoy\u00e9 au serveur.",
+    "use_adguard_parental": "Utiliser le contr\u00f4le parental d'AdGuard",
+    "use_adguard_parental_hint": "AdGuard Home va v\u00e9rifier s'il y a du contenu pour adultes sur le domaine. Ce sera fait par aide du m\u00eame API discret que celui utilis\u00e9 par le service de S\u00e9curit\u00e9 de navigation.",
+    "enforce_safe_search": "Renforcer la recherche s\u00e9curis\u00e9e",
+    "enforce_save_search_hint": "AdGuard Home peut renforcer la Recherche s\u00e9curis\u00e9e dans les moteurs de recherche suivants : Google, Youtube, Bing et Yandex.",
+    "no_servers_specified": "Pas de serveurs sp\u00e9cifi\u00e9s",
+    "no_settings": "Pas de param\u00e8tres",
+    "general_settings": "Param\u00e8tres g\u00e9n\u00e9raux",
+    "upstream_dns": "Serveurs DNS upstream",
+    "upstream_dns_hint": "Si vous laissez ce champ vide, AdGuard Home va utiliser <a href='https:\/\/1.1.1.1\/' target='_blank'>Cloudflare DNS<\/a> somme upstream. Utilisez le pr\u00e9fixe tls:\/\/ pour DNS via les serveurs TLS .",
+    "test_upstream_btn": "Tester les upstreams",
+    "apply_btn": "Appliquer",
+    "disabled_filtering_toast": "Filtrage d\u00e9sactiv\u00e9",
+    "enabled_filtering_toast": "Filtrage activ\u00e9",
+    "disabled_safe_browsing_toast": "Surfing s\u00e9curis\u00e9 d\u00e9sactiv\u00e9",
+    "enabled_safe_browsing_toast": "Surfing s\u00e9curis\u00e9 activ\u00e9",
+    "disabled_parental_toast": "Contr\u00f4le parental d\u00e9sactiv\u00e9",
+    "enabled_parental_toast": "Contr\u00f4le parental activ\u00e9",
+    "disabled_safe_search_toast": "Recherche s\u00e9curis\u00e9e d\u00e9sactiv\u00e9e",
+    "enabled_save_search_toast": "Recherche s\u00e9curis\u00e9e activ\u00e9e",
+    "enabled_table_header": "Activ\u00e9",
+    "name_table_header": "Nom",
+    "filter_url_table_header": "URL du filtre",
+    "rules_count_table_header": "Nombre des r\u00e8gles",
+    "last_time_updated_table_header": "Derni\u00e8re mise \u00e0 jour",
+    "actions_table_header": "Actions",
+    "delete_table_action": "Supprimer",
+    "filters_and_hosts": "Listes de blocage des filtres et hosts",
+    "filters_and_hosts_hint": "AdGuard Home comprend les r\u00e8gles basiques de blocage ainsi que la syntaxe des fichiers hosts.",
+    "no_filters_added": "Aucun filtre ajout\u00e9",
+    "add_filter_btn": "Ajouter filtre",
+    "cancel_btn": "Annuler",
+    "enter_name_hint": "Saisir nom",
+    "enter_url_hint": "Saisir URL",
+    "check_updates_btn": "V\u00e9rifier les mises \u00e0 jour",
+    "new_filter_btn": "Abonnement \u00e0 un nouveau filtre",
+    "enter_valid_filter_url": "Saisir un URL valide pour s'abonner au filtre ou \u00e0 un fichier host.",
+    "custom_filter_rules": "R\u00e8gles de filtrage d'utilisateur",
+    "custom_filter_rules_hint": "Saisissez la r\u00e8gle en une ligne. C'est possible d'utiliser les r\u00e8gles de blocage ou la syntaxe des fichiers hosts.",
+    "examples_title": "Exemples",
+    "example_meaning_filter_block": "bloquer l'acc\u00e9s au domaine exemple.org et \u00e0 tous ses sous-domaines",
+    "example_meaning_filter_whitelist": "d\u00e9bloquer l'acc\u00e9s au domaine exemple.org et \u00e0 tous ses sous-domaines",
+    "example_meaning_host_block": "AdGuard Home va retourner l'adresse 127.0.0.1 au domaine example.org (mais pas aux sous-domaines).",
+    "example_comment": "! Voici comment ajouter une d\u00e9scription",
+    "example_comment_meaning": "commentaire",
+    "example_comment_hash": "# Et comme \u00e7a aussi on peut laisser des commentaires",
+    "example_upstream_regular": "DNS classique (au-dessus de UDP)",
+    "example_upstream_dot": "<a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>DNS-au-dessus-de-TLS<\/a> chiffr\u00e9",
+    "example_upstream_doh": "<a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-au-dessus-de-HTTPS<\/a> chiffr\u00e9",
+    "example_upstream_tcp": "DNS classique (au-dessus de TCP)",
+    "all_filters_up_to_date_toast": "Tous les filtres sont mis \u00e0 jour",
+    "updated_upstream_dns_toast": "Les serveurs DNS upstream sont mis \u00e0 jour",
+    "dns_test_ok_toast": "Les serveurs DNS sp\u00e9cifi\u00e9s fonctionnent de mani\u00e8re incorrecte",
+    "dns_test_not_ok_toast": "Impossible d'utiliser le serveur \"{{key}}\": veuillez v\u00e9rifier si le nom saisi est bien correct",
+    "unblock_btn": "D\u00e9bloquer",
+    "block_btn": "Bloquer",
+    "time_table_header": "Temps",
+    "domain_name_table_header": "Nom de domaine",
+    "type_table_header": "Type",
+    "response_table_header": "R\u00e9ponse",
+    "client_table_header": "Client",
+    "empty_response_status": "Vide",
+    "show_all_filter_type": "Montrer tout",
+    "show_filtered_type": "Montrer les sites filtr\u00e9s",
+    "no_logs_found": "Aucun journal trouv\u00e9",
+    "disabled_log_btn": "D\u00e9sactiver le journal",
+    "download_log_file_btn": "T\u00e9l\u00e9charger le fichier de journal",
+    "refresh_btn": "Actualiser",
+    "enabled_log_btn": "Activer le journal",
+    "last_dns_queries": "5000 derni\u00e8res requ\u00eates DNS",
+    "previous_btn": "Pr\u00e9c\u00e9dent",
+    "next_btn": "Suivant",
+    "loading_table_status": "Chargement en cours ...",
+    "page_table_footer_text": "Page",
+    "of_table_footer_text": "de",
+    "rows_table_footer_text": "lignes",
+    "updated_custom_filtering_toast": "R\u00e8gles de filtrage d'utilisateur mises \u00e0 jour",
+    "rule_removed_from_custom_filtering_toast": "R\u00e8gle retir\u00e9e des r\u00e8gles d'utilisateur",
+    "rule_added_to_custom_filtering_toast": "R\u00e8gle ajout\u00e9e aux r\u00e8gles d'utilisateur",
+    "query_log_disabled_toast": "Journal de requ\u00eates d\u00e9sactiv\u00e9",
+    "query_log_enabled_toast": "Journal de requ\u00eates activ\u00e9",
+    "source_label": "Source",
+    "found_in_known_domain_db": "Trouv\u00e9 dans la base de donn\u00e9es des domaines connus",
+    "category_label": "Cat\u00e9gorie",
+    "rule_label": "R\u00e8gle",
+    "filter_label": "Filtre"
+}
--- a/client/src/__locales/ja.json
+++ b/client/src/__locales/ja.json
@@ -0,0 +1,157 @@
+{
+    "check_dhcp_servers": "DHCP\u30b5\u30fc\u30d0\u3092\u30c1\u30a7\u30c3\u30af\u3059\u308b",
+    "save_config": "\u8a2d\u5b9a\u3092\u4fdd\u5b58\u3059\u308b",
+    "enabled_dhcp": "DHCP\u30b5\u30fc\u30d0\u3092\u6709\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "disabled_dhcp": "DHCP\u30b5\u30fc\u30d0\u3092\u7121\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "dhcp_title": "DHCP\u30b5\u30fc\u30d0",
+    "dhcp_description": "\u3042\u306a\u305f\u306e\u30eb\u30fc\u30bf\u304cDHCP\u306e\u8a2d\u5b9a\u3092\u63d0\u4f9b\u3057\u3066\u3044\u306a\u3044\u306e\u306a\u3089\u3001AdGuard\u306b\u5185\u8535\u3055\u308c\u305fDHCP\u30b5\u30fc\u30d0\u3092\u5229\u7528\u3067\u304d\u307e\u3059\u3002",
+    "dhcp_enable": "DHCP\u30b5\u30fc\u30d0\u3092\u6709\u52b9\u306b\u3059\u308b",
+    "dhcp_disable": "DHCP\u30b5\u30fc\u30d0\u3092\u7121\u52b9\u306b\u3059\u308b",
+    "dhcp_not_found": "\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5185\u306b\u52d5\u4f5c\u3057\u3066\u3044\u308bDHCP\u30b5\u30fc\u30d0\u306f\u3042\u308a\u307e\u305b\u3093\u3002\u5185\u8535\u3055\u308c\u305fDHCP\u30b5\u30fc\u30d0\u3092\u6709\u52b9\u306b\u3057\u3066\u3082\u5b89\u5168\u3067\u3059\u3002",
+    "dhcp_found": "\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5185\u306b\u6d3b\u52d5\u4e2d\u306eDHCP\u30b5\u30fc\u30d0\u3092\u898b\u3064\u3051\u307e\u3057\u305f\u3002\u5185\u81d3\u3055\u308c\u305fDHCP\u30b5\u30fc\u30d0\u3092\u6709\u52b9\u306b\u3059\u308b\u306b\u306f\u5b89\u5168\u3067\u306f\u3042\u308a\u307e\u305b\u3093\u3002",
+    "dhcp_leases": "DHCP\u5272\u5f53",
+    "dhcp_leases_not_found": "DHCP\u5272\u5f53\u306f\u3042\u308a\u307e\u305b\u3093",
+    "dhcp_config_saved": "DHCP\u30b5\u30fc\u30d0\u306e\u8a2d\u5b9a\u3092\u4fdd\u5b58\u3057\u307e\u3057\u305f",
+    "form_error_required": "\u5fc5\u9808\u9805\u76ee\u3067\u3059",
+    "form_error_ip_format": "IPv4\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u3067\u306f\u3042\u308a\u307e\u305b\u3093",
+    "form_error_positive": "0\u3088\u308a\u5927\u304d\u3044\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059",
+    "dhcp_form_gateway_input": "\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4IP",
+    "dhcp_form_subnet_input": "\u30b5\u30d6\u30cd\u30c3\u30c8\u30de\u30b9\u30af",
+    "dhcp_form_range_title": "IP\u30a2\u30c9\u30ec\u30b9\u306e\u7bc4\u56f2",
+    "dhcp_form_range_start": "\u7bc4\u56f2\u306e\u958b\u59cb",
+    "dhcp_form_range_end": "\u7bc4\u56f2\u306e\u7d42\u4e86",
+    "dhcp_form_lease_title": "DHCP\u5272\u5f53\u6642\u9593\uff08\u79d2\u5358\u4f4d\uff09",
+    "dhcp_form_lease_input": "\u5272\u5f53\u671f\u9593",
+    "dhcp_interface_select": "DHCP\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\u306e\u9078\u629e",
+    "dhcp_hardware_address": "MAC\u30a2\u30c9\u30ec\u30b9",
+    "dhcp_ip_addresses": "IP\u30a2\u30c9\u30ec\u30b9",
+    "back": "\u623b\u308b",
+    "dashboard": "\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9",
+    "settings": "\u8a2d\u5b9a",
+    "filters": "\u30d5\u30a3\u30eb\u30bf",
+    "query_log": "\u30af\u30a8\u30ea\u30fb\u30ed\u30b0",
+    "faq": "\u3088\u304f\u3042\u308b\u8cea\u554f",
+    "version": "\u30d0\u30fc\u30b8\u30e7\u30f3",
+    "address": "\u30a2\u30c9\u30ec\u30b9",
+    "on": "\u30aa\u30f3",
+    "off": "\u30aa\u30d5",
+    "copyright": "\u8457\u4f5c\u6a29",
+    "homepage": "\u30db\u30fc\u30e0\u30da\u30fc\u30b8",
+    "report_an_issue": "\u554f\u984c\u3092\u5831\u544a\u3059\u308b",
+    "enable_protection": "\u4fdd\u8b77\u3092\u6709\u52b9\u306b\u3059\u308b",
+    "enabled_protection": "\u4fdd\u8b77\u3092\u6709\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "disable_protection": "\u4fdd\u8b77\u3092\u7121\u52b9\u306b\u3059\u308b",
+    "disabled_protection": "\u4fdd\u8b77\u3092\u7121\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "refresh_statics": "\u7d71\u8a08\u30c7\u30fc\u30bf\u3092\u6700\u65b0\u306b\u3059\u308b",
+    "dns_query": "DNS\u30af\u30a8\u30ea",
+    "blocked_by": "\u30d5\u30a3\u30eb\u30bf\u306b\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305fDNS\u30af\u30a8\u30ea",
+    "stats_malware_phishing": "\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305f\u30de\u30eb\u30a6\u30a7\u30a2\uff0f\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0",
+    "stats_adult": "\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305f\u30a2\u30c0\u30eb\u30c8\u30a6\u30a7\u30d6\u30b5\u30a4\u30c8",
+    "stats_query_domain": "\u6700\u3082\u554f\u5408\u305b\u3055\u308c\u305f\u30c9\u30e1\u30a4\u30f3",
+    "for_last_24_hours": "\u904e\u53bb24\u6642\u9593\u4ee5\u5185",
+    "no_domains_found": "\u30c9\u30e1\u30a4\u30f3\u60c5\u5831\u306f\u3042\u308a\u307e\u305b\u3093",
+    "requests_count": "\u30ea\u30af\u30a8\u30b9\u30c8\u6570",
+    "top_blocked_domains": "\u6700\u3082\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305f\u30c9\u30e1\u30a4\u30f3",
+    "top_clients": "\u30c8\u30c3\u30d7\u30af\u30e9\u30a4\u30a2\u30f3\u30c8",
+    "no_clients_found": "\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u60c5\u5831\u306f\u3042\u308a\u307e\u305b\u3093",
+    "general_statistics": "\u5168\u822c\u7684\u306a\u7d71\u8a08",
+    "number_of_dns_query_24_hours": "\u904e\u53bb24\u6642\u9593\u306b\u51e6\u7406\u3055\u308c\u305fDNS\u30af\u30a8\u30ea\u306e\u6570",
+    "number_of_dns_query_blocked_24_hours": "\u5e83\u544a\u30d6\u30ed\u30c3\u30af\u30d5\u30a3\u30eb\u30bf\u3068hosts\u30d6\u30ed\u30c3\u30af\u30ea\u30b9\u30c8\u306b\u3088\u3063\u3066\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305fDNS\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u6570",
+    "number_of_dns_query_blocked_24_hours_by_sec": "AdGuard\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30e2\u30b8\u30e5\u30fc\u30eb\u306b\u3088\u3063\u3066\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305fDNS\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u6570",
+    "number_of_dns_query_blocked_24_hours_adult": "\u30d6\u30ed\u30c3\u30af\u3055\u308c\u305f\u30a2\u30c0\u30eb\u30c8\u30a6\u30a7\u30d6\u30b5\u30a4\u30c8\u306e\u6570",
+    "enforced_save_search": "\u5f37\u5236\u3055\u308c\u305f\u30bb\u30fc\u30d5\u30b5\u30fc\u30c1",
+    "number_of_dns_query_to_safe_search": "\u30bb\u30fc\u30d5\u30b5\u30fc\u30c1\u304c\u5f37\u5236\u3055\u308c\u305f\u691c\u7d22\u30a8\u30f3\u30b8\u30f3\u306b\u5bfe\u3059\u308bDNS\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u6570",
+    "average_processing_time": "\u5e73\u5747\u51e6\u7406\u6642\u9593",
+    "average_processing_time_hint": "DNS\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u51e6\u7406\u306b\u304b\u304b\u308b\u5e73\u5747\u6642\u9593\uff08\u30df\u30ea\u79d2\u5358\u4f4d\uff09",
+    "block_domain_use_filters_and_hosts": "\u30d5\u30a3\u30eb\u30bf\u3068hosts\u30d5\u30a1\u30a4\u30eb\u3092\u4f7f\u7528\u3057\u3066\u30c9\u30e1\u30a4\u30f3\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b",
+    "filters_block_toggle_hint": "<a href='#filters'>\u30d5\u30a3\u30eb\u30bf<\/a>\u306e\u8a2d\u5b9a\u3067\u30d6\u30ed\u30c3\u30af\u3059\u308b\u30eb\u30fc\u30eb\u3092\u8a2d\u5b9a\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002",
+    "use_adguard_browsing_sec": "AdGuard\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a6\u30a7\u30d6\u30b5\u30fc\u30d3\u30b9\u3092\u4f7f\u7528\u3059\u308b",
+    "use_adguard_browsing_sec_hint": "AdGuard Home\u306f\u3001\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a6\u30a7\u30d6\u30b5\u30fc\u30d3\u30b9\u306b\u3088\u3063\u3066\u30c9\u30e1\u30a4\u30f3\u304c\u30d6\u30e9\u30c3\u30af\u30ea\u30b9\u30c8\u306b\u767b\u9332\u3055\u308c\u3066\u3044\u308b\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002 \u3053\u308c\u306f\u30d7\u30e9\u30a4\u30d0\u30b7\u30fc\u3092\u8003\u616e\u3057\u305fAPI\u3092\u4f7f\u7528\u3057\u3066\u30c1\u30a7\u30c3\u30af\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002\u30c9\u30e1\u30a4\u30f3\u540dSHA256\u30cf\u30c3\u30b7\u30e5\u306e\u77ed\u3044\u30d7\u30ec\u30d5\u30a3\u30c3\u30af\u30b9\u306e\u307f\u304c\u30b5\u30fc\u30d0\u306b\u9001\u4fe1\u3055\u308c\u307e\u3059\u3002",
+    "use_adguard_parental": "AdGuard\u30da\u30a2\u30ec\u30f3\u30bf\u30eb\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u30fb\u30a6\u30a7\u30d6\u30b5\u30fc\u30d3\u30b9\u3092\u4f7f\u7528\u3059\u308b",
+    "use_adguard_parental_hint": "AdGuard Home\u306f\u3001\u30c9\u30e1\u30a4\u30f3\u306b\u30a2\u30c0\u30eb\u30c8\u30b3\u30f3\u30c6\u30f3\u30c4\u304c\u542b\u307e\u308c\u3066\u3044\u308b\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002 \u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a6\u30a7\u30d6\u30b5\u30fc\u30d3\u30b9\u3068\u540c\u3058\u30d7\u30e9\u30a4\u30d0\u30b7\u30fc\u306b\u512a\u3057\u3044API\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002",
+    "enforce_safe_search": "\u30bb\u30fc\u30d5\u30b5\u30fc\u30c1\u3092\u5f37\u5236\u3059\u308b",
+    "enforce_save_search_hint": "AdGuard Home\u306f\u3001Google\u3001Youtube\u3001Bing\u3001Yandex\u306e\u691c\u7d22\u30a8\u30f3\u30b8\u30f3\u3067\u30bb\u30fc\u30d5\u30b5\u30fc\u30c1\u3092\u5f37\u5236\u3067\u304d\u307e\u3059\u3002",
+    "no_servers_specified": "\u30b5\u30fc\u30d0\u304c\u6307\u5b9a\u3055\u308c\u3066\u3044\u307e\u305b\u3093",
+    "no_settings": "\u8a2d\u5b9a\u306a\u3057",
+    "general_settings": "\u4e00\u822c\u8a2d\u5b9a",
+    "upstream_dns": "\u4e0a\u6d41DNS\u30b5\u30fc\u30d0",
+    "upstream_dns_hint": "\u3053\u306e\u30d5\u30a3\u30fc\u30eb\u30c9\u3092\u672a\u5165\u529b\u306e\u307e\u307e\u306b\u3059\u308b\u3068\u3001AdGuard Home\u306f\u4e0a\u6d41\u3068\u3057\u3066<a href='https:\/\/1.1.1.1\/' target='_blank'>Cloudflare DNS<\/a>\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002DNS over TLS\u30b5\u30fc\u30d0\u306b\u306f\u3001\uff62tls:\/\/\u300d\u30d7\u30ec\u30d5\u30a3\u30c3\u30af\u30b9\u3092\u4f7f\u7528\u3057\u3066\u304f\u3060\u3055\u3044\u3002",
+    "test_upstream_btn": "\u4e0a\u6d41\u30b5\u30fc\u30d0\u3092\u30c6\u30b9\u30c8\u3059\u308b",
+    "apply_btn": "\u9069\u7528\u3059\u308b",
+    "disabled_filtering_toast": "\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3092\u7121\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "enabled_filtering_toast": "\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3092\u6709\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "disabled_safe_browsing_toast": "\u30bb\u30fc\u30d5\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u3092\u7121\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "enabled_safe_browsing_toast": "\u30bb\u30fc\u30d5\u30d6\u30e9\u30a6\u30b8\u30f3\u30b0\u3092\u6709\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "disabled_parental_toast": "\u30da\u30a2\u30ec\u30f3\u30bf\u30eb\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u3092\u7121\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "enabled_parental_toast": "\u30da\u30a2\u30ec\u30f3\u30bf\u30eb\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "disabled_safe_search_toast": "\u30bb\u30fc\u30d5\u30b5\u30fc\u30c1\u3092\u7121\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "enabled_save_search_toast": "\u30bb\u30fc\u30d5\u30b5\u30fc\u30c1\u3092\u6709\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "enabled_table_header": "\u6709\u52b9",
+    "name_table_header": "\u540d\u79f0",
+    "filter_url_table_header": "\u30d5\u30a3\u30eb\u30bf\u306eURL",
+    "rules_count_table_header": "\u30eb\u30fc\u30eb\u6570",
+    "last_time_updated_table_header": "\u6700\u7d42\u66f4\u65b0\u6642\u523b",
+    "actions_table_header": "\u64cd\u4f5c",
+    "delete_table_action": "\u524a\u9664\u3059\u308b",
+    "filters_and_hosts": "\u30d5\u30a3\u30eb\u30bf\u3068hosts\u30d6\u30ed\u30c3\u30af\u30ea\u30b9\u30c8",
+    "filters_and_hosts_hint": "AdGuard Home\u306f\u3001\u57fa\u672c\u7684\u306a\u5e83\u544a\u30d6\u30ed\u30c3\u30af\u30eb\u30fc\u30eb\u3068hosts\u30d5\u30a1\u30a4\u30eb\u306e\u69cb\u6587\u3092\u7406\u89e3\u3057\u307e\u3059\u3002",
+    "no_filters_added": "\u30d5\u30a3\u30eb\u30bf\u306f\u8ffd\u52a0\u3055\u308c\u307e\u305b\u3093\u3067\u3057\u305f",
+    "add_filter_btn": "\u30d5\u30a3\u30eb\u30bf\u3092\u8ffd\u52a0\u3059\u308b",
+    "cancel_btn": "\u30ad\u30e3\u30f3\u30bb\u30eb",
+    "enter_name_hint": "\u540d\u79f0\u3092\u5165\u529b",
+    "enter_url_hint": "URL\u3092\u5165\u529b",
+    "check_updates_btn": "\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u78ba\u8a8d\u3059\u308b",
+    "new_filter_btn": "\u65b0\u3057\u3044\u30d5\u30a3\u30eb\u30bf\u30fb\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3",
+    "enter_valid_filter_url": "\u30d5\u30a3\u30eb\u30bf\u30fb\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u3082\u3057\u304f\u306fhosts\u30d5\u30a1\u30a4\u30eb\u306e\u6709\u52b9\u306aURL\u3092\u5165\u529b\u3057\u3066\u304f\u3060\u3055\u3044\u3002",
+    "custom_filter_rules": "\u30ab\u30b9\u30bf\u30e0\u30fb\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u30eb\u30fc\u30eb",
+    "custom_filter_rules_hint": "1\u3064\u306e\u884c\u306b1\u3064\u306e\u30eb\u30fc\u30eb\u3092\u5165\u529b\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \u5e83\u544a\u30d6\u30ed\u30c3\u30af\u30eb\u30fc\u30eb\u3084hosts\u30d5\u30a1\u30a4\u30eb\u69cb\u6587\u3092\u4f7f\u7528\u3067\u304d\u307e\u3059\u3002",
+    "examples_title": "\u4f8b",
+    "example_meaning_filter_block": "example.org\u30c9\u30e1\u30a4\u30f3\u3068\u305d\u306e\u3059\u3079\u3066\u306e\u30b5\u30d6\u30c9\u30e1\u30a4\u30f3\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b",
+    "example_meaning_filter_whitelist": "example.org\u30c9\u30e1\u30a4\u30f3\u3068\u305d\u306e\u3059\u3079\u3066\u306e\u30b5\u30d6\u30c9\u30e1\u30a4\u30f3\u3078\u306e\u30a2\u30af\u30bb\u30b9\u306e\u30d6\u30ed\u30c3\u30af\u3092\u89e3\u9664\u3059\u308b",
+    "example_meaning_host_block": "AdGuard Home\u306f\u3001example.org\u30c9\u30e1\u30a4\u30f3\uff08\u30b5\u30d6\u30c9\u30e1\u30a4\u30f3\u3092\u9664\u304f\uff09\u306b\u5bfe\u3057\u3066127.0.0.1\u306e\u30a2\u30c9\u30ec\u30b9\u3092\u8fd4\u3059\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002",
+    "example_comment": "! \u3053\u3053\u306b\u306f\u30b3\u30e1\u30f3\u30c8\u304c\u5165\u308a\u307e\u3059",
+    "example_comment_meaning": "\u305f\u3060\u306e\u30b3\u30e1\u30f3\u30c8\u3067\u3059",
+    "example_comment_hash": "# \u3053\u3053\u3082\u30b3\u30e1\u30f3\u30c8\u3067\u3059",
+    "example_upstream_regular": "\u901a\u5e38\u306eDNS\uff08UDP\u3067\u306e\u554f\u3044\u5408\u308f\u305b\uff09",
+    "example_upstream_dot": "\u6697\u53f7\u5316\u3055\u308c\u3066\u3044\u308b <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>DNS-over-TLS<\/a>",
+    "example_upstream_doh": "\u6697\u53f7\u5316\u3055\u308c\u3066\u3044\u308b <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS<\/a>",
+    "example_upstream_sdns": "<a href='https:\/\/dnscrypt.info\/' target='_blank'>DNSCrypt<\/a> \u307e\u305f\u306f <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS<\/a> \u30ea\u30be\u30eb\u30d0\u306e\u305f\u3081\u306b <a href='https:\/\/dnscrypt.info\/stamps\/' target='_blank'>DNS Stamps<\/a> \u3092\u4f7f\u3048\u307e\u3059",
+    "example_upstream_tcp": "\u901a\u5e38\u306eDNS\uff08TCP\u3067\u306e\u554f\u3044\u5408\u308f\u305b\uff09",
+    "all_filters_up_to_date_toast": "\u3059\u3079\u3066\u306e\u30d5\u30a3\u30eb\u30bf\u306f\u65e2\u306b\u6700\u65b0\u3067\u3059",
+    "updated_upstream_dns_toast": "\u4e0a\u6d41DNS\u30b5\u30fc\u30d0\u3092\u66f4\u65b0\u3057\u307e\u3057\u305f",
+    "dns_test_ok_toast": "\u6307\u5b9a\u3055\u308c\u305fDNS\u30b5\u30fc\u30d0\u306f\u6b63\u3057\u304f\u52d5\u4f5c\u3057\u3066\u3044\u307e\u3059",
+    "dns_test_not_ok_toast": "\u30b5\u30fc\u30d0 \"{{key}}\": \u4f7f\u7528\u3067\u304d\u307e\u305b\u3093\u3067\u3057\u305f\u3002\u6b63\u3057\u304f\u5165\u529b\u3055\u308c\u3066\u3044\u308b\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044",
+    "unblock_btn": "\u30d6\u30ed\u30c3\u30af\u89e3\u9664",
+    "block_btn": "\u30d6\u30ed\u30c3\u30af\u3059\u308b",
+    "time_table_header": "\u6642\u523b",
+    "domain_name_table_header": "\u30c9\u30e1\u30a4\u30f3\u540d",
+    "type_table_header": "\u7a2e\u985e",
+    "response_table_header": "\u5fdc\u7b54",
+    "client_table_header": "\u30af\u30e9\u30a4\u30a2\u30f3\u30c8",
+    "empty_response_status": "\u672a\u5b9a\u7fa9",
+    "show_all_filter_type": "\u3059\u3079\u3066\u8868\u793a",
+    "show_filtered_type": "\u30d5\u30a3\u30eb\u30bf\u3055\u308c\u305f\u30ed\u30b0\u3092\u8868\u793a",
+    "no_logs_found": "\u30ed\u30b0\u306f\u3042\u308a\u307e\u305b\u3093",
+    "disabled_log_btn": "\u30ed\u30b0\u3092\u7121\u52b9\u306b\u3059\u308b",
+    "download_log_file_btn": "\u30ed\u30b0\u30d5\u30a1\u30a4\u30eb\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3059\u308b",
+    "refresh_btn": "\u6700\u65b0\u306b\u3059\u308b",
+    "enabled_log_btn": "\u30ed\u30b0\u3092\u6709\u52b9\u306b\u3059\u308b",
+    "last_dns_queries": "\u6700\u65b05000\u4ef6\u5206\u306eDNS\u30af\u30a8\u30ea",
+    "previous_btn": "\u524d\u3078",
+    "next_btn": "\u6b21\u3078",
+    "loading_table_status": "\u8aad\u307f\u8fbc\u307f\u4e2d\u2026",
+    "page_table_footer_text": "\u30da\u30fc\u30b8",
+    "of_table_footer_text": "\uff0f",
+    "rows_table_footer_text": "\u884c",
+    "updated_custom_filtering_toast": "\u30ab\u30b9\u30bf\u30e0\u30fb\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u30eb\u30fc\u30eb\u3092\u66f4\u65b0\u3057\u307e\u3057\u305f",
+    "rule_removed_from_custom_filtering_toast": "\u30eb\u30fc\u30eb\u3092\u30ab\u30b9\u30bf\u30e0\u30fb\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u30eb\u30fc\u30eb\u304b\u3089\u9664\u53bb\u3057\u307e\u3057\u305f",
+    "rule_added_to_custom_filtering_toast": "\u30eb\u30fc\u30eb\u3092\u30ab\u30b9\u30bf\u30e0\u30fb\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u30eb\u30fc\u30eb\u306b\u8ffd\u52a0\u3057\u307e\u3057\u305f",
+    "query_log_disabled_toast": "\u30af\u30a8\u30ea\u30fb\u30ed\u30b0\u3092\u7121\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "query_log_enabled_toast": "\u30af\u30a8\u30ea\u30fb\u30ed\u30b0\u3092\u6709\u52b9\u306b\u3057\u307e\u3057\u305f",
+    "source_label": "\u30bd\u30fc\u30b9",
+    "found_in_known_domain_db": "\u65e2\u77e5\u306e\u30c9\u30e1\u30a4\u30f3\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306b\u898b\u3064\u304b\u308a\u307e\u3057\u305f\u3002",
+    "category_label": "\u30ab\u30c6\u30b4\u30ea",
+    "rule_label": "\u30eb\u30fc\u30eb",
+    "filter_label": "\u30d5\u30a3\u30eb\u30bf",
+    "unknown_filter": "\u4e0d\u660e\u306a\u30d5\u30a3\u30eb\u30bf {{filterId}}"
+}
--- a/client/src/__locales/pt-br.json
+++ b/client/src/__locales/pt-br.json
@@ -0,0 +1,157 @@
+{
+    "check_dhcp_servers": "Verifique se h\u00e1 servidores DHCP",
+    "save_config": "Salvar configura\u00e7\u00e3o",
+    "enabled_dhcp": "Servidor DHCP ativado",
+    "disabled_dhcp": "Servidor DHCP desativado",
+    "dhcp_title": "Servidor DHCP",
+    "dhcp_description": "Se o seu roteador n\u00e3o fornecer configura\u00e7\u00f5es de DHCP, voc\u00ea poder\u00e1 usar o servidor DHCP integrado do AdGuard.",
+    "dhcp_enable": "Ativar servidor DHCP",
+    "dhcp_disable": "Desativar servidor DHCP",
+    "dhcp_not_found": "Nenhum servidor DHCP ativo foi encontrado na sua rede. \u00c9 seguro ativar o servidor DHCP integrado.",
+    "dhcp_found": "Nenhum servidor DHCP ativo foi encontrado na sua rede. N\u00e3o \u00e9 seguro ativar o servidor DHCP integrado.",
+    "dhcp_leases": "Concess\u00f5es DHCP",
+    "dhcp_leases_not_found": "Nenhuma concess\u00e3o DHCP encontrada",
+    "dhcp_config_saved": "Salvar configura\u00e7\u00f5es do servidor DHCP",
+    "form_error_required": "Campo obrigat\u00f3rio",
+    "form_error_ip_format": "formato de endere\u00e7o IPv4 inv\u00e1lido",
+    "form_error_positive": "Deve ser maior que 0",
+    "dhcp_form_gateway_input": "IP do gateway",
+    "dhcp_form_subnet_input": "M\u00e1scara de sub-rede",
+    "dhcp_form_range_title": "Faixa de endere\u00e7os IP",
+    "dhcp_form_range_start": "In\u00edcio da faixa",
+    "dhcp_form_range_end": "Final da faixa",
+    "dhcp_form_lease_title": "Tempo de concess\u00e3o do DHCP (em segundos)",
+    "dhcp_form_lease_input": "Dura\u00e7\u00e3o da concess\u00e3o",
+    "dhcp_interface_select": "Selecione a interface DHCP",
+    "dhcp_hardware_address": "Endere\u00e7o de hardware",
+    "dhcp_ip_addresses": "Endere\u00e7o de IP",
+    "back": "Voltar",
+    "dashboard": "Painel",
+    "settings": "Configura\u00e7\u00f5es",
+    "filters": "Filtros",
+    "query_log": "Registro de consultas",
+    "faq": "FAQ",
+    "version": "vers\u00e3o",
+    "address": "endere\u00e7o",
+    "on": "ON",
+    "off": "OFF",
+    "copyright": "Copyright",
+    "homepage": "P\u00e1gina inicial",
+    "report_an_issue": "Reportar um problema",
+    "enable_protection": "Ativar prote\u00e7\u00e3o",
+    "enabled_protection": "Prote\u00e7\u00e3o ativada",
+    "disable_protection": "Desativar prote\u00e7\u00e3o",
+    "disabled_protection": "Prote\u00e7\u00e3o desativada",
+    "refresh_statics": "Atualizar estat\u00edsticas",
+    "dns_query": "Consultas de DNS",
+    "blocked_by": "Bloqueador por filtros",
+    "stats_malware_phishing": "Bloqueado malware\/phishing",
+    "stats_adult": "Bloqueado sites adultos",
+    "stats_query_domain": "Principais dom\u00ednios consultados",
+    "for_last_24_hours": "nas \u00faltimas 24 horas",
+    "no_domains_found": "Nenhum dom\u00ednio encontrado",
+    "requests_count": "Contagem de solicita\u00e7\u00f5es",
+    "top_blocked_domains": "Principais dom\u00ednios bloqueados",
+    "top_clients": "Principais clientes",
+    "no_clients_found": "Nenhuma cliente encontrado",
+    "general_statistics": "Estat\u00edsticas gerais",
+    "number_of_dns_query_24_hours": "O n\u00famero de consultas DNS processadas nas \u00faltimas 24 horas",
+    "number_of_dns_query_blocked_24_hours": "V\u00e1rias solicita\u00e7\u00f5es DNS bloqueadas por filtros de bloqueio de an\u00fancios e listas de bloqueio de hosts",
+    "number_of_dns_query_blocked_24_hours_by_sec": "V\u00e1rias solicita\u00e7\u00f5es de DNS bloqueadas pelo m\u00f3dulo de seguran\u00e7a da navega\u00e7\u00e3o do AdGuard",
+    "number_of_dns_query_blocked_24_hours_adult": "V\u00e1rios sites adultos bloqueados",
+    "enforced_save_search": "For\u00e7ar pesquisa segura",
+    "number_of_dns_query_to_safe_search": "V\u00e1rias solicita\u00e7\u00f5es de DNS para motores de busca para os quais a pesquisa segura foi aplicada",
+    "average_processing_time": "Tempo m\u00e9dio de processamento",
+    "average_processing_time_hint": "Tempo m\u00e9dio em milissegundos no processamento de uma solicita\u00e7\u00e3o DNS",
+    "block_domain_use_filters_and_hosts": "Bloquear dom\u00ednios usando arquivos de filtros e hosts",
+    "filters_block_toggle_hint": "Voc\u00ea pode configurar as regras de bloqueio nas configura\u00e7\u00f5es de <a href='#filters'>Filtros<\/a>.",
+    "use_adguard_browsing_sec": "Usar o servi\u00e7o de seguran\u00e7a da navega\u00e7\u00e3o do AdGuard",
+    "use_adguard_browsing_sec_hint": "O AdGuard Home ir\u00e1 verificar se o dom\u00ednio est\u00e1 na lista negra do servi\u00e7o de seguran\u00e7a da navega\u00e7\u00e3o. Ele usar\u00e1 a API de pesquisa de privacidade para executar a verifica\u00e7\u00e3o: apenas um prefixo curto do hash do nome de dom\u00ednio SHA256 \u00e9 enviado para o servidor.",
+    "use_adguard_parental": "Usar o servi\u00e7o de controle parental do AdGuard",
+    "use_adguard_parental_hint": "O AdGuard Home ir\u00e1 verificar se o dom\u00ednio cont\u00e9m conte\u00fado adulto. Ele usa a mesma API amig\u00e1vel de privacidade que o servi\u00e7o de seguran\u00e7a da navega\u00e7\u00e3o.",
+    "enforce_safe_search": "For\u00e7ar pesquisa segura",
+    "enforce_save_search_hint": "O AdGuard Home pode for\u00e7ar a pesquisa segura nos seguintes motores de busca: Google, Youtube, Bing e Yandex.",
+    "no_servers_specified": "Nenhum servidor especificado",
+    "no_settings": "N\u00e3o configurado",
+    "general_settings": "Configura\u00e7\u00f5es gerais",
+    "upstream_dns": "Servidores DNS upstream",
+    "upstream_dns_hint": "Se voc\u00ea deixar este campo vazio, o AdGuard Home ir\u00e1 usar o<a href='https:\/\/1.1.1.1\/' target='_blank'>DNS da Cloudflare<\/a> como upstream. Use o prefixo tls:\/\/ para servidores DNS com TLS.",
+    "test_upstream_btn": "Testar upstreams",
+    "apply_btn": "Aplicar",
+    "disabled_filtering_toast": "Filtragem desativada",
+    "enabled_filtering_toast": "Filtragem ativada",
+    "disabled_safe_browsing_toast": "Navega\u00e7\u00e3o segura desativada",
+    "enabled_safe_browsing_toast": "Navega\u00e7\u00e3o segura ativada",
+    "disabled_parental_toast": "Controle parental desativado",
+    "enabled_parental_toast": "Controle parental ativado",
+    "disabled_safe_search_toast": "Pesquisa segura desativada",
+    "enabled_save_search_toast": "Pesquisa segura ativada",
+    "enabled_table_header": "Ativado",
+    "name_table_header": "Nome",
+    "filter_url_table_header": "URL do filtro",
+    "rules_count_table_header": "Quantidade de regras",
+    "last_time_updated_table_header": "\u00daltima atualiza\u00e7\u00e3o",
+    "actions_table_header": "A\u00e7\u00f5es",
+    "delete_table_action": "Excluir",
+    "filters_and_hosts": "Filtros e listas de bloqueio de hosts",
+    "filters_and_hosts_hint": "O AdGuard Home entende regras b\u00e1sicas de bloqueio de an\u00fancios e a sintaxe de arquivos de hosts.",
+    "no_filters_added": "Nenhum filtro adicionado",
+    "add_filter_btn": "Adicionar filtro",
+    "cancel_btn": "Cancelar",
+    "enter_name_hint": "Digite o nome",
+    "enter_url_hint": "Digite a URL",
+    "check_updates_btn": "Verificar atualiza\u00e7\u00f5es",
+    "new_filter_btn": "Nova inscri\u00e7\u00e3o de filtro",
+    "enter_valid_filter_url": "Digite a URL v\u00e1lida para efetuar a inscri\u00e7\u00e3o de filtro ou um arquivo de hosts.",
+    "custom_filter_rules": "Regras de filtragem personalizadas",
+    "custom_filter_rules_hint": "Digite uma regra por linha. Voc\u00ea pode usar regras de bloqueio de an\u00fancios ou a sintaxe de arquivos de hosts.",
+    "examples_title": "Exemplos",
+    "example_meaning_filter_block": "bloqueia o acesso ao dom\u00ednio exemplo.org e a todos os seus subdom\u00ednios",
+    "example_meaning_filter_whitelist": "desbloqueia o acesso ao dom\u00ednio exemplo.org e a todos os seus subdom\u00ednios",
+    "example_meaning_host_block": "O AdGuard Home ir\u00e1 retornar o endere\u00e7o 127.0.0.1 para o dom\u00ednio exemplo.org (exceto seus subdom\u00ednios).",
+    "example_comment": "! Aqui vai um coment\u00e1rio",
+    "example_comment_meaning": "apenas um coment\u00e1rio",
+    "example_comment_hash": "# Tamb\u00e9m um coment\u00e1rio",
+    "example_upstream_regular": "DNS regular (atrav\u00e9s do UDP)",
+    "example_upstream_dot": "DNS criptografado <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>atrav\u00e9s do TLS<\/a>",
+    "example_upstream_doh": "DNS criptografado <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>atrav\u00e9s do HTTPS<\/a>",
+    "example_upstream_sdns": "Voc\u00ea pode usar <a href='https:\/\/dnscrypt.info\/stamps\/' target='_blank'>DNS Stamps<\/a>para o<a href='https:\/\/dnscrypt.info\/' target='_blank'>DNSCrypt<\/a>ou usar resolvedores<a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-sobre-HTTPS<\/a>",
+    "example_upstream_tcp": "DNS regular (atrav\u00e9s do TCP)",
+    "all_filters_up_to_date_toast": "Todos os filtros j\u00e1 est\u00e3o atualizados",
+    "updated_upstream_dns_toast": "Atualizado os servidores DNS upstream",
+    "dns_test_ok_toast": "Os servidores DNS especificados est\u00e3o funcionando corretamente",
+    "dns_test_not_ok_toast": "O servidor \"{{key}}\": n\u00e3o p\u00f4de ser utilizado. Por favor, verifique se voc\u00ea escreveu corretamente",
+    "unblock_btn": "Desbloquear",
+    "block_btn": "Bloquear",
+    "time_table_header": "Data",
+    "domain_name_table_header": "Nome de dom\u00ednio",
+    "type_table_header": "Tipo",
+    "response_table_header": "Resposta",
+    "client_table_header": "Cliente",
+    "empty_response_status": "Vazio",
+    "show_all_filter_type": "Mostrar todos",
+    "show_filtered_type": "Mostrar filtrados",
+    "no_logs_found": "Nenhum registro encontrado",
+    "disabled_log_btn": "Desativar registros",
+    "download_log_file_btn": "Baixar arquivo de registros",
+    "refresh_btn": "Atualizar",
+    "enabled_log_btn": "Ativar registros",
+    "last_dns_queries": "\u00daltimas 5000 consultas DNS",
+    "previous_btn": "Anterior",
+    "next_btn": "Pr\u00f3ximo",
+    "loading_table_status": "Carregando",
+    "page_table_footer_text": "P\u00e1gina",
+    "of_table_footer_text": "de",
+    "rows_table_footer_text": "linhas",
+    "updated_custom_filtering_toast": "Regras de filtragem personalizadas atualizadas",
+    "rule_removed_from_custom_filtering_toast": "Regra removida das regras de filtragem personalizadas",
+    "rule_added_to_custom_filtering_toast": "Regra adicionada \u00e0s regras de filtragem personalizadas",
+    "query_log_disabled_toast": "Registros de consultas desativado",
+    "query_log_enabled_toast": "Registros de consultas ativado",
+    "source_label": "Fonte",
+    "found_in_known_domain_db": "Encontrado no banco de dados de dom\u00ednios conhecidos.",
+    "category_label": "Categoria",
+    "rule_label": "Regra",
+    "filter_label": "Filtro",
+    "unknown_filter": "Filtro desconhecido {{filterId}}"
+}
--- a/client/src/__locales/ru.json
+++ b/client/src/__locales/ru.json
@@ -0,0 +1,129 @@
+{
+    "back": "\u041d\u0430\u0437\u0430\u0434",
+    "dashboard": "\u041f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f",
+    "settings": "\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438",
+    "filters": "\u0424\u0438\u043b\u044c\u0442\u0440\u044b",
+    "query_log": "\u0416\u0443\u0440\u043d\u0430\u043b",
+    "faq": "FAQ",
+    "version": "\u0432\u0435\u0440\u0441\u0438\u044f",
+    "address": "\u0430\u0434\u0440\u0435\u0441",
+    "on": "\u0412\u043a\u043b",
+    "off": "\u0412\u044b\u043a\u043b",
+    "copyright": "\u0412\u0441\u0435 \u043f\u0440\u0430\u0432\u0430 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u044b",
+    "homepage": "\u0413\u043b\u0430\u0432\u043d\u0430\u044f",
+    "report_an_issue": "\u0421\u043e\u043e\u0431\u0449\u0438\u0442\u044c \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435",
+    "enable_protection": "\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0437\u0430\u0449\u0438\u0442\u0443",
+    "enabled_protection": "\u0417\u0430\u0449\u0438\u0442\u0430 \u0432\u043a\u043b.",
+    "disable_protection": "\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0437\u0430\u0449\u0438\u0442\u0443",
+    "disabled_protection": "\u0417\u0430\u0449\u0438\u0442\u0430 \u0432\u044b\u043a\u043b.",
+    "refresh_statics": "\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443",
+    "dns_query": "DNS-\u0437\u0430\u043f\u0440\u043e\u0441\u044b",
+    "blocked_by": "\u0417\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0424\u0438\u043b\u044c\u0442\u0440\u044b",
+    "stats_malware_phishing": "\u0417\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0438 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u0441\u0430\u0439\u0442\u044b",
+    "stats_adult": "\u0417\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \"\u0432\u0437\u0440\u043e\u0441\u043b\u044b\u0435\" \u0441\u0430\u0439\u0442\u044b",
+    "stats_query_domain": "\u0427\u0430\u0441\u0442\u043e \u0437\u0430\u043f\u0440\u0430\u0448\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0434\u043e\u043c\u0435\u043d\u044b",
+    "for_last_24_hours": "\u0437\u0430 24 \u0447\u0430\u0441\u0430",
+    "no_domains_found": "\u0414\u043e\u043c\u0435\u043d\u044b \u043d\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u044b",
+    "requests_count": "\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432",
+    "top_blocked_domains": "\u0427\u0430\u0441\u0442\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0434\u043e\u043c\u0435\u043d\u044b",
+    "top_clients": "\u0427\u0430\u0441\u0442\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b",
+    "no_clients_found": "\u041a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043d\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u043e",
+    "general_statistics": "\u041e\u0431\u0449\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430",
+    "number_of_dns_query_24_hours": "\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e DNS-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0437\u0430 24 \u0447\u0430\u0441\u0430",
+    "number_of_dns_query_blocked_24_hours": "\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e DNS-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u043c\u0438 \u0438 \u0431\u043b\u043e\u043a-\u0441\u043f\u0438\u0441\u043a\u0430\u043c\u0438",
+    "number_of_dns_query_blocked_24_hours_by_sec": "\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e DNS-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043c\u043e\u0434\u0443\u043b\u0435\u043c \u0410\u043d\u0442\u0438\u0444\u0438\u0448\u0438\u043d\u0433\u0430 AdGuard",
+    "number_of_dns_query_blocked_24_hours_adult": "\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \"\u0441\u0430\u0439\u0442\u043e\u0432 \u0434\u043b\u044f \u0432\u0437\u0440\u043e\u0441\u043b\u044b\u0445\"",
+    "enforced_save_search": "\u041f\u0440\u0438\u043c\u0435\u043d\u0435\u043d \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a",
+    "number_of_dns_query_to_safe_search": "\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 DNS \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a",
+    "average_processing_time": "\u0421\u0440\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u0430",
+    "average_processing_time_hint": "\u0421\u0440\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u0430 DNS  \u0432 \u043c\u0438\u043b\u043b\u0438\u0441\u0435\u043a\u0443\u043d\u0434\u0430\u0445",
+    "block_domain_use_filters_and_hosts": "\u0411\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u043c\u0435\u043d\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0438\u043b\u044c\u0442\u0440\u043e\u0432 \u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0445\u043e\u0441\u0442\u043e\u0432",
+    "filters_block_toggle_hint": "\u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0432 <a href='#filters'> \"\u0424\u0438\u043b\u044c\u0442\u0440\u0430\u0445\"<\/a>.",
+    "use_adguard_browsing_sec": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0443\u044e \u043d\u0430\u0432\u0438\u0433\u0430\u0446\u0438\u044e AdGuard",
+    "use_adguard_browsing_sec_hint": "AdGuard Home \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442, \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u043b\u0438 \u0434\u043e\u043c\u0435\u043d \u0432 \u0432\u0435\u0431-\u0441\u043b\u0443\u0436\u0431\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430. \u041e\u043d \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c API, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443: \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u0440\u043e\u0442\u043a\u0438\u0439 \u043f\u0440\u0435\u0444\u0438\u043a\u0441 \u0438\u043c\u0435\u043d\u0438 \u0434\u043e\u043c\u0435\u043d\u0430 SHA256.",
+    "use_adguard_parental": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 \u043c\u043e\u0434\u0443\u043b\u044c \u0420\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f AdGuard ",
+    "use_adguard_parental_hint": "AdGuard Home \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043b\u0438 \u0434\u043e\u043c\u0435\u043d \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u044b 18+. \u041e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0442\u043e\u0442 \u0436\u0435 API \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u0438 \u0432\u0435\u0431-\u0441\u043b\u0443\u0436\u0431\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430.",
+    "enforce_safe_search": "\u0423\u0441\u0438\u043b\u0438\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a",
+    "enforce_save_search_hint": "AdGuard Home \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a \u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445: Google, Youtube, Bing \u0438 Yandex.",
+    "no_servers_specified": "\u041d\u0435\u0442 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432",
+    "no_settings": "\u041d\u0435\u0442 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a",
+    "general_settings": "\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438",
+    "upstream_dns": "Upstream DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u044b",
+    "upstream_dns_hint": "\u0415\u0441\u043b\u0438 \u0432\u044b \u043e\u0441\u0442\u0430\u0432\u0438\u0442\u0435 \u044d\u0442\u043e \u043f\u043e\u043b\u0435 \u043f\u0443\u0441\u0442\u044b\u043c, \u0442\u043e AdGuard Home \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442  <a href='https:\/\/1.1.1.1\/' target='_blank'>Cloudflare DNS<\/a> \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 upstream. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 tls:\/\/ \u0434\u043b\u044f DNS \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0440\u0432\u0435\u0440\u044b TLS.",
+    "test_upstream_btn": "\u0422\u0435\u0441\u0442 upstream \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432",
+    "apply_btn": "\u041f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c",
+    "disabled_filtering_toast": "\u0424\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u0432\u044b\u043a\u043b.",
+    "enabled_filtering_toast": "\u0424\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u0432\u043a\u043b.",
+    "disabled_safe_browsing_toast": "\u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0430\u044f \u043d\u0430\u0432\u0438\u0433\u0430\u0446\u0438\u044f \u0432\u044b\u043a\u043b.",
+    "enabled_safe_browsing_toast": "\u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0430\u044f \u043d\u0430\u0432\u0438\u0433\u0430\u0446\u0438\u044f \u0432\u043a\u043b.",
+    "disabled_parental_toast": "\u0420\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0432\u044b\u043a\u043b.",
+    "enabled_parental_toast": "\u0420\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0432\u043a\u043b.",
+    "disabled_safe_search_toast": "\u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a \u0432\u044b\u043a\u043b.",
+    "enabled_save_search_toast": "\u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a \u0432\u043a\u043b.",
+    "enabled_table_header": "\u0412\u043a\u043b.",
+    "name_table_header": "\u0418\u043c\u044f",
+    "filter_url_table_header": "URL \u0444\u0438\u043b\u044c\u0442\u0440\u0430",
+    "rules_count_table_header": "\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u0440\u0430\u0432\u0438\u043b:",
+    "last_time_updated_table_header": "\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435",
+    "actions_table_header": "\u0414\u0435\u0439\u0441\u0442\u0432\u0438\u044f",
+    "delete_table_action": "\u0423\u0434\u0430\u043b\u0438\u0442\u044c",
+    "filters_and_hosts": "\u0424\u0438\u043b\u044c\u0442\u0440\u044b \u0438 \u0447\u0435\u0440\u043d\u044b\u0435 \u0441\u043f\u0438\u0441\u043a\u0438 hosts",
+    "filters_and_hosts_hint": "AdGuard Home \u0440\u0430\u0441\u043f\u043e\u0437\u043d\u0430\u0435\u0442 \u0431\u0430\u0437\u043e\u0432\u044b\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0438 \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0441 \u0444\u0430\u0439\u043b\u043e\u0432 hosts.",
+    "no_filters_added": "\u0424\u0438\u043b\u044c\u0442\u0440\u044b \u043d\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b",
+    "add_filter_btn": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0444\u0438\u043b\u044c\u0442\u0440",
+    "cancel_btn": "\u041e\u0442\u043c\u0435\u043d\u0430",
+    "enter_name_hint": "\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u0438\u043c\u044f",
+    "enter_url_hint": "\u0412\u0432\u0435\u0434\u0438\u0442\u0435 URL",
+    "check_updates_btn": "\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f",
+    "new_filter_btn": "\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u043e\u0432\u043e\u0433\u043e \u0444\u0438\u043b\u044c\u0442\u0440\u0430",
+    "enter_valid_filter_url": "\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 URL \u0434\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u043a\u0438 \u043d\u0430 \u0444\u0438\u043b\u044c\u0442\u0440 \u0438\u043b\u0438 \u0444\u0430\u0439\u043b hosts.",
+    "custom_filter_rules": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438",
+    "custom_filter_rules_hint": "\u0412\u0432\u043e\u0434\u0438\u0442\u0435 \u043f\u043e \u043e\u0434\u043d\u043e\u043c\u0443 \u043f\u0440\u0430\u0432\u0438\u043b\u0443 \u043d\u0430 \u0441\u0442\u0440\u043e\u0447\u043a\u0443. \u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0438\u043b\u0438 \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0441 \u0444\u0430\u0439\u043b\u043e\u0432 hosts.",
+    "examples_title": "\u041f\u0440\u0438\u043c\u0435\u0440\u044b",
+    "example_meaning_filter_block": "\u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u043e\u043c\u0435\u043d\u0443 example.org \u0438 \u0432\u0441\u0435\u043c \u0435\u0433\u043e \u043f\u043e\u0434\u0434\u043e\u043c\u0435\u043d\u0430\u043c",
+    "example_meaning_filter_whitelist": "\u0440\u0430\u0437\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u043e\u043c\u0435\u043d\u0443 example.org \u0438 \u0432\u0441\u0435\u043c \u0435\u0433\u043e \u043f\u043e\u0434\u0434\u043e\u043c\u0435\u043d\u0430\u043c",
+    "example_meaning_host_block": "\u0422\u0435\u043f\u0435\u0440\u044c AdGuard Home \u0432\u0435\u0440\u043d\u0435\u0442 127.0.0.1 \u0434\u043b\u044f \u0434\u043e\u043c\u0435\u043d\u0430 example.org (\u043d\u043e \u043d\u0435 \u0434\u043b\u044f \u0435\u0433\u043e \u043f\u043e\u0434\u0434\u043e\u043c\u0435\u043d\u043e\u0432).",
+    "example_comment": "! \u0422\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435",
+    "example_comment_meaning": "\u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0439",
+    "example_comment_hash": "# \u0418 \u0432\u043e\u0442 \u0442\u0430\u043a \u0442\u043e\u0436\u0435",
+    "example_upstream_regular": "\u043e\u0431\u044b\u0447\u043d\u044b\u0439 DNS (\u043f\u043e\u0432\u0435\u0440\u0445 UDP)",
+    "example_upstream_dot": "\u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>DNS-\u043f\u043e\u0432\u0435\u0440\u0445-TLS<\/a>",
+    "example_upstream_doh": "\u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-\u043f\u043e\u0432\u0435\u0440\u0445-HTTPS<\/a>",
+    "example_upstream_tcp": "\u043e\u0431\u044b\u0447\u043d\u044b\u0439 DNS (\u043f\u043e\u0432\u0435\u0440\u0445 TCP)",
+    "all_filters_up_to_date_toast": "\u0412\u0441\u0435 \u0444\u0438\u043b\u044c\u0442\u0440\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b",
+    "updated_upstream_dns_toast": "Upstream DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b",
+    "dns_test_ok_toast": "\u0423\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b DNS \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e",
+    "dns_test_not_ok_toast": "\u0421\u0435\u0440\u0432\u0435\u0440 \"{{key}}\": \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043f\u0440\u043e\u0432\u0435\u0440\u044c\u0442\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u044f",
+    "unblock_btn": "\u0420\u0430\u0437\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c",
+    "block_btn": "\u0417\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c",
+    "time_table_header": "\u0412\u0440\u0435\u043c\u044f",
+    "domain_name_table_header": "\u0414\u043e\u043c\u0435\u043d",
+    "type_table_header": "\u0422\u0438\u043f",
+    "response_table_header": "\u041e\u0442\u0432\u0435\u0442",
+    "client_table_header": "\u041a\u043b\u0438\u0435\u043d\u0442",
+    "empty_response_status": "\u041f\u0443\u0441\u0442\u043e",
+    "show_all_filter_type": "\u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u0441\u0435",
+    "show_filtered_type": "\u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u043e\u0442\u0444\u0438\u043b\u044c\u0442\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435",
+    "no_logs_found": "\u041b\u043e\u0433\u0438 \u043d\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u044b",
+    "disabled_log_btn": "\u0416\u0443\u0440\u043d\u0430\u043b \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0432\u044b\u043a\u043b.",
+    "download_log_file_btn": "\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043e\u0442\u0447\u0451\u0442",
+    "refresh_btn": "\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c",
+    "enabled_log_btn": "\u0416\u0443\u0440\u043d\u0430\u043b \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0432\u043a\u043b.",
+    "last_dns_queries": "\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 5000 DNS-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432",
+    "previous_btn": "\u041d\u0430\u0437\u0430\u0434",
+    "next_btn": "\u0412\u043f\u0435\u0440\u0451\u0434",
+    "loading_table_status": "\u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430...",
+    "page_table_footer_text": "\u0421\u0442\u0440\u0430\u043d\u0438\u0446\u0430",
+    "of_table_footer_text": "\u0438\u0437",
+    "rows_table_footer_text": "\u0441\u0442\u0440\u043e\u043a",
+    "updated_custom_filtering_toast": "\u0412\u043d\u0435\u0441\u0435\u043d\u044b \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430",
+    "rule_removed_from_custom_filtering_toast": "\u041f\u0440\u0430\u0432\u0438\u043b\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043e \u0438\u0437 \u0430\u0432\u0442\u043e\u0440\u0441\u043a\u043e\u0433\u043e \u0441\u043f\u0438\u0441\u043a\u0430 \u043f\u0440\u0430\u0432\u0438\u043b \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438",
+    "rule_added_to_custom_filtering_toast": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043e",
+    "query_log_disabled_toast": "\u0416\u0443\u0440\u043d\u0430\u043b \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432\u044b\u043a\u043b.",
+    "query_log_enabled_toast": "\u0416\u0443\u0440\u043d\u0430\u043b \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432\u043a\u043b.",
+    "source_label": "\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a",
+    "found_in_known_domain_db": "\u041d\u0430\u0439\u0434\u0435\u043d \u0432 \u0431\u0430\u0437\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0434\u043e\u043c\u0435\u043d\u043e\u0432.",
+    "category_label": "\u041a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f",
+    "rule_label": "\u041f\u0440\u0430\u0432\u0438\u043b\u043e",
+    "filter_label": "\u0424\u0438\u043b\u044c\u0442\u0440"
+}
--- a/client/src/__locales/sv.json
+++ b/client/src/__locales/sv.json
@@ -0,0 +1,153 @@
+{
+    "refresh_status": "Uppdatera status",
+    "save_config": "Spara inst\u00e4llningar",
+    "enabled_dhcp": "DHCP-server aktiverad",
+    "disabled_dhcp": "Dhcp-server avaktiverad",
+    "dhcp_title": "DHCP-server",
+    "dhcp_description": "Om din router inte har inst\u00e4llningar f\u00f6r DHCP kan du anv\u00e4nda AdGuards inbyggda server.",
+    "dhcp_enable": "Aktivera DHCP.-server",
+    "dhcp_disable": "Avaktivera DHCP-server",
+    "dhcp_not_found": "Ingen aktiv DHCP-server hittades i n\u00e4tverkat.",
+    "dhcp_leases": "DHCP-lease",
+    "dhcp_leases_not_found": "Ingen DHCP-lease hittad",
+    "dhcp_config_saved": "Sparade inst\u00e4llningar f\u00f6r DHCP-servern",
+    "form_error_required": "Obligatoriskt f\u00e4lt",
+    "form_error_ip_format": "Ogiltigt IPv4-format",
+    "form_error_positive": "M\u00e5ste vara st\u00f6rre \u00e4n noll",
+    "dhcp_form_gateway_input": "Gateway-IP",
+    "dhcp_form_subnet_input": "Subnetmask",
+    "dhcp_form_range_title": "IP-adressgr\u00e4nser",
+    "dhcp_form_range_start": "Startgr\u00e4ns",
+    "dhcp_form_range_end": "Gr\u00e4nsslut",
+    "dhcp_form_lease_title": "DHCP-leasetid (i sekunder)",
+    "dhcp_form_lease_input": "Leasetid",
+    "back": "Tiilbaka",
+    "dashboard": "Kontrollpanel",
+    "settings": "Inst\u00e4llningar",
+    "filters": "Filter",
+    "query_log": "F\u00f6rfr\u00e5gningslogg",
+    "faq": "FAQ",
+    "version": "version",
+    "address": "adress",
+    "on": "P\u00c5",
+    "off": "AV",
+    "copyright": "Copyright",
+    "homepage": "Hemsida",
+    "report_an_issue": "Rapportera ett problem",
+    "enable_protection": "Koppla p\u00e5 skydd",
+    "enabled_protection": "Kopplade p\u00e5 skydd",
+    "disable_protection": "Koppla bort skydd",
+    "disabled_protection": "Kopplade bort skydd",
+    "refresh_statics": "Uppdatera statistik",
+    "dns_query": "DNS-f\u00f6rfr\u00e5gningar",
+    "blocked_by": "Blockerat av filter",
+    "stats_malware_phishing": "Blockerad skadekod\/phising",
+    "stats_adult": "Blockerade vuxensajter",
+    "stats_query_domain": "Mest efters\u00f6kta dom\u00e4ner",
+    "for_last_24_hours": "under de senaste 24 timamrna",
+    "no_domains_found": "Inga dom\u00e4ner hittade",
+    "requests_count": "F\u00f6rfr\u00e5gningsantal",
+    "top_blocked_domains": "Flest blockerade dom\u00e4ner",
+    "top_clients": "Toppklienter",
+    "no_clients_found": "Inga hitatde klienter",
+    "general_statistics": "Allm\u00e4n statistik",
+    "number_of_dns_query_24_hours": "Ett antal DNS-f\u00f6rfr\u00e5gningar utf\u00f6rdes under de senaste 244 timamrna",
+    "number_of_dns_query_blocked_24_hours": "Ett antal DNS-f\u00f6rfr\u00e5gningar blockerades av annonsfilter och v\u00e4rdens bloceringsklistor",
+    "number_of_dns_query_blocked_24_hours_by_sec": "Ett antal DNS-f\u00f6rfr\u00e5gningar blockerades av AdGuards modul f\u00f6r surfs\u00e4kerhet",
+    "number_of_dns_query_blocked_24_hours_adult": "Ett anta vuxensajter blockerades",
+    "enforced_save_search": "Aktivering av S\u00e4ker surf",
+    "number_of_dns_query_to_safe_search": "Ett antal DNS-f\u00f6rfr\u00e5gningar genomf\u00f6rdes p\u00e5 s\u00f6kmotorer med S\u00e4ker surf aktiverat",
+    "average_processing_time": "Genomsnittlig processtid",
+    "average_processing_time_hint": "Genomsnittlig processtid i millisekunder f\u00f6r DNS-f\u00f6rfr\u00e5gning",
+    "block_domain_use_filters_and_hosts": "Blockera dom\u00e4ner med filter- och v\u00e4rdfiler",
+    "filters_block_toggle_hint": "Du kan st\u00e4lla in egna blockerings regler i <a href='#filters'>Filterinst\u00e4llningar<\/a>.",
+    "use_adguard_browsing_sec": "Amv\u00e4nd AdGuards webbservice f\u00f6r surfs\u00e4kerhet",
+    "use_adguard_browsing_sec_hint": "AdGuard Home kommer att kontrollera om en dom\u00e4n \u00e4r svartlistad i webbservicens surfs\u00e4kerhet. Med en integritetsv\u00e4nlig metod g\u00f6rs en API-lookup f\u00f6r att kontrollera : endast en kort prefix i dom\u00e4nnamnet SHA256 hash skickas till servern.",
+    "use_adguard_parental": "Anv\u00e4nda AdGuards webbservice f\u00f6r f\u00e4r\u00e4ldrakontroll",
+    "use_adguard_parental_hint": "AdGuard Home kommer att kontrollera dom\u00e4ner f\u00f6r inneh\u00e5ll av vuxenmaterial . Samma integritetsv\u00e4nliga metod f\u00f6r  API-lookup som till\u00e4mpas i webbservicens surfs\u00e4kerhet anv\u00e4nds.",
+    "enforce_safe_search": "Till\u00e4mpa S\u00e4ker surf",
+    "enforce_save_search_hint": "AdGuard Home kan framtvinga s\u00e4ker surf i f\u00f6ljande s\u00f6kmoterer: Google, Youtube, Bing, och Yandex.",
+    "no_servers_specified": "Inga servrar angivna",
+    "no_settings": "Inga inst\u00e4llningar",
+    "general_settings": "Allm\u00e4nna inst\u00e4llningar",
+    "upstream_dns": "Upstream DNS-servrar",
+    "upstream_dns_hint": "Om du l\u00e5ter f\u00e4ltet vara tomt kommer AdGuard Home att anv\u00e4nda <a href='https:\/\/1.1.1.1\/' target='_blank'>Cloudflare DNS<\/a> f\u00f6r upstream. Anv\u00e4nd tls:\/\/ prefix f\u00f6r DNS \u00f6ver TLS-servrar.",
+    "test_upstream_btn": "Testa uppstr\u00f6mmar",
+    "apply_btn": "Till\u00e4mpa",
+    "disabled_filtering_toast": "Filtrering bortkopplad",
+    "enabled_filtering_toast": "Filtrering inkopplad",
+    "disabled_safe_browsing_toast": "S\u00e4ker surfning bortkopplat",
+    "enabled_safe_browsing_toast": "S\u00e4ker surfning inkopplat",
+    "disabled_parental_toast": "F\u00f6r\u00e4ldrakontroll bortkopplat",
+    "enabled_parental_toast": "F\u00f6r\u00e4ldrakontroll inkopplat",
+    "disabled_safe_search_toast": "S\u00e4ker webbs\u00f6kning bortkopplat",
+    "enabled_save_search_toast": "S\u00e4ker webbs\u00f6kning inkopplat",
+    "enabled_table_header": "Inkopplat",
+    "name_table_header": "Namn",
+    "filter_url_table_header": "Filtrerar URL",
+    "rules_count_table_header": "Regelantal",
+    "last_time_updated_table_header": "Uppdaterades senast",
+    "actions_table_header": "\u00c5tg\u00e4rder",
+    "delete_table_action": "Ta bort",
+    "filters_and_hosts": "Filtrerings- och v\u00e4rdlistor f\u00f6r blockering",
+    "filters_and_hosts_hint": "AdGuard till\u00e4mpar grundl\u00e4ggande annonsblockeringsregler och v\u00e4rdfiltersyntaxer",
+    "no_filters_added": "Inga filter tillagda",
+    "add_filter_btn": "L\u00e4gg till filter",
+    "cancel_btn": "Avbryt",
+    "enter_name_hint": "Skriv in namn",
+    "enter_url_hint": "Skriv in URL",
+    "check_updates_btn": "S\u00f6k efter uppdateringar",
+    "new_filter_btn": "Nytt filterabonemang",
+    "enter_valid_filter_url": "Skriv in en giltigt URL till ett filterabonnemang eller v\u00e4rdfil.",
+    "custom_filter_rules": "Egna filterregler",
+    "custom_filter_rules_hint": "Skriv en regel per rad. Du kan anv\u00e4nda antingen annonsblockeringsregler eller v\u00e4rdfilssyntax.",
+    "examples_title": "Exempel",
+    "example_meaning_filter_block": "blockera \u00e5tkomst till dom\u00e4n example.org domain och alla dess subdom\u00e4ner",
+    "example_meaning_filter_whitelist": "avblockera \u00e5tkomst till dom\u00e4n example.org domain och alla dess subdom\u00e4ner",
+    "example_meaning_host_block": "AdGuard Home kommer nu att returnera adress 127.0.0.1 f\u00f6r dom\u00e4nexemplet example.org (dock utan dess subdom\u00e4ner).",
+    "example_comment": "! H\u00e4r kommer en kommentar",
+    "example_comment_meaning": "Endast en kommentar",
+    "example_comment_hash": "# Ocks\u00e5 en kommentar",
+    "example_upstream_regular": "vanlig DNS (\u00f6ver UDP)",
+    "example_upstream_dot": "krypterat <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>DNS-over-TLS<\/a>",
+    "example_upstream_doh": "krypterat <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS<\/a>",
+    "example_upstream_sdns": "Du kan anv\u00e4nda <a href='https:\/\/dnscrypt.info\/stamps\/' target='_blank'>DNS-stamps<\/a> f\u00f6r <a href='https:\/\/dnscrypt.info\/' target='_blank'>DNSCrypt<\/a> eller <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-\u00f6ver-HTTPS<\/a>\n-resolvers",
+    "example_upstream_tcp": "vanlig DNS (\u00f6ver UDP)",
+    "all_filters_up_to_date_toast": "Alla filter \u00e4r redan aktuella",
+    "updated_upstream_dns_toast": "Uppdaterade uppstr\u00f6ms-dns-servrar",
+    "dns_test_ok_toast": "Angivna DNS servrar fungerar korrekt",
+    "dns_test_not_ok_toast": "Server \"{{key}}\": kunde inte anv\u00e4ndas. Var sn\u00e4ll och kolla att du skrivit in r\u00e4tt",
+    "unblock_btn": "Avblockera",
+    "block_btn": "Blockera",
+    "time_table_header": "Tid",
+    "domain_name_table_header": "Dom\u00e4nnamn",
+    "type_table_header": "Typ",
+    "response_table_header": "Svar",
+    "client_table_header": "Klient",
+    "empty_response_status": "Tomt",
+    "show_all_filter_type": "Visa alla",
+    "show_filtered_type": "Visa filtrerade",
+    "no_logs_found": "Inga logga funna",
+    "disabled_log_btn": "Koppla bort logg",
+    "download_log_file_btn": "Ladda ner loggfil",
+    "refresh_btn": "L\u00e4s in igen",
+    "enabled_log_btn": "Koppla in logg",
+    "last_dns_queries": "De senaste 5000 DNS-anropen",
+    "previous_btn": "F\u00f6reg\u00e5ende",
+    "next_btn": "N\u00e4sta",
+    "loading_table_status": "L\u00e4ser in...",
+    "page_table_footer_text": "Sida",
+    "of_table_footer_text": "av",
+    "rows_table_footer_text": "rader",
+    "updated_custom_filtering_toast": "Uppdaterade de egna filterreglerna",
+    "rule_removed_from_custom_filtering_toast": "Regel borttagen fr\u00e5n de egna filterreglerna",
+    "rule_added_to_custom_filtering_toast": "Regel tillagd till de egna filterreglerna",
+    "query_log_disabled_toast": "F\u00f6rfr\u00e5gningsloggen bortkopplad",
+    "query_log_enabled_toast": "F\u00f6rfr\u00e5gningsloggen inkopplad",
+    "source_label": "K\u00e4lla",
+    "found_in_known_domain_db": "Hittad i dom\u00e4ndatabas.",
+    "category_label": "Kategori",
+    "rule_label": "Regel",
+    "filter_label": "Filter",
+    "unknown_filter": "Ok\u00e4nt filter {{filterId}}"
+}
--- a/client/src/__locales/vi.json
+++ b/client/src/__locales/vi.json
@@ -0,0 +1,129 @@
+{
+    "back": "Quay l\u1ea1i",
+    "dashboard": "T\u1ed5ng quan",
+    "settings": "C\u00e0i \u0111\u1eb7t",
+    "filters": "B\u1ed9 l\u1ecdc",
+    "query_log": "L\u1ecbch s\u1eed truy v\u1ea5n",
+    "faq": "H\u1ecfi \u0111\u00e1p",
+    "version": "phi\u00ean b\u1ea3n",
+    "address": "\u0111\u1ecba ch\u1ec9",
+    "on": "\u0110ang b\u1eadt",
+    "off": "\u0110ang t\u1eaft",
+    "copyright": "B\u1ea3n quy\u1ec1n",
+    "homepage": "Trang ch\u1ee7",
+    "report_an_issue": "B\u00e1o l\u1ed7i",
+    "enable_protection": "B\u1eadt b\u1ea3o v\u1ec7",
+    "enabled_protection": "\u0110\u00e3 b\u1eadt b\u1ea3o v\u1ec7",
+    "disable_protection": "T\u1eaft b\u1ea3o v\u1ec7",
+    "disabled_protection": "\u0110\u00e3 t\u1eaft b\u1ea3o v\u1ec7",
+    "refresh_statics": "L\u00e0m m\u1edbi th\u1ed1ng k\u00ea",
+    "dns_query": "Truy v\u1ea5n DNS",
+    "blocked_by": "Ch\u1eb7n b\u1edfi B\u1ed9 l\u1ecdc",
+    "stats_malware_phishing": "M\u00e3 \u0111\u1ed9c\/l\u1eeba \u0111\u1ea3o \u0111\u00e3 ch\u1eb7n",
+    "stats_adult": "Website ng\u01b0\u1eddi l\u1edbn \u0111\u00e3 ch\u1eb7n",
+    "stats_query_domain": "T\u00ean mi\u1ec1n truy v\u1ea5n nhi\u1ec1u",
+    "for_last_24_hours": "trong 24 gi\u1edd qua",
+    "no_domains_found": "Kh\u00f4ng c\u00f3 t\u00ean mi\u1ec1n n\u00e0o",
+    "requests_count": "S\u1ed1 l\u1ea7n y\u00eau c\u1ea7u",
+    "top_blocked_domains": "T\u00ean mi\u1ec1n ch\u1eb7n nhi\u1ec1u",
+    "top_clients": "Client d\u00f9ng nhi\u1ec1u",
+    "no_clients_found": "Kh\u00f4ng c\u00f3 client n\u00e0o",
+    "general_statistics": "Th\u1ed1ng k\u00ea chung",
+    "number_of_dns_query_24_hours": "S\u1ed1 y\u00eau c\u1ea7u DNS \u0111\u00e3 x\u1eed l\u00fd trong 24 gi\u1edd qua",
+    "number_of_dns_query_blocked_24_hours": "S\u1ed1 y\u00eau c\u1ea7u DNS b\u1ecb ch\u1eb7n b\u1edfi b\u1ed9 l\u1ecdc qu\u1ea3ng c\u00e1o v\u00e0 danh s\u00e1ch ch\u1eb7n host",
+    "number_of_dns_query_blocked_24_hours_by_sec": "S\u1ed1 y\u00eau c\u1ea7u DNS b\u1ecb ch\u1eb7n b\u1edfi ch\u1ebf \u0111\u1ed9 b\u1ea3o v\u1ec7 duy\u1ec7t web AdGuard",
+    "number_of_dns_query_blocked_24_hours_adult": "S\u1ed1 website ng\u01b0\u1eddi l\u1edbn \u0111\u00e3 ch\u1eb7n",
+    "enforced_save_search": "T\u00ecm ki\u1ebfm an to\u00e0n",
+    "number_of_dns_query_to_safe_search": "S\u1ed1 y\u00eau c\u1ea7u DNS t\u1edbi c\u00f4ng c\u1ee5 t\u00ecm ki\u1ebfm \u0111\u00e3 chuy\u1ec3n th\u00e0nh t\u00ecm ki\u1ebfm an to\u00e0n",
+    "average_processing_time": "Th\u1eddi gian x\u1eed l\u00fd trung b\u00ecnh",
+    "average_processing_time_hint": "Th\u1eddi gian trung b\u00ecnh cho m\u1ed9t y\u00eau c\u1ea7u DNS t\u00ednh b\u1eb1ng mili gi\u00e2y",
+    "block_domain_use_filters_and_hosts": "Ch\u1eb7n t\u00ean mi\u1ec1n s\u1eed d\u1ee5ng c\u00e1c b\u1ed9 l\u1ecdc v\u00e0 file hosts",
+    "filters_block_toggle_hint": "B\u1ea1n c\u00f3 th\u1ec3 thi\u1ebft l\u1eadp quy t\u1eafc ch\u1eb7n t\u1ea1i c\u00e0i \u0111\u1eb7t <a href='#filters'>B\u1ed9 l\u1ecdc<\/a>.",
+    "use_adguard_browsing_sec": "S\u1eed d\u1ee5ng d\u1ecbch v\u1ee5 b\u1ea3o v\u1ec7 duy\u1ec7t web AdGuard",
+    "use_adguard_browsing_sec_hint": "AdGuard Home s\u1ebd ki\u1ec3m tra t\u00ean mi\u1ec1n v\u1edbi d\u1ecbch v\u1ee5 b\u1ea3o v\u1ec7 duy\u1ec7t web. T\u00ednh n\u0103ng s\u1eed d\u1ee5ng m\u1ed9t API th\u00e2n thi\u1ec7n v\u1edbi quy\u1ec1n ri\u00eang t\u01b0: ch\u1ec9 m\u1ed9t ph\u1ea7n ng\u1eafn ti\u1ec1n t\u1ed1 m\u00e3 b\u0103m SHA256 \u0111\u01b0\u1ee3c g\u1eedi \u0111\u1ebfn m\u00e1y ch\u1ee7",
+    "use_adguard_parental": "S\u1eed d\u1ee5ng d\u1ecbch v\u1ee5 qu\u1ea3n l\u00fd c\u1ee7a ph\u1ee5 huynh AdGuard",
+    "use_adguard_parental_hint": "AdGuard Home s\u1ebd ki\u1ec3m tra n\u1ebfu t\u00ean mi\u1ec1n ch\u1ee9a t\u1eeb kho\u00e1 ng\u01b0\u1eddi l\u1edbn. T\u00ednh n\u0103ng s\u1eed d\u1ee5ng API th\u00e2n thi\u1ec7n v\u1edbi quy\u1ec1n ri\u00eang t\u01b0 t\u01b0\u01a1ng t\u1ef1 v\u1edbi d\u1ecbch v\u1ee5 b\u1ea3o v\u1ec7 duy\u1ec7t web",
+    "enforce_safe_search": "B\u1eaft bu\u1ed9c t\u00ecm ki\u1ebfm an to\u00e0n",
+    "enforce_save_search_hint": "AdGuard Home c\u00f3 th\u1ec3 b\u1eaft bu\u1ed9c t\u00ecm ki\u1ebfm an to\u00e0n v\u1edbi c\u00e1c d\u1ecbch v\u1ee5 t\u00ecm ki\u1ebfm: Google, Youtube, Bing, Yandex.",
+    "no_servers_specified": "Kh\u00f4ng c\u00f3 m\u00e1y ch\u1ee7 n\u00e0o \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea",
+    "no_settings": "Kh\u00f4ng c\u00f3 c\u00e0i \u0111\u1eb7t n\u00e0o",
+    "general_settings": "C\u00e0i \u0111\u1eb7t chung",
+    "upstream_dns": "M\u00e1y ch\u1ee7 DNS t\u00ecm ki\u1ebfm",
+    "upstream_dns_hint": "N\u1ebfu b\u1ea1n \u0111\u1ec3 tr\u1ed1ng m\u1ee5c n\u00e0y, AdGuard Home s\u1ebd s\u1eed d\u1ee5ng <a href='https:\/\/1.1.1.1\/' target='_blank'>Cloudflare DNS<\/a> \u0111\u1ec3 t\u00ecm ki\u1ebfm. S\u1eed d\u1ee5ng ti\u1ec1n t\u1ed1 tls:\/\/ cho c\u00e1c m\u00e1y ch\u1ee7 DNS d\u1ef1a tr\u00ean TLS.",
+    "test_upstream_btn": "Ki\u1ec3m tra",
+    "apply_btn": "\u00c1p d\u1ee5ng",
+    "disabled_filtering_toast": "\u0110\u00e3 t\u1eaft ch\u1eb7n qu\u1ea3ng c\u00e1o",
+    "enabled_filtering_toast": "\u0110\u00e3 b\u1eadt ch\u1eb7n qu\u1ea3ng c\u00e1o",
+    "disabled_safe_browsing_toast": "\u0110\u00e3 t\u1eaft b\u1ea3o v\u1ec7 duy\u1ec7t web",
+    "enabled_safe_browsing_toast": "\u0110\u00e3 b\u1eadt b\u1ea3o v\u1ec7 duy\u1ec7t web",
+    "disabled_parental_toast": "\u0110\u00e3 t\u1eaft qu\u1ea3n l\u00fd c\u1ee7a ph\u1ee5 huynh",
+    "enabled_parental_toast": "\u0110\u00e3 b\u1eadt qu\u1ea3n l\u00fd c\u1ee7a ph\u1ee5 huynh",
+    "disabled_safe_search_toast": "\u0110\u00e3 t\u1eaft t\u00ecm ki\u1ebfm an to\u00e0n",
+    "enabled_save_search_toast": "\u0110\u00e3 b\u1eadt t\u00ecm ki\u1ebfm an to\u00e0n",
+    "enabled_table_header": "K\u00edch ho\u1ea1t",
+    "name_table_header": "T\u00ean",
+    "filter_url_table_header": "URL b\u1ed9 l\u1ecdc",
+    "rules_count_table_header": "S\u1ed1 quy t\u1eafc",
+    "last_time_updated_table_header": "C\u1eadp nh\u1eadt cu\u1ed1i",
+    "actions_table_header": "Thao t\u00e1c",
+    "delete_table_action": "Xo\u00e1",
+    "filters_and_hosts": "Danh s\u00e1ch b\u1ed9 l\u1ecdc v\u00e0 hosts",
+    "filters_and_hosts_hint": "AdGuard home hi\u1ec3u c\u00e1c quy t\u1eafc ch\u1eb7n qu\u1ea3ng c\u00e1o \u0111\u01a1n gi\u1ea3n v\u00e0 c\u00fa ph\u00e1p file hosts",
+    "no_filters_added": "Kh\u00f4ng c\u00f3 b\u1ed9 l\u1ecdc n\u00e0o \u0111\u01b0\u1ee3c th\u00eam",
+    "add_filter_btn": "Th\u00eam b\u1ed9 l\u1ecdc",
+    "cancel_btn": "Hu\u1ef7",
+    "enter_name_hint": "Nh\u1eadp t\u00ean",
+    "enter_url_hint": "Nh\u1eadp URL",
+    "check_updates_btn": "Ki\u1ec3m tra c\u1eadp nh\u1eadt",
+    "new_filter_btn": "\u0110\u0103ng k\u00fd b\u1ed9 l\u1ecdc m\u1edbi",
+    "enter_valid_filter_url": "Nh\u1eadp URL h\u1ee3p l\u1ec7 c\u1ee7a b\u1ed9 l\u1ecdc ho\u1eb7c file hosts",
+    "custom_filter_rules": "Quy t\u1eafc l\u1ecdc tu\u1ef3 ch\u1ec9nh",
+    "custom_filter_rules_hint": "Nh\u1eadp m\u1ed7i quy t\u1eafc 1 d\u00f2ng. C\u00f3 th\u1ec3 s\u1eed d\u1ee5ng quy t\u1eafc ch\u1eb7n qu\u1ea3ng c\u00e1o ho\u1eb7c c\u00fa ph\u00e1p file host",
+    "examples_title": "V\u00ed d\u1ee5",
+    "example_meaning_filter_block": "Ch\u1eb7n truy c\u1eadp t\u1edbi t\u00ean mi\u1ec1n example.org v\u00e0 t\u1ea5t c\u1ea3 t\u00ean mi\u1ec1n con",
+    "example_meaning_filter_whitelist": "Kh\u00f4ng ch\u1eb7n truy c\u1eadp t\u1edbi t\u00ean mi\u1ec1n example.org v\u00e0 t\u1ea5t c\u1ea3 t\u00ean mi\u1ec1n con",
+    "example_meaning_host_block": "AdGuard Home s\u1ebd ph\u1ea3n h\u1ed3i \u0111\u1ecba ch\u1ec9 IP 127.0.0.1 cho t\u00ean mi\u1ec1n example.org (kh\u00f4ng \u00e1p d\u1ee5ng t\u00ean mi\u1ec1n con)",
+    "example_comment": "! \u0110\u00e2y l\u00e0 m\u1ed9t ch\u00fa th\u00edch",
+    "example_comment_meaning": "Ch\u1ec9 l\u00e0 m\u1ed9t ch\u00fa th\u00edch",
+    "example_comment_hash": "# C\u0169ng l\u00e0 m\u1ed9t ch\u00fa th\u00edch",
+    "example_upstream_regular": "DNS th\u00f4ng th\u01b0\u1eddng (d\u00f9ng UDP)",
+    "example_upstream_dot": "\u0111\u01b0\u1ee3c m\u00e3 ho\u00e1 <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>DNS-d\u1ef1a te-TLS<\/a>",
+    "example_upstream_doh": "\u0111\u01b0\u1ee3c m\u00e3 ho\u00e1 <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS<\/a>",
+    "example_upstream_tcp": "DNS th\u00f4ng th\u01b0\u1eddng(d\u00f9ng TCP)",
+    "all_filters_up_to_date_toast": "T\u1ea5t c\u1ea3 b\u1ed9 l\u1ecdc \u0111\u00e3 \u0111\u01b0\u1ee3c c\u1eadp nh\u1eadt",
+    "updated_upstream_dns_toast": "\u0110\u00e3 c\u1eadp nh\u1eadt m\u00e1y ch\u1ee7 DNS t\u00ecm ki\u1ebfm",
+    "dns_test_ok_toast": "M\u00e1y ch\u1ee7 DNS c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng",
+    "dns_test_not_ok_toast": "M\u00e1y ch\u1ee7 '{{key}}': kh\u00f4ng th\u1ec3 s\u1eed d\u1ee5ng, vui l\u00f2ng ki\u1ec3m tra b\u1ea1n \u0111\u00e3 \u0111i\u1ec1n ch\u00ednh x\u00e1c",
+    "unblock_btn": "B\u1ecf ch\u1eb7n",
+    "block_btn": "Ch\u1eb7n",
+    "time_table_header": "Th\u1eddi gian",
+    "domain_name_table_header": "T\u00ean mi\u1ec1n",
+    "type_table_header": "Lo\u1ea1i",
+    "response_table_header": "Ph\u1ea3n h\u1ed3i",
+    "client_table_header": "Ng\u01b0\u1eddi d\u00f9ng cu\u1ed1i",
+    "empty_response_status": "R\u1ed7ng",
+    "show_all_filter_type": "Hi\u1ec7n t\u1ea5t c\u1ea3",
+    "show_filtered_type": "Ch\u1ec9 hi\u1ec7n \u0111\u00e3 ch\u1eb7n",
+    "no_logs_found": "Kh\u00f4ng c\u00f3 l\u1ecbch s\u1eed truy v\u1ea5n",
+    "disabled_log_btn": "T\u1eaft l\u1ecbch s\u1eed truy v\u1ea5n",
+    "download_log_file_btn": "T\u1ea3i t\u1eadp tin l\u1ecbch s\u1eed truy v\u1ea5n",
+    "refresh_btn": "L\u00e0m m\u1edbi",
+    "enabled_log_btn": "B\u1eadt l\u1ecbch s\u1eed truy v\u1ea5n",
+    "last_dns_queries": "5000 truy v\u1ea5n DNS g\u1ea7n nh\u1ea5t",
+    "previous_btn": "Trang tr\u01b0\u1edbc",
+    "next_btn": "Trang sau",
+    "loading_table_status": "\u0110ang t\u1ea3i...",
+    "page_table_footer_text": "Trang",
+    "of_table_footer_text": "c\u1ee7a",
+    "rows_table_footer_text": "h\u00e0ng",
+    "updated_custom_filtering_toast": "\u0110\u00e3 c\u1eadp nh\u1eadt quy t\u1eafc l\u1ecdc tu\u1ef3 ch\u1ec9nh",
+    "rule_removed_from_custom_filtering_toast": "Quy t\u1eafc \u0111\u00e3 \u0111\u01b0\u1ee3c xo\u00e1 kh\u1ecfi quy t\u1eafc l\u1ecdc tu\u1ef3 ch\u1ec9nh",
+    "rule_added_to_custom_filtering_toast": "Quy t\u1eafc \u0111\u00e3 \u0111\u01b0\u1ee3c th\u00eam v\u00e0o quy t\u1eafc l\u1ecdc tu\u1ef3 ch\u1ec9nh",
+    "query_log_disabled_toast": "\u0110\u00e3 t\u1eaft l\u1ecbch s\u1eed truy v\u1ea5n",
+    "query_log_enabled_toast": "\u0110\u00e3 b\u1eadt l\u1ecbch s\u1eed truy v\u1ea5n",
+    "source_label": "Ngu\u1ed3n",
+    "found_in_known_domain_db": "T\u00ecm th\u1ea5y trong c\u01a1 s\u1edf d\u1eef li\u1ec7u t\u00ean mi\u1ec1n",
+    "category_label": "Th\u1ec3 lo\u1ea1i",
+    "rule_label": "Quy t\u1eafc",
+    "filter_label": "B\u1ed9 l\u1ecdc"
+}
--- a/client/src/__locales/zh-tw.json
+++ b/client/src/__locales/zh-tw.json
@@ -0,0 +1,157 @@
+{
+    "check_dhcp_servers": "\u6aa2\u67e5\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668",
+    "save_config": "\u5132\u5b58\u914d\u7f6e",
+    "enabled_dhcp": "\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668\u5df2\u88ab\u555f\u7528",
+    "disabled_dhcp": "\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668\u5df2\u88ab\u7981\u7528",
+    "dhcp_title": "\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668",
+    "dhcp_description": "\u5982\u679c\u60a8\u7684\u8def\u7531\u5668\u672a\u63d0\u4f9b\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u8a2d\u5b9a\uff0c\u60a8\u53ef\u4f7f\u7528AdGuard\u81ea\u8eab\u5167\u5efa\u7684DHCP\u4f3a\u670d\u5668\u3002",
+    "dhcp_enable": "\u555f\u7528\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668",
+    "dhcp_disable": "\u7981\u7528\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668",
+    "dhcp_not_found": "\u65bc\u7db2\u8def\u4e0a\u7121\u5df2\u767c\u73fe\u4e4b\u6709\u6548\u7684\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668\u3002\u555f\u7528\u5167\u5efa\u7684DHCP\u4f3a\u670d\u5668\u70ba\u5b89\u5168\u7684\u3002",
+    "dhcp_found": "\u65bc\u7db2\u8def\u4e0a\u5df2\u767c\u73fe\u4e4b\u6709\u6548\u7684\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668\u3002\u555f\u7528\u5167\u5efa\u7684DHCP\u4f3a\u670d\u5668\u70ba\u4e0d\u5b89\u5168\u7684\u3002",
+    "dhcp_leases": "\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u79df\u8cc3",
+    "dhcp_leases_not_found": "\u7121\u5df2\u767c\u73fe\u4e4b\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u79df\u8cc3",
+    "dhcp_config_saved": "\u5df2\u5132\u5b58\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4f3a\u670d\u5668\u914d\u7f6e",
+    "form_error_required": "\u5fc5\u586b\u7684\u6b04\u4f4d",
+    "form_error_ip_format": "\u7121\u6548\u7684IPv4\u683c\u5f0f",
+    "form_error_positive": "\u5fc5\u9808\u5927\u65bc0",
+    "dhcp_form_gateway_input": "\u9598\u9053 IP",
+    "dhcp_form_subnet_input": "\u5b50\u7db2\u8def\u906e\u7f69",
+    "dhcp_form_range_title": "IP\u4f4d\u5740\u7bc4\u570d",
+    "dhcp_form_range_start": "\u7bc4\u570d\u958b\u59cb",
+    "dhcp_form_range_end": "\u7bc4\u570d\u7d50\u675f",
+    "dhcp_form_lease_title": "\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u79df\u8cc3\u6642\u9593\uff08\u4ee5\u79d2\u6578\uff09",
+    "dhcp_form_lease_input": "\u79df\u8cc3\u6301\u7e8c\u6642\u9593",
+    "dhcp_interface_select": "\u9078\u64c7\u52d5\u614b\u4e3b\u6a5f\u8a2d\u5b9a\u5354\u5b9a\uff08DHCP\uff09\u4ecb\u9762",
+    "dhcp_hardware_address": "\u786c\u9ad4\u4f4d\u5740",
+    "dhcp_ip_addresses": "IP \u4f4d\u5740",
+    "back": "\u8fd4\u56de",
+    "dashboard": "\u5100\u8868\u677f",
+    "settings": "\u8a2d\u5b9a",
+    "filters": "\u904e\u6ffe\u5668",
+    "query_log": "\u67e5\u8a62\u8a18\u9304",
+    "faq": "\u5e38\u898b\u554f\u7b54\u96c6",
+    "version": "\u7248\u672c",
+    "address": "\u4f4d\u5740",
+    "on": "\u958b\u555f",
+    "off": "\u95dc\u9589",
+    "copyright": "\u7248\u6b0a",
+    "homepage": "\u9996\u9801",
+    "report_an_issue": "\u5831\u544a\u554f\u984c",
+    "enable_protection": "\u555f\u7528\u9632\u8b77",
+    "enabled_protection": "\u5df2\u555f\u7528\u9632\u8b77",
+    "disable_protection": "\u7981\u7528\u9632\u8b77",
+    "disabled_protection": "\u5df2\u7981\u7528\u9632\u8b77",
+    "refresh_statics": "\u91cd\u65b0\u6574\u7406\u7d71\u8a08\u8cc7\u6599",
+    "dns_query": "DNS \u67e5\u8a62",
+    "blocked_by": "\u5df2\u88ab\u904e\u6ffe\u5668\u5c01\u9396",
+    "stats_malware_phishing": "\u5df2\u5c01\u9396\u7684\u60e1\u610f\u8edf\u9ad4\/\u7db2\u8def\u91e3\u9b5a",
+    "stats_adult": "\u5df2\u5c01\u9396\u7684\u6210\u4eba\u7db2\u7ad9",
+    "stats_query_domain": "\u71b1\u9580\u5df2\u67e5\u8a62\u7684\u7db2\u57df",
+    "for_last_24_hours": "\u5728\u6700\u8fd1\u768424\u5c0f\u6642\u5167",
+    "no_domains_found": "\u7121\u5df2\u767c\u73fe\u4e4b\u7db2\u57df",
+    "requests_count": "\u8acb\u6c42\u7e3d\u6578",
+    "top_blocked_domains": "\u71b1\u9580\u5df2\u5c01\u9396\u7684\u7db2\u57df",
+    "top_clients": "\u71b1\u9580\u7528\u6236\u7aef",
+    "no_clients_found": "\u7121\u5df2\u767c\u73fe\u4e4b\u7528\u6236\u7aef",
+    "general_statistics": "\u4e00\u822c\u7684\u7d71\u8a08\u8cc7\u6599",
+    "number_of_dns_query_24_hours": "\u5728\u6700\u8fd1\u768424 \u5c0f\u6642\u5167\u5df2\u8655\u7406\u7684DNS\u67e5\u8a62\u4e4b\u6578\u91cf",
+    "number_of_dns_query_blocked_24_hours": "\u5df2\u88ab\u5ee3\u544a\u5c01\u9396\u904e\u6ffe\u5668\u548c\u4e3b\u6a5f\u5c01\u9396\u6e05\u55ae\u5c01\u9396\u7684DNS\u8acb\u6c42\u4e4b\u6578\u91cf",
+    "number_of_dns_query_blocked_24_hours_by_sec": "\u5df2\u88abAdGuard\u700f\u89bd\u5b89\u5168\u6a21\u7d44\u5c01\u9396\u7684DNS\u8acb\u6c42\u4e4b\u6578\u91cf",
+    "number_of_dns_query_blocked_24_hours_adult": "\u5df2\u5c01\u9396\u7684\u6210\u4eba\u7db2\u7ad9\u4e4b\u6578\u91cf",
+    "enforced_save_search": "\u5df2\u5f37\u5236\u57f7\u884c\u7684\u5b89\u5168\u641c\u5c0b",
+    "number_of_dns_query_to_safe_search": "\u5c0d\u65bc\u90a3\u4e9b\u5b89\u5168\u641c\u5c0b\u5df2\u88ab\u5f37\u5236\u57f7\u884c\u4e4b\u5c6c\u65bc\u641c\u5c0b\u5f15\u64ce\u7684DNS\u8acb\u6c42\u4e4b\u6578\u91cf",
+    "average_processing_time": "\u5e73\u5747\u7684\u8655\u7406\u6642\u9593",
+    "average_processing_time_hint": "\u65bc\u8655\u7406\u4e00\u9805DNS\u8acb\u6c42\u4e0a\u4ee5\u6beb\u79d2\uff08ms\uff09\u8a08\u4e4b\u5e73\u5747\u7684\u6642\u9593",
+    "block_domain_use_filters_and_hosts": "\u900f\u904e\u904e\u6ffe\u5668\u548c\u4e3b\u6a5f\u6a94\u6848\u5c01\u9396\u7db2\u57df",
+    "filters_block_toggle_hint": "\u60a8\u53ef\u5728<a href='#filters'>\u904e\u6ffe\u5668<\/a>\u8a2d\u5b9a\u4e2d\u8a2d\u7f6e\u5c01\u9396\u898f\u5247\u3002",
+    "use_adguard_browsing_sec": "\u4f7f\u7528AdGuard\u700f\u89bd\u5b89\u5168\u7db2\u8def\u670d\u52d9",
+    "use_adguard_browsing_sec_hint": "AdGuard Home\u5c07\u6aa2\u67e5\u7db2\u57df\u662f\u5426\u88ab\u700f\u89bd\u5b89\u5168\u7db2\u8def\u670d\u52d9\u5217\u5165\u9ed1\u540d\u55ae\u3002\u5b83\u5c07\u4f7f\u7528\u53cb\u597d\u7684\u96b1\u79c1\u67e5\u627e\u61c9\u7528\u7a0b\u5f0f\u4ecb\u9762\uff08API\uff09\u4ee5\u57f7\u884c\u6aa2\u67e5\uff1a\u50c5\u57df\u540dSHA256\u96dc\u6e4a\u7684\u77ed\u524d\u7db4\u88ab\u50b3\u9001\u5230\u4f3a\u670d\u5668\u3002",
+    "use_adguard_parental": "\u4f7f\u7528AdGuard\u5bb6\u9577\u76e3\u63a7\u4e4b\u7db2\u8def\u670d\u52d9",
+    "use_adguard_parental_hint": "AdGuard Home\u5c07\u6aa2\u67e5\u7db2\u57df\u662f\u5426\u5305\u542b\u6210\u4eba\u8cc7\u6599\u3002\u5b83\u4f7f\u7528\u5982\u540c\u700f\u89bd\u5b89\u5168\u7db2\u8def\u670d\u52d9\u4e00\u6a23\u4e4b\u53cb\u597d\u7684\u96b1\u79c1\u61c9\u7528\u7a0b\u5f0f\u4ecb\u9762\uff08API\uff09\u3002",
+    "enforce_safe_search": "\u5f37\u5236\u57f7\u884c\u5b89\u5168\u641c\u5c0b",
+    "enforce_save_search_hint": "AdGuard Home\u53ef\u5728\u4ee5\u4e0b\u7684\u641c\u5c0b\u5f15\u64ce\uff1aGoogle\u3001YouTube\u3001Bing\u548cYandex\u4e2d\u5f37\u5236\u57f7\u884c\u5b89\u5168\u641c\u5c0b\u3002",
+    "no_servers_specified": "\u7121\u5df2\u660e\u78ba\u6307\u5b9a\u7684\u4f3a\u670d\u5668",
+    "no_settings": "\u7121\u8a2d\u5b9a",
+    "general_settings": "\u4e00\u822c\u7684\u8a2d\u5b9a",
+    "upstream_dns": "\u4e0a\u6e38\u7684DNS\u4f3a\u670d\u5668",
+    "upstream_dns_hint": "\u5982\u679c\u60a8\u4fdd\u7559\u8a72\u6b04\u4f4d\u7a7a\u767d\u7684\uff0cAdGuard Home\u5c07\u4f7f\u7528<a href='https:\/\/1.1.1.1\/' target='_blank'>Cloudflare DNS<\/a>\u4f5c\u70ba\u4e0a\u6e38\u3002\u5c0d\u65bcDNS over TLS\u4f3a\u670d\u5668\u4f7f\u7528 tls:\/\/ \u524d\u7db4\u3002",
+    "test_upstream_btn": "\u6e2c\u8a66\u4e0a\u884c\u8cc7\u6599\u6d41",
+    "apply_btn": "\u5957\u7528",
+    "disabled_filtering_toast": "\u5df2\u7981\u7528\u904e\u6ffe",
+    "enabled_filtering_toast": "\u5df2\u555f\u7528\u904e\u6ffe",
+    "disabled_safe_browsing_toast": "\u5df2\u7981\u7528\u5b89\u5168\u700f\u89bd",
+    "enabled_safe_browsing_toast": "\u5df2\u555f\u7528\u5b89\u5168\u700f\u89bd",
+    "disabled_parental_toast": "\u5df2\u7981\u7528\u5bb6\u9577\u76e3\u63a7",
+    "enabled_parental_toast": "\u5df2\u555f\u7528\u5bb6\u9577\u76e3\u63a7",
+    "disabled_safe_search_toast": "\u5df2\u7981\u7528\u5b89\u5168\u641c\u5c0b",
+    "enabled_save_search_toast": "\u5df2\u555f\u7528\u5b89\u5168\u641c\u5c0b",
+    "enabled_table_header": "\u5df2\u555f\u7528\u7684",
+    "name_table_header": "\u540d\u7a31",
+    "filter_url_table_header": "\u904e\u6ffe\u5668\u7db2\u5740",
+    "rules_count_table_header": "\u898f\u5247\u7e3d\u6578",
+    "last_time_updated_table_header": "\u6700\u8fd1\u7684\u66f4\u65b0\u6642\u9593",
+    "actions_table_header": "\u884c\u52d5",
+    "delete_table_action": "\u522a\u9664",
+    "filters_and_hosts": "\u904e\u6ffe\u5668\u548c\u4e3b\u6a5f\u5c01\u9396\u6e05\u55ae",
+    "filters_and_hosts_hint": "AdGuard Home\u61c2\u5f97\u57fa\u672c\u7684\u5ee3\u544a\u5c01\u9396\u898f\u5247\u548c\u4e3b\u6a5f\u6a94\u6848\u8a9e\u6cd5\u3002",
+    "no_filters_added": "\u7121\u5df2\u52a0\u5165\u7684\u904e\u6ffe\u5668",
+    "add_filter_btn": "\u589e\u52a0\u904e\u6ffe\u5668",
+    "cancel_btn": "\u53d6\u6d88",
+    "enter_name_hint": "\u8f38\u5165\u540d\u7a31",
+    "enter_url_hint": "\u8f38\u5165\u7db2\u5740",
+    "check_updates_btn": "\u6aa2\u67e5\u66f4\u65b0",
+    "new_filter_btn": "\u65b0\u7684\u904e\u6ffe\u5668\u8a02\u95b1",
+    "enter_valid_filter_url": "\u8f38\u5165\u95dc\u65bc\u904e\u6ffe\u5668\u8a02\u95b1\u6216\u4e3b\u6a5f\u6a94\u6848\u4e4b\u6709\u6548\u7684\u7db2\u5740\u3002",
+    "custom_filter_rules": "\u81ea\u8a02\u7684\u904e\u6ffe\u898f\u5247",
+    "custom_filter_rules_hint": "\u65bc\u4e00\u884c\u4e0a\u8f38\u5165\u4e00\u500b\u898f\u5247\u3002\u60a8\u53ef\u4f7f\u7528\u5ee3\u544a\u5c01\u9396\u898f\u5247\u6216\u4e3b\u6a5f\u6a94\u6848\u8a9e\u6cd5\u3002",
+    "examples_title": "\u7bc4\u4f8b",
+    "example_meaning_filter_block": "\u5c01\u9396\u81f3example.org\u7db2\u57df\u53ca\u5176\u6240\u6709\u7684\u5b50\u7db2\u57df\u4e4b\u5b58\u53d6",
+    "example_meaning_filter_whitelist": "\u89e3\u9664\u5c01\u9396\u81f3example.org\u7db2\u57df\u53ca\u5176\u6240\u6709\u7684\u5b50\u7db2\u57df\u4e4b\u5b58\u53d6",
+    "example_meaning_host_block": "AdGuard Home\u73fe\u5728\u5c07\u5c0dexample.org\u7db2\u57df\u8fd4\u56de127.0.0.1\u4f4d\u5740\uff08\u4f46\u975e\u5176\u5b50\u7db2\u57df\uff09\u3002",
+    "example_comment": "! \u770b\uff0c\u4e00\u500b\u8a3b\u89e3",
+    "example_comment_meaning": "\u53ea\u662f\u4e00\u500b\u8a3b\u89e3",
+    "example_comment_hash": "# \u4e5f\u662f\u4e00\u500b\u8a3b\u89e3",
+    "example_upstream_regular": "\u4e00\u822c\u7684 DNS\uff08\u900f\u904eUDP\uff09",
+    "example_upstream_dot": "\u52a0\u5bc6\u7684 <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_TLS' target='_blank'>DNS-over-TLS<\/a>",
+    "example_upstream_doh": "\u52a0\u5bc6\u7684 <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS <\/a>",
+    "example_upstream_sdns": "\u60a8\u53ef\u4f7f\u7528\u5c0d\u65bc <a href='https:\/\/dnscrypt.info\/' target='_blank'>DNSCrypt<\/a> \u6216 <a href='https:\/\/en.wikipedia.org\/wiki\/DNS_over_HTTPS' target='_blank'>DNS-over-HTTPS<\/a> \u89e3\u6790\u5668\u4e4b <a href='https:\/\/dnscrypt.info\/stamps\/' target='_blank'>DNS \u6233\u8a18<\/a>",
+    "example_upstream_tcp": "\u4e00\u822c\u7684 DNS\uff08\u900f\u904eTCP\uff09",
+    "all_filters_up_to_date_toast": "\u6240\u6709\u7684\u904e\u6ffe\u5668\u5df2\u662f\u6700\u65b0\u7684",
+    "updated_upstream_dns_toast": "\u5df2\u66f4\u65b0\u4e0a\u6e38\u7684DNS\u4f3a\u670d\u5668",
+    "dns_test_ok_toast": "\u660e\u78ba\u6307\u5b9a\u7684DNS\u4f3a\u670d\u5668\u6b63\u78ba\u5730\u904b\u4f5c\u4e2d",
+    "dns_test_not_ok_toast": "\u4f3a\u670d\u5668 \"{{key}}\"\uff1a\u7121\u6cd5\u88ab\u4f7f\u7528\uff0c\u8acb\u6aa2\u67e5\u60a8\u5df2\u6b63\u78ba\u5730\u586b\u5beb\u5b83",
+    "unblock_btn": "\u89e3\u9664\u5c01\u9396",
+    "block_btn": "\u5c01\u9396",
+    "time_table_header": "\u6642\u9593",
+    "domain_name_table_header": "\u57df\u540d",
+    "type_table_header": "\u985e\u578b",
+    "response_table_header": "\u53cd\u61c9",
+    "client_table_header": "\u7528\u6236\u7aef",
+    "empty_response_status": "\u7a7a\u767d\u7684",
+    "show_all_filter_type": "\u986f\u793a\u6240\u6709",
+    "show_filtered_type": "\u986f\u793a\u5df2\u904e\u6ffe\u7684",
+    "no_logs_found": "\u7121\u5df2\u767c\u73fe\u4e4b\u8a18\u9304",
+    "disabled_log_btn": "\u7981\u7528\u8a18\u9304",
+    "download_log_file_btn": "\u4e0b\u8f09\u8a18\u9304\u6a94\u6848",
+    "refresh_btn": "\u91cd\u65b0\u6574\u7406",
+    "enabled_log_btn": "\u555f\u7528\u8a18\u9304",
+    "last_dns_queries": "\u6700\u8fd1\u76845000\u7b46DNS\u67e5\u8a62",
+    "previous_btn": "\u4e0a\u4e00\u9801",
+    "next_btn": "\u4e0b\u4e00\u9801",
+    "loading_table_status": "\u6b63\u5728\u8f09\u5165...",
+    "page_table_footer_text": "\u9801\u9762",
+    "of_table_footer_text": "\u4e4b",
+    "rows_table_footer_text": "\u5217",
+    "updated_custom_filtering_toast": "\u5df2\u66f4\u65b0\u81ea\u8a02\u7684\u904e\u6ffe\u898f\u5247",
+    "rule_removed_from_custom_filtering_toast": "\u898f\u5247\u5df2\u5f9e\u81ea\u8a02\u7684\u904e\u6ffe\u898f\u5247\u4e2d\u88ab\u79fb\u9664",
+    "rule_added_to_custom_filtering_toast": "\u898f\u5247\u5df2\u5f9e\u81ea\u8a02\u7684\u904e\u6ffe\u898f\u5247\u4e2d\u88ab\u52a0\u5165",
+    "query_log_disabled_toast": "\u67e5\u8a62\u8a18\u9304\u5df2\u88ab\u7981\u7528",
+    "query_log_enabled_toast": "\u67e5\u8a62\u8a18\u9304\u5df2\u88ab\u555f\u7528",
+    "source_label": "\u4f86\u6e90",
+    "found_in_known_domain_db": "\u5728\u5df2\u77e5\u7684\u57df\u540d\u8cc7\u6599\u5eab\u4e2d\u88ab\u767c\u73fe\u3002",
+    "category_label": "\u985e\u5225",
+    "rule_label": "\u898f\u5247",
+    "filter_label": "\u904e\u6ffe\u5668",
+    "unknown_filter": "\u672a\u77e5\u7684\u904e\u6ffe\u5668 {{filterId}}"
+}
--- a/client/src/actions/index.js
+++ b/client/src/actions/index.js
@@ -1,5 +1,6 @@
 import { createAction } from 'redux-actions';
 import round from 'lodash/round';
+import { t } from 'i18next';
 import { showLoading, hideLoading } from 'react-redux-loading-bar';

 import { normalizeHistory, normalizeFilteringStatus, normalizeLogs } from '../helpers/helpers';
@@ -21,40 +22,40 @@ export const toggleSetting = (settingKey, status) => async (dispatch) => {
        switch (settingKey) {
            case 'filtering':
                if (status) {
-                    successMessage = 'Disabled filtering';
+                    successMessage = 'disabled_filtering_toast';
                    await apiClient.disableFiltering();
                } else {
-                    successMessage = 'Enabled filtering';
+                    successMessage = 'enabled_filtering_toast';
                    await apiClient.enableFiltering();
                }
                dispatch(toggleSettingStatus({ settingKey }));
                break;
            case 'safebrowsing':
                if (status) {
-                    successMessage = 'Disabled safebrowsing';
+                    successMessage = 'disabled_safe_browsing_toast';
                    await apiClient.disableSafebrowsing();
                } else {
-                    successMessage = 'Enabled safebrowsing';
+                    successMessage = 'enabled_safe_browsing_toast';
                    await apiClient.enableSafebrowsing();
                }
                dispatch(toggleSettingStatus({ settingKey }));
                break;
            case 'parental':
                if (status) {
-                    successMessage = 'Disabled parental control';
+                    successMessage = 'disabled_parental_toast';
                    await apiClient.disableParentalControl();
                } else {
-                    successMessage = 'Enabled parental control';
+                    successMessage = 'enabled_parental_toast';
                    await apiClient.enableParentalControl();
                }
                dispatch(toggleSettingStatus({ settingKey }));
                break;
            case 'safesearch':
                if (status) {
-                    successMessage = 'Disabled safe search';
+                    successMessage = 'disabled_safe_search_toast';
                    await apiClient.disableSafesearch();
                } else {
-                    successMessage = 'Enabled safe search';
+                    successMessage = 'enabled_save_search_toast';
                    await apiClient.enableSafesearch();
                }
                dispatch(toggleSettingStatus({ settingKey }));
@@ -123,10 +124,10 @@ export const toggleProtection = status => async (dispatch) => {

    try {
        if (status) {
-            successMessage = 'Disabled protection';
+            successMessage = 'disabled_protection';
            await apiClient.disableGlobalProtection();
        } else {
-            successMessage = 'Enabled protection';
+            successMessage = 'enabled_protection';
            await apiClient.enableGlobalProtection();
        }

@@ -271,14 +272,14 @@ export const toggleLogStatus = queryLogEnabled => async (dispatch) => {
    let successMessage;
    if (queryLogEnabled) {
        toggleMethod = apiClient.disableQueryLog.bind(apiClient);
-        successMessage = 'disabled';
+        successMessage = 'query_log_disabled_toast';
    } else {
        toggleMethod = apiClient.enableQueryLog.bind(apiClient);
-        successMessage = 'enabled';
+        successMessage = 'query_log_enabled_toast';
    }
    try {
        await toggleMethod();
-        dispatch(addSuccessToast(`Query log ${successMessage}`));
+        dispatch(addSuccessToast(successMessage));
        dispatch(toggleLogStatusSuccess());
    } catch (error) {
        dispatch(addErrorToast({ error }));
@@ -297,7 +298,7 @@ export const setRules = rules => async (dispatch) => {
            .replace(/^\n/g, '')
            .replace(/\n\s*\n/g, '\n');
        await apiClient.setRules(replacedLineEndings);
-        dispatch(addSuccessToast('Updated the custom filtering rules'));
+        dispatch(addSuccessToast('updated_custom_filtering_toast'));
        dispatch(setRulesSuccess());
    } catch (error) {
        dispatch(addErrorToast({ error }));
@@ -359,7 +360,7 @@ export const refreshFilters = () => async (dispatch) => {

        if (refreshText.includes('OK')) {
            if (refreshText.includes('OK 0')) {
-                dispatch(addSuccessToast('All filters are already up-to-date'));
+                dispatch(addSuccessToast('all_filters_up_to_date_toast'));
            } else {
                dispatch(addSuccessToast(refreshText.replace(/OK /g, '')));
            }
@@ -456,7 +457,7 @@ export const setUpstream = url => async (dispatch) => {
    dispatch(setUpstreamRequest());
    try {
        await apiClient.setUpstream(url);
-        dispatch(addSuccessToast('Updated the upstream DNS servers'));
+        dispatch(addSuccessToast('updated_upstream_dns_toast'));
        dispatch(setUpstreamSuccess());
    } catch (error) {
        dispatch(addErrorToast({ error }));
@@ -476,13 +477,13 @@ export const testUpstream = servers => async (dispatch) => {
        const testMessages = Object.keys(upstreamResponse).map((key) => {
            const message = upstreamResponse[key];
            if (message !== 'OK') {
-                dispatch(addErrorToast({ error: `Server "${key}": could not be used, please check that you've written it correctly` }));
+                dispatch(addErrorToast({ error: t('dns_test_not_ok_toast', { key }) }));
            }
            return message;
        });

        if (testMessages.every(message => message === 'OK')) {
-            dispatch(addSuccessToast('Specified DNS servers are working correctly'));
+            dispatch(addSuccessToast('dns_test_ok_toast'));
        }

        dispatch(testUpstreamSuccess());
@@ -491,3 +492,160 @@ export const testUpstream = servers => async (dispatch) => {
        dispatch(testUpstreamFailure());
    }
 };
+
+export const changeLanguageRequest = createAction('CHANGE_LANGUAGE_REQUEST');
+export const changeLanguageFailure = createAction('CHANGE_LANGUAGE_FAILURE');
+export const changeLanguageSuccess = createAction('CHANGE_LANGUAGE_SUCCESS');
+
+export const changeLanguage = lang => async (dispatch) => {
+    dispatch(changeLanguageRequest());
+    try {
+        await apiClient.changeLanguage(lang);
+        dispatch(changeLanguageSuccess());
+    } catch (error) {
+        dispatch(addErrorToast({ error }));
+        dispatch(changeLanguageFailure());
+    }
+};
+
+export const getLanguageRequest = createAction('GET_LANGUAGE_REQUEST');
+export const getLanguageFailure = createAction('GET_LANGUAGE_FAILURE');
+export const getLanguageSuccess = createAction('GET_LANGUAGE_SUCCESS');
+
+export const getLanguage = () => async (dispatch) => {
+    dispatch(getLanguageRequest());
+    try {
+        const language = await apiClient.getCurrentLanguage();
+        dispatch(getLanguageSuccess(language));
+    } catch (error) {
+        dispatch(addErrorToast({ error }));
+        dispatch(getLanguageFailure());
+    }
+};
+
+export const getDhcpStatusRequest = createAction('GET_DHCP_STATUS_REQUEST');
+export const getDhcpStatusSuccess = createAction('GET_DHCP_STATUS_SUCCESS');
+export const getDhcpStatusFailure = createAction('GET_DHCP_STATUS_FAILURE');
+
+export const getDhcpStatus = () => async (dispatch) => {
+    dispatch(getDhcpStatusRequest());
+    try {
+        const status = await apiClient.getDhcpStatus();
+        dispatch(getDhcpStatusSuccess(status));
+    } catch (error) {
+        dispatch(addErrorToast({ error }));
+        dispatch(getDhcpStatusFailure());
+    }
+};
+
+export const getDhcpInterfacesRequest = createAction('GET_DHCP_INTERFACES_REQUEST');
+export const getDhcpInterfacesSuccess = createAction('GET_DHCP_INTERFACES_SUCCESS');
+export const getDhcpInterfacesFailure = createAction('GET_DHCP_INTERFACES_FAILURE');
+
+export const getDhcpInterfaces = () => async (dispatch) => {
+    dispatch(getDhcpInterfacesRequest());
+    try {
+        const interfaces = await apiClient.getDhcpInterfaces();
+        dispatch(getDhcpInterfacesSuccess(interfaces));
+    } catch (error) {
+        dispatch(addErrorToast({ error }));
+        dispatch(getDhcpInterfacesFailure());
+    }
+};
+
+export const findActiveDhcpRequest = createAction('FIND_ACTIVE_DHCP_REQUEST');
+export const findActiveDhcpSuccess = createAction('FIND_ACTIVE_DHCP_SUCCESS');
+export const findActiveDhcpFailure = createAction('FIND_ACTIVE_DHCP_FAILURE');
+
+export const findActiveDhcp = name => async (dispatch) => {
+    dispatch(findActiveDhcpRequest());
+    try {
+        const activeDhcp = await apiClient.findActiveDhcp(name);
+        dispatch(findActiveDhcpSuccess(activeDhcp));
+    } catch (error) {
+        dispatch(addErrorToast({ error }));
+        dispatch(findActiveDhcpFailure());
+    }
+};
+
+export const setDhcpConfigRequest = createAction('SET_DHCP_CONFIG_REQUEST');
+export const setDhcpConfigSuccess = createAction('SET_DHCP_CONFIG_SUCCESS');
+export const setDhcpConfigFailure = createAction('SET_DHCP_CONFIG_FAILURE');
+
+// TODO rewrite findActiveDhcp part
+export const setDhcpConfig = config => async (dispatch) => {
+    dispatch(setDhcpConfigRequest());
+    try {
+        if (config.interface_name) {
+            dispatch(findActiveDhcpRequest());
+            try {
+                const activeDhcp = await apiClient.findActiveDhcp(config.interface_name);
+                dispatch(findActiveDhcpSuccess(activeDhcp));
+
+                if (!activeDhcp.found) {
+                    await apiClient.setDhcpConfig(config);
+                    dispatch(addSuccessToast('dhcp_config_saved'));
+                    dispatch(setDhcpConfigSuccess());
+                    dispatch(getDhcpStatus());
+                } else {
+                    dispatch(addErrorToast({ error: 'dhcp_found' }));
+                }
+            } catch (error) {
+                dispatch(addErrorToast({ error }));
+                dispatch(findActiveDhcpFailure());
+            }
+        } else {
+            await apiClient.setDhcpConfig(config);
+            dispatch(addSuccessToast('dhcp_config_saved'));
+            dispatch(setDhcpConfigSuccess());
+            dispatch(getDhcpStatus());
+        }
+    } catch (error) {
+        dispatch(addErrorToast({ error }));
+        dispatch(setDhcpConfigFailure());
+    }
+};
+
+export const toggleDhcpRequest = createAction('TOGGLE_DHCP_REQUEST');
+export const toggleDhcpFailure = createAction('TOGGLE_DHCP_FAILURE');
+export const toggleDhcpSuccess = createAction('TOGGLE_DHCP_SUCCESS');
+
+// TODO rewrite findActiveDhcp part
+export const toggleDhcp = config => async (dispatch) => {
+    dispatch(toggleDhcpRequest());
+
+    if (config.enabled) {
+        dispatch(addSuccessToast('disabled_dhcp'));
+        try {
+            await apiClient.setDhcpConfig({ ...config, enabled: false });
+            dispatch(toggleDhcpSuccess());
+            dispatch(getDhcpStatus());
+        } catch (error) {
+            dispatch(addErrorToast({ error }));
+            dispatch(toggleDhcpFailure());
+        }
+    } else {
+        dispatch(findActiveDhcpRequest());
+        try {
+            const activeDhcp = await apiClient.findActiveDhcp(config.interface_name);
+            dispatch(findActiveDhcpSuccess(activeDhcp));
+
+            if (!activeDhcp.found) {
+                try {
+                    await apiClient.setDhcpConfig({ ...config, enabled: true });
+                    dispatch(toggleDhcpSuccess());
+                    dispatch(getDhcpStatus());
+                } catch (error) {
+                    dispatch(addErrorToast({ error }));
+                    dispatch(toggleDhcpFailure());
+                }
+                dispatch(addSuccessToast('enabled_dhcp'));
+            } else {
+                dispatch(addErrorToast({ error: 'dhcp_found' }));
+            }
+        } catch (error) {
+            dispatch(addErrorToast({ error }));
+            dispatch(findActiveDhcpFailure());
+        }
+    }
+};
--- a/client/src/api/Api.js
+++ b/client/src/api/Api.js
@@ -284,4 +284,56 @@ export default class Api {
        const { path, method } = this.SAFESEARCH_DISABLE;
        return this.makeRequest(path, method);
    }
+
+    // Language
+    CURRENT_LANGUAGE = { path: 'i18n/current_language', method: 'GET' };
+    CHANGE_LANGUAGE = { path: 'i18n/change_language', method: 'POST' };
+
+    getCurrentLanguage() {
+        const { path, method } = this.CURRENT_LANGUAGE;
+        return this.makeRequest(path, method);
+    }
+
+    changeLanguage(lang) {
+        const { path, method } = this.CHANGE_LANGUAGE;
+        const parameters = {
+            data: lang,
+            headers: { 'Content-Type': 'text/plain' },
+        };
+        return this.makeRequest(path, method, parameters);
+    }
+
+    // DHCP
+    DHCP_STATUS = { path: 'dhcp/status', method: 'GET' };
+    DHCP_SET_CONFIG = { path: 'dhcp/set_config', method: 'POST' };
+    DHCP_FIND_ACTIVE = { path: 'dhcp/find_active_dhcp', method: 'POST' };
+    DHCP_INTERFACES = { path: 'dhcp/interfaces', method: 'GET' };
+
+    getDhcpStatus() {
+        const { path, method } = this.DHCP_STATUS;
+        return this.makeRequest(path, method);
+    }
+
+    getDhcpInterfaces() {
+        const { path, method } = this.DHCP_INTERFACES;
+        return this.makeRequest(path, method);
+    }
+
+    setDhcpConfig(config) {
+        const { path, method } = this.DHCP_SET_CONFIG;
+        const parameters = {
+            data: config,
+            headers: { 'Content-Type': 'application/json' },
+        };
+        return this.makeRequest(path, method, parameters);
+    }
+
+    findActiveDhcp(name) {
+        const { path, method } = this.DHCP_FIND_ACTIVE;
+        const parameters = {
+            data: name,
+            headers: { 'Content-Type': 'text/plain' },
+        };
+        return this.makeRequest(path, method, parameters);
+    }
 }
--- a/client/src/components/App/index.js
+++ b/client/src/components/App/index.js
@@ -17,6 +17,7 @@ import Footer from '../ui/Footer';
 import Toasts from '../Toasts';
 import Status from '../ui/Status';
 import Update from '../ui/Update';
+import i18n from '../../i18n';

 class App extends Component {
    componentDidMount() {
@@ -24,10 +25,30 @@ class App extends Component {
        this.props.getVersion();
    }

+    componentDidUpdate(prevProps) {
+        if (this.props.dashboard.language !== prevProps.dashboard.language) {
+            this.setLanguage();
+        }
+    }
+
    handleStatusChange = () => {
        this.props.enableDns();
    };

+    setLanguage = () => {
+        const { processing, language } = this.props.dashboard;
+
+        if (!processing) {
+            if (language) {
+                i18n.changeLanguage(language);
+            }
+        }
+
+        i18n.on('languageChanged', (lang) => {
+            this.props.changeLanguage(lang);
+        });
+    }
+
    render() {
        const { dashboard } = this.props;
        const updateAvailable =
@@ -78,6 +99,7 @@ App.propTypes = {
    isCoreRunning: PropTypes.bool,
    error: PropTypes.string,
    getVersion: PropTypes.func,
+    changeLanguage: PropTypes.func,
 };

 export default App;
--- a/client/src/components/Dashboard/BlockedDomains.js
+++ b/client/src/components/Dashboard/BlockedDomains.js
@@ -2,6 +2,7 @@ import React, { Component } from 'react';
 import ReactTable from 'react-table';
 import PropTypes from 'prop-types';
 import map from 'lodash/map';
+import { withNamespaces, Trans } from 'react-i18next';

 import Card from '../ui/Card';
 import Cell from '../ui/Cell';
@@ -20,8 +21,8 @@ class BlockedDomains extends Component {
            const trackerData = getTrackerData(value);

            return (
-                <div className="logs__row" title={value}>
-                    <div className="logs__text">
+                <div className="logs__row">
+                    <div className="logs__text" title={value}>
                        {value}
                    </div>
                    {trackerData && <Popover data={trackerData} />}
@@ -29,7 +30,7 @@ class BlockedDomains extends Component {
            );
        },
    }, {
-        Header: 'Requests count',
+        Header: <Trans>requests_count</Trans>,
        accessor: 'domain',
        maxWidth: 190,
        Cell: ({ value }) => {
@@ -48,15 +49,16 @@ class BlockedDomains extends Component {
    }];

    render() {
+        const { t } = this.props;
        return (
-            <Card title="Top blocked domains" subtitle="for the last 24 hours" bodyType="card-table" refresh={this.props.refreshButton}>
+            <Card title={ t('top_blocked_domains') } subtitle={ t('for_last_24_hours') } bodyType="card-table" refresh={this.props.refreshButton}>
                <ReactTable
                    data={map(this.props.topBlockedDomains, (value, prop) => (
                        { ip: prop, domain: value }
                    ))}
                    columns={this.columns}
                    showPagination={false}
-                    noDataText="No domains found"
+                    noDataText={ t('no_domains_found') }
                    minRows={6}
                    className="-striped -highlight card-table-overflow stats__table"
                />
@@ -71,6 +73,7 @@ BlockedDomains.propTypes = {
    replacedSafebrowsing: PropTypes.number.isRequired,
    replacedParental: PropTypes.number.isRequired,
    refreshButton: PropTypes.node.isRequired,
+    t: PropTypes.func,
 };

-export default BlockedDomains;
+export default withNamespaces()(BlockedDomains);
--- a/client/src/components/Dashboard/Clients.js
+++ b/client/src/components/Dashboard/Clients.js
@@ -2,6 +2,7 @@ import React, { Component } from 'react';
 import ReactTable from 'react-table';
 import PropTypes from 'prop-types';
 import map from 'lodash/map';
+import { Trans, withNamespaces } from 'react-i18next';

 import Card from '../ui/Card';
 import Cell from '../ui/Cell';
@@ -23,8 +24,9 @@ class Clients extends Component {
        Header: 'IP',
        accessor: 'ip',
        Cell: ({ value }) => (<div className="logs__row logs__row--overflow"><span className="logs__text" title={value}>{value}</span></div>),
+        sortMethod: (a, b) => parseInt(a.replace(/\./g, ''), 10) - parseInt(b.replace(/\./g, ''), 10),
    }, {
-        Header: 'Requests count',
+        Header: <Trans>requests_count</Trans>,
        accessor: 'count',
        Cell: ({ value }) => {
            const percent = getPercent(this.props.dnsQueries, value);
@@ -37,15 +39,16 @@ class Clients extends Component {
    }];

    render() {
+        const { t } = this.props;
        return (
-            <Card title="Top clients" subtitle="for the last 24 hours" bodyType="card-table" refresh={this.props.refreshButton}>
+            <Card title={ t('top_clients') } subtitle={ t('for_last_24_hours') } bodyType="card-table" refresh={this.props.refreshButton}>
                <ReactTable
                    data={map(this.props.topClients, (value, prop) => (
                        { ip: prop, count: value }
                    ))}
                    columns={this.columns}
                    showPagination={false}
-                    noDataText="No clients found"
+                    noDataText={ t('no_clients_found') }
                    minRows={6}
                    className="-striped -highlight card-table-overflow"
                />
@@ -58,6 +61,7 @@ Clients.propTypes = {
    topClients: PropTypes.object.isRequired,
    dnsQueries: PropTypes.number.isRequired,
    refreshButton: PropTypes.node.isRequired,
+    t: PropTypes.func,
 };

-export default Clients;
+export default withNamespaces()(Clients);
--- a/client/src/components/Dashboard/Counters.js
+++ b/client/src/components/Dashboard/Counters.js
@@ -1,5 +1,6 @@
 import React from 'react';
 import PropTypes from 'prop-types';
+import { Trans, withNamespaces } from 'react-i18next';

 import Card from '../ui/Card';
 import Tooltip from '../ui/Tooltip';
@@ -7,13 +8,13 @@ import Tooltip from '../ui/Tooltip';
 const tooltipType = 'tooltip-custom--narrow';

 const Counters = props => (
-    <Card title="General statistics" subtitle="for the last 24 hours" bodyType="card-table" refresh={props.refreshButton}>
+    <Card title={ props.t('general_statistics') } subtitle={ props.t('for_last_24_hours') } bodyType="card-table" refresh={props.refreshButton}>
        <table className="table card-table">
            <tbody>
                <tr>
                    <td>
-                        DNS Queries
-                        <Tooltip text="A number of DNS quieries processed for the last 24 hours" type={tooltipType} />
+                        <Trans>dns_query</Trans>
+                        <Tooltip text={ props.t('number_of_dns_query_24_hours') } type={tooltipType} />
                    </td>
                    <td className="text-right">
                        <span className="text-muted">
@@ -23,8 +24,10 @@ const Counters = props => (
                </tr>
                <tr>
                    <td>
-                        Blocked by <a href="#filters">Filters</a>
-                        <Tooltip text="A number of DNS requests blocked by adblock filters and hosts blocklists" type={tooltipType} />
+                        <a href="#filters">
+                            <Trans>blocked_by</Trans>
+                        </a>
+                        <Tooltip text={ props.t('number_of_dns_query_blocked_24_hours') } type={tooltipType} />
                    </td>
                    <td className="text-right">
                        <span className="text-muted">
@@ -34,8 +37,8 @@ const Counters = props => (
                </tr>
                <tr>
                    <td>
-                        Blocked malware/phishing
-                        <Tooltip text="A number of DNS requests blocked by the AdGuard browsing security module" type={tooltipType} />
+                        <Trans>stats_malware_phishing</Trans>
+                        <Tooltip text={ props.t('number_of_dns_query_blocked_24_hours_by_sec') } type={tooltipType} />
                    </td>
                    <td className="text-right">
                        <span className="text-muted">
@@ -45,8 +48,8 @@ const Counters = props => (
                </tr>
                <tr>
                    <td>
-                        Blocked adult websites
-                        <Tooltip text="A number of adult websites blocked" type={tooltipType} />
+                        <Trans>stats_adult</Trans>
+                        <Tooltip text={ props.t('number_of_dns_query_blocked_24_hours_adult') } type={tooltipType} />
                    </td>
                    <td className="text-right">
                        <span className="text-muted">
@@ -56,8 +59,8 @@ const Counters = props => (
                </tr>
                <tr>
                    <td>
-                        Enforced safe search
-                        <Tooltip text="A number of DNS requests to search engines for which Safe Search was enforced" type={tooltipType} />
+                        <Trans>enforced_save_search</Trans>
+                        <Tooltip text={ props.t('number_of_dns_query_to_safe_search') } type={tooltipType} />
                    </td>
                    <td className="text-right">
                        <span className="text-muted">
@@ -67,8 +70,8 @@ const Counters = props => (
                </tr>
                <tr>
                    <td>
-                        Average processing time
-                        <Tooltip text="Average time in milliseconds on processing a DNS request" type={tooltipType} />
+                        <Trans>average_processing_time</Trans>
+                        <Tooltip text={ props.t('average_processing_time_hint') } type={tooltipType} />
                    </td>
                    <td className="text-right">
                        <span className="text-muted">
@@ -89,6 +92,7 @@ Counters.propTypes = {
    replacedSafesearch: PropTypes.number.isRequired,
    avgProcessingTime: PropTypes.number.isRequired,
    refreshButton: PropTypes.node.isRequired,
+    t: PropTypes.func.isRequired,
 };

-export default Counters;
+export default withNamespaces()(Counters);
--- a/client/src/components/Dashboard/QueriedDomains.js
+++ b/client/src/components/Dashboard/QueriedDomains.js
@@ -2,6 +2,7 @@ import React, { Component } from 'react';
 import ReactTable from 'react-table';
 import PropTypes from 'prop-types';
 import map from 'lodash/map';
+import { withNamespaces, Trans } from 'react-i18next';

 import Card from '../ui/Card';
 import Cell from '../ui/Cell';
@@ -29,8 +30,8 @@ class QueriedDomains extends Component {
            const trackerData = getTrackerData(value);

            return (
-                <div className="logs__row" title={value}>
-                    <div className="logs__text">
+                <div className="logs__row">
+                    <div className="logs__text" title={value}>
                        {value}
                    </div>
                    {trackerData && <Popover data={trackerData} />}
@@ -38,7 +39,7 @@ class QueriedDomains extends Component {
            );
        },
    }, {
-        Header: 'Requests count',
+        Header: <Trans>requests_count</Trans>,
        accessor: 'count',
        maxWidth: 190,
        Cell: ({ value }) => {
@@ -52,15 +53,16 @@ class QueriedDomains extends Component {
    }];

    render() {
+        const { t } = this.props;
        return (
-            <Card title="Top queried domains" subtitle="for the last 24 hours" bodyType="card-table" refresh={this.props.refreshButton}>
+            <Card title={ t('stats_query_domain') } subtitle={ t('for_last_24_hours') } bodyType="card-table" refresh={this.props.refreshButton}>
                <ReactTable
                    data={map(this.props.topQueriedDomains, (value, prop) => (
                        { ip: prop, count: value }
                    ))}
                    columns={this.columns}
                    showPagination={false}
-                    noDataText="No domains found"
+                    noDataText={ t('no_domains_found') }
                    minRows={6}
                    className="-striped -highlight card-table-overflow stats__table"
                />
@@ -73,6 +75,7 @@ QueriedDomains.propTypes = {
    topQueriedDomains: PropTypes.object.isRequired,
    dnsQueries: PropTypes.number.isRequired,
    refreshButton: PropTypes.node.isRequired,
+    t: PropTypes.func,
 };

-export default QueriedDomains;
+export default withNamespaces()(QueriedDomains);
--- a/client/src/components/Dashboard/Statistics.js
+++ b/client/src/components/Dashboard/Statistics.js
@@ -1,5 +1,6 @@
 import React, { Component } from 'react';
 import PropTypes from 'prop-types';
+import { Trans, withNamespaces } from 'react-i18next';

 import Card from '../ui/Card';
 import Line from '../ui/Line';
@@ -24,13 +25,13 @@ class Statistics extends Component {
        return (
            <div className="row">
                <div className="col-sm-6 col-lg-3">
-                    <Card bodyType="card-wrap">
+                    <Card type="card--full" bodyType="card-wrap">
                        <div className="card-body-stats">
                            <div className="card-value card-value-stats text-blue">
                                {dnsQueries}
                            </div>
                            <div className="card-title-stats">
-                                DNS Queries
+                                <Trans>dns_query</Trans>
                            </div>
                        </div>
                        <div className="card-chart-bg">
@@ -39,7 +40,7 @@ class Statistics extends Component {
                    </Card>
                </div>
                <div className="col-sm-6 col-lg-3">
-                    <Card bodyType="card-wrap">
+                    <Card type="card--full" bodyType="card-wrap">
                        <div className="card-body-stats">
                            <div className="card-value card-value-stats text-red">
                                {blockedFiltering}
@@ -48,7 +49,9 @@ class Statistics extends Component {
                                {getPercent(dnsQueries, blockedFiltering)}
                            </div>
                            <div className="card-title-stats">
-                                Blocked by <a href="#filters">Filters</a>
+                                <a href="#filters">
+                                    <Trans>blocked_by</Trans>
+                                </a>
                            </div>
                        </div>
                        <div className="card-chart-bg">
@@ -57,7 +60,7 @@ class Statistics extends Component {
                    </Card>
                </div>
                <div className="col-sm-6 col-lg-3">
-                    <Card bodyType="card-wrap">
+                    <Card type="card--full" bodyType="card-wrap">
                        <div className="card-body-stats">
                            <div className="card-value card-value-stats text-green">
                                {replacedSafebrowsing}
@@ -66,7 +69,7 @@ class Statistics extends Component {
                                {getPercent(dnsQueries, replacedSafebrowsing)}
                            </div>
                            <div className="card-title-stats">
-                                Blocked malware/phishing
+                                <Trans>stats_malware_phishing</Trans>
                            </div>
                        </div>
                        <div className="card-chart-bg">
@@ -75,7 +78,7 @@ class Statistics extends Component {
                    </Card>
                </div>
                <div className="col-sm-6 col-lg-3">
-                    <Card bodyType="card-wrap">
+                    <Card type="card--full" bodyType="card-wrap">
                        <div className="card-body-stats">
                            <div className="card-value card-value-stats text-yellow">
                                {replacedParental}
@@ -84,7 +87,7 @@ class Statistics extends Component {
                                {getPercent(dnsQueries, replacedParental)}
                            </div>
                            <div className="card-title-stats">
-                                Blocked adult websites
+                                <Trans>stats_adult</Trans>
                            </div>
                        </div>
                        <div className="card-chart-bg">
@@ -106,4 +109,4 @@ Statistics.propTypes = {
    refreshButton: PropTypes.node.isRequired,
 };

-export default Statistics;
+export default withNamespaces()(Statistics);
--- a/client/src/components/Dashboard/index.js
+++ b/client/src/components/Dashboard/index.js
@@ -1,6 +1,7 @@
 import React, { Component, Fragment } from 'react';
 import PropTypes from 'prop-types';
 import 'whatwg-fetch';
+import { Trans, withNamespaces } from 'react-i18next';

 import Statistics from './Statistics';
 import Counters from './Counters';
@@ -25,30 +26,30 @@ class Dashboard extends Component {

    getToggleFilteringButton = () => {
        const { protectionEnabled } = this.props.dashboard;
-        const buttonText = protectionEnabled ? 'Disable' : 'Enable';
+        const buttonText = protectionEnabled ? 'disable_protection' : 'enable_protection';
        const buttonClass = protectionEnabled ? 'btn-gray' : 'btn-success';

        return (
            <button type="button" className={`btn btn-sm mr-2 ${buttonClass}`} onClick={() => this.props.toggleProtection(protectionEnabled)}>
-                {buttonText} protection
+                <Trans>{buttonText}</Trans>
            </button>
        );
    }

    render() {
-        const { dashboard } = this.props;
+        const { dashboard, t } = this.props;
        const dashboardProcessing =
            dashboard.processing ||
            dashboard.processingStats ||
            dashboard.processingStatsHistory ||
            dashboard.processingTopStats;

-        const refreshFullButton = <button type="button" className="btn btn-outline-primary btn-sm" onClick={() => this.getAllStats()}>Refresh statistics</button>;
+        const refreshFullButton = <button type="button" className="btn btn-outline-primary btn-sm" onClick={() => this.getAllStats()}><Trans>refresh_statics</Trans></button>;
        const refreshButton = <button type="button" className="btn btn-outline-primary btn-sm card-refresh" onClick={() => this.getAllStats()} />;

        return (
            <Fragment>
-                <PageTitle title="Dashboard">
+                <PageTitle title={ t('dashboard') }>
                    <div className="page-title__actions">
                        {this.getToggleFilteringButton()}
                        {refreshFullButton}
@@ -124,6 +125,7 @@ Dashboard.propTypes = {
    isCoreRunning: PropTypes.bool,
    getFiltering: PropTypes.func,
    toggleProtection: PropTypes.func,
+    t: PropTypes.func,
 };

-export default Dashboard;
+export default withNamespaces()(Dashboard);
--- a/client/src/components/Filters/UserRules.js
+++ b/client/src/components/Filters/UserRules.js
@@ -1,8 +1,9 @@
 import React, { Component } from 'react';
 import PropTypes from 'prop-types';
+import { Trans, withNamespaces } from 'react-i18next';
 import Card from '../ui/Card';

-export default class UserRules extends Component {
+class UserRules extends Component {
    handleChange = (e) => {
        const { value } = e.currentTarget;
        this.props.handleRulesChange(value);
@@ -14,10 +15,11 @@ export default class UserRules extends Component {
    };

    render() {
+        const { t } = this.props;
        return (
            <Card
-                title="Custom filtering rules"
-                subtitle="Enter one rule on a line. You can use either adblock rules or hosts files syntax."
+                title={ t('custom_filter_rules') }
+                subtitle={ t('custom_filter_rules_hint') }
            >
                <form onSubmit={this.handleSubmit}>
                    <textarea className="form-control form-control--textarea-large" value={this.props.userRules} onChange={this.handleChange} />
@@ -27,31 +29,28 @@ export default class UserRules extends Component {
                            type="submit"
                            onClick={this.handleSubmit}
                        >
-                            Apply
+                            <Trans>apply_btn</Trans>
                        </button>
                    </div>
                </form>
                <hr/>
                <div className="list leading-loose">
-                    Examples:
+                    <Trans>examples_title</Trans>:
                    <ol className="leading-loose">
                        <li>
-                            <code>||example.org^</code> - block access to the example.org domain
-                            and all its subdomains
+                            <code>||example.org^</code> - { t('example_meaning_filter_block') }
                        </li>
                        <li>
-                            <code> @@||example.org^</code> - unblock access to the example.org
-                            domain and all its subdomains
+                            <code> @@||example.org^</code> - { t('example_meaning_filter_whitelist') }
                        </li>
                        <li>
-                            <code>127.0.0.1 example.org</code> - AdGuard Home will now return
-                            127.0.0.1 address for the example.org domain (but not its subdomains).
+                            <code>127.0.0.1 example.org</code> - { t('example_meaning_host_block') }
                        </li>
                        <li>
-                            <code>! Here goes a comment</code> - just a comment
+                            <code>{ t('example_comment') }</code> - { t('example_comment_meaning') }
                        </li>
                        <li>
-                            <code># Also a comment</code> - just a comment
+                            <code>{ t('example_comment_hash') }</code> - { t('example_comment_meaning') }
                        </li>
                    </ol>
                </div>
@@ -64,4 +63,7 @@ UserRules.propTypes = {
    userRules: PropTypes.string,
    handleRulesChange: PropTypes.func,
    handleRulesSubmit: PropTypes.func,
+    t: PropTypes.func,
 };
+
+export default withNamespaces()(UserRules);
--- a/client/src/components/Filters/index.js
+++ b/client/src/components/Filters/index.js
@@ -1,6 +1,7 @@
 import React, { Component } from 'react';
 import ReactTable from 'react-table';
 import PropTypes from 'prop-types';
+import { Trans, withNamespaces } from 'react-i18next';
 import Modal from '../ui/Modal';
 import PageTitle from '../ui/PageTitle';
 import Card from '../ui/Card';
@@ -33,59 +34,62 @@ class Filters extends Component {
    };

    columns = [{
-        Header: 'Enabled',
+        Header: <Trans>enabled_table_header</Trans>,
        accessor: 'enabled',
        Cell: this.renderCheckbox,
        width: 90,
        className: 'text-center',
    }, {
-        Header: 'Name',
+        Header: <Trans>name_table_header</Trans>,
        accessor: 'name',
        Cell: ({ value }) => (<div className="logs__row logs__row--overflow"><span className="logs__text" title={value}>{value}</span></div>),
    }, {
-        Header: 'Filter URL',
+        Header: <Trans>filter_url_table_header</Trans>,
        accessor: 'url',
        Cell: ({ value }) => (<div className="logs__row logs__row--overflow"><a href={value} target='_blank' rel='noopener noreferrer' className="link logs__text">{value}</a></div>),
    }, {
-        Header: 'Rules count',
+        Header: <Trans>rules_count_table_header</Trans>,
        accessor: 'rulesCount',
        className: 'text-center',
+        Cell: props => props.value.toLocaleString(),
    }, {
-        Header: 'Last time updated',
+        Header: <Trans>last_time_updated_table_header</Trans>,
        accessor: 'lastUpdated',
        className: 'text-center',
    }, {
-        Header: 'Actions',
+        Header: <Trans>actions_table_header</Trans>,
        accessor: 'url',
-        Cell: ({ value }) => (<span className='remove-icon fe fe-trash-2' onClick={() => this.props.removeFilter(value)}/>),
+        Cell: ({ value }) => (<span title={ this.props.t('delete_table_action') } className='remove-icon fe fe-trash-2' onClick={() => this.props.removeFilter(value)}/>),
        className: 'text-center',
-        width: 75,
+        width: 80,
        sortable: false,
    },
    ];

    render() {
+        const { t } = this.props;
        const { filters, userRules } = this.props.filtering;
        return (
            <div>
-                <PageTitle title="Filters" />
+                <PageTitle title={ t('filters') } />
                <div className="content">
                    <div className="row">
                        <div className="col-md-12">
                            <Card
-                                title="Filters and hosts blocklists"
-                                subtitle="AdGuard Home understands basic adblock rules and hosts files syntax."
+                                title={ t('filters_and_hosts') }
+                                subtitle={ t('filters_and_hosts_hint') }
                            >
                                <ReactTable
                                    data={filters}
                                    columns={this.columns}
-                                    showPagination={false}
-                                    noDataText="No filters added"
+                                    showPagination={true}
+                                    defaultPageSize={10}
+                                    noDataText={ t('no_filters_added') }
                                    minRows={4} // TODO find out what to show if rules.length is 0
                                />
                                <div className="card-actions">
-                                    <button className="btn btn-success btn-standart mr-2" type="submit" onClick={this.props.toggleFilteringModal}>Add filter</button>
-                                    <button className="btn btn-primary btn-standart" type="submit" onClick={this.props.refreshFilters}>Check updates</button>
+                                    <button className="btn btn-success btn-standart mr-2" type="submit" onClick={this.props.toggleFilteringModal}><Trans>add_filter_btn</Trans></button>
+                                    <button className="btn btn-primary btn-standart" type="submit" onClick={this.props.refreshFilters}><Trans>check_updates_btn</Trans></button>
                                </div>
                            </Card>
                        </div>
@@ -103,8 +107,8 @@ class Filters extends Component {
                    toggleModal={this.props.toggleFilteringModal}
                    addFilter={this.props.addFilter}
                    isFilterAdded={this.props.filtering.isFilterAdded}
-                    title="New filter subscription"
-                    inputDescription="Enter a valid URL to a filter subscription or a hosts file."
+                    title={ t('new_filter_btn') }
+                    inputDescription={ t('enter_valid_filter_url') }
                />
            </div>
        );
@@ -126,7 +130,8 @@ Filters.propTypes = {
    toggleFilteringModal: PropTypes.func.isRequired,
    handleRulesChange: PropTypes.func.isRequired,
    refreshFilters: PropTypes.func.isRequired,
+    t: PropTypes.func,
 };


-export default Filters;
+export default withNamespaces()(Filters);
--- a/client/src/components/Header/Header.css
+++ b/client/src/components/Header/Header.css
@@ -88,6 +88,8 @@
    .nav-tabs .nav-link {
        width: auto;
        border-bottom: 1px solid transparent;
+        font-size: 13px;
+        white-space: nowrap;
    }

    .mobile-menu {
@@ -107,6 +109,15 @@

    .nav-version {
        padding: 0;
+    }
+}
+
+@media screen and (min-width: 1280px) {
+    .nav-tabs .nav-link {
+        font-size: 14px;
+    }
+
+    .nav-version {
        font-size: 0.85rem;
    }
 }
--- a/client/src/components/Header/Menu.js
+++ b/client/src/components/Header/Menu.js
@@ -3,7 +3,7 @@ import { NavLink } from 'react-router-dom';
 import PropTypes from 'prop-types';
 import enhanceWithClickOutside from 'react-click-outside';
 import classnames from 'classnames';
-
+import { Trans, withNamespaces } from 'react-i18next';
 import { REPOSITORY } from '../../helpers/constants';

 class Menu extends Component {
@@ -17,48 +17,48 @@ class Menu extends Component {

    render() {
        const menuClass = classnames({
-            'col-lg mobile-menu': true,
+            'col-lg-6 mobile-menu': true,
            'mobile-menu--active': this.props.isMenuOpen,
        });

        return (
            <Fragment>
                <div className={menuClass}>
-                    <ul className="nav nav-tabs border-0 flex-column flex-lg-row">
+                    <ul className="nav nav-tabs border-0 flex-column flex-lg-row flex-nowrap">
                        <li className="nav-item border-bottom d-lg-none" onClick={this.toggleMenu}>
                            <div className="nav-link nav-link--back">
                                <svg className="nav-icon" fill="none" height="24" strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" viewBox="0 0 24 24" width="24" xmlns="http://www.w3.org/2000/svg"><path d="m19 12h-14"/><path d="m12 19-7-7 7-7"/></svg>
-                                Back
+                                <Trans>back</Trans>
                            </div>
                        </li>
                        <li className="nav-item">
                            <NavLink to="/" exact={true} className="nav-link">
                                <svg className="nav-icon" fill="none" height="24" stroke="#9aa0ac" strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" viewBox="0 0 24 24" width="24" xmlns="http://www.w3.org/2000/svg"><path d="m3 9 9-7 9 7v11a2 2 0 0 1 -2 2h-14a2 2 0 0 1 -2-2z"/><path d="m9 22v-10h6v10"/></svg>
-                                Dashboard
+                                <Trans>dashboard</Trans>
                            </NavLink>
                        </li>
                        <li className="nav-item">
                            <NavLink to="/settings" className="nav-link">
                                <svg className="nav-icon" fill="none" height="24" strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" viewBox="0 0 24 24" width="24" xmlns="http://www.w3.org/2000/svg"><circle cx="12" cy="12" r="3"/><path d="m19.4 15a1.65 1.65 0 0 0 .33 1.82l.06.06a2 2 0 0 1 0 2.83 2 2 0 0 1 -2.83 0l-.06-.06a1.65 1.65 0 0 0 -1.82-.33 1.65 1.65 0 0 0 -1 1.51v.17a2 2 0 0 1 -2 2 2 2 0 0 1 -2-2v-.09a1.65 1.65 0 0 0 -1.08-1.51 1.65 1.65 0 0 0 -1.82.33l-.06.06a2 2 0 0 1 -2.83 0 2 2 0 0 1 0-2.83l.06-.06a1.65 1.65 0 0 0 .33-1.82 1.65 1.65 0 0 0 -1.51-1h-.17a2 2 0 0 1 -2-2 2 2 0 0 1 2-2h.09a1.65 1.65 0 0 0 1.51-1.08 1.65 1.65 0 0 0 -.33-1.82l-.06-.06a2 2 0 0 1 0-2.83 2 2 0 0 1 2.83 0l.06.06a1.65 1.65 0 0 0 1.82.33h.08a1.65 1.65 0 0 0 1-1.51v-.17a2 2 0 0 1 2-2 2 2 0 0 1 2 2v.09a1.65 1.65 0 0 0 1 1.51 1.65 1.65 0 0 0 1.82-.33l.06-.06a2 2 0 0 1 2.83 0 2 2 0 0 1 0 2.83l-.06.06a1.65 1.65 0 0 0 -.33 1.82v.08a1.65 1.65 0 0 0 1.51 1h.17a2 2 0 0 1 2 2 2 2 0 0 1 -2 2h-.09a1.65 1.65 0 0 0 -1.51 1z"/></svg>
-                                Settings
+                                <Trans>settings</Trans>
                            </NavLink>
                        </li>
                        <li className="nav-item">
                            <NavLink to="/filters" className="nav-link">
                                <svg className="nav-icon" fill="none" height="24" strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" viewBox="0 0 24 24" width="24" xmlns="http://www.w3.org/2000/svg"><path d="m22 3h-20l8 9.46v6.54l4 2v-8.54z"/></svg>
-                                Filters
+                                <Trans>filters</Trans>
                            </NavLink>
                        </li>
                        <li className="nav-item">
                            <NavLink to="/logs" className="nav-link">
                                <svg className="nav-icon" fill="none" height="24" strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" viewBox="0 0 24 24" width="24" xmlns="http://www.w3.org/2000/svg"><path d="m14 2h-8a2 2 0 0 0 -2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2v-12z"/><path d="m14 2v6h6"/><path d="m16 13h-8"/><path d="m16 17h-8"/><path d="m10 9h-1-1"/></svg>
-                                Query Log
+                                <Trans>query_log</Trans>
                            </NavLink>
                        </li>
                        <li className="nav-item">
                            <a href={`${REPOSITORY.URL}/wiki`} className="nav-link" target="_blank" rel="noopener noreferrer">
                                <svg className="nav-icon" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="#66b574" strokeWidth="2" strokeLinecap="round" strokeLinejoin="round"><circle cx="12" cy="12" r="10"></circle><path d="M9.09 9a3 3 0 0 1 5.83 1c0 2-3 3-3 3"></path><line x1="12" y1="17" x2="12" y2="17"></line></svg>
-                                FAQ
+                                <Trans>faq</Trans>
                            </a>
                        </li>
                    </ul>
@@ -74,4 +74,4 @@ Menu.propTypes = {
    toggleMenuOpen: PropTypes.func,
 };

-export default enhanceWithClickOutside(Menu);
+export default withNamespaces()(enhanceWithClickOutside(Menu));
--- a/client/src/components/Header/Version.js
+++ b/client/src/components/Header/Version.js
@@ -1,15 +1,16 @@
 import React from 'react';
 import PropTypes from 'prop-types';
+import { Trans, withNamespaces } from 'react-i18next';

-export default function Version(props) {
+function Version(props) {
    const { dnsVersion, dnsAddress, dnsPort } = props;
    return (
        <div className="nav-version">
            <div className="nav-version__text">
-                version: <span className="nav-version__value">{dnsVersion}</span>
+                <Trans>version</Trans>: <span className="nav-version__value">{dnsVersion}</span>
            </div>
            <div className="nav-version__text">
-                address: <span className="nav-version__value">{dnsAddress}:{dnsPort}</span>
+                <Trans>address</Trans>: <span className="nav-version__value">{dnsAddress}:{dnsPort}</span>
            </div>
        </div>
    );
@@ -20,3 +21,5 @@ Version.propTypes = {
    dnsAddress: PropTypes.string,
    dnsPort: PropTypes.number,
 };
+
+export default withNamespaces()(Version);
--- a/client/src/components/Header/index.js
+++ b/client/src/components/Header/index.js
@@ -2,6 +2,7 @@ import React, { Component } from 'react';
 import { Link } from 'react-router-dom';
 import PropTypes from 'prop-types';
 import classnames from 'classnames';
+import { Trans, withNamespaces } from 'react-i18next';

 import Menu from './Menu';
 import Version from './Version';
@@ -44,7 +45,7 @@ class Header extends Component {
                                </Link>
                                {!dashboard.proccessing && dashboard.isCoreRunning &&
                                    <span className={badgeClass}>
-                                        {dashboard.protectionEnabled ? 'ON' : 'OFF'}
+                                        <Trans>{dashboard.protectionEnabled ? 'on' : 'off'}</Trans>
                                    </span>
                                }
                            </div>
@@ -72,4 +73,4 @@ Header.propTypes = {
    location: PropTypes.object,
 };

-export default Header;
+export default withNamespaces()(Header);
--- a/client/src/components/Header/logo.svg
+++ b/client/src/components/Header/logo.svg
@@ -1 +1 @@
-<svg width="340" height="91" viewBox="0 0 340 91" xmlns="http://www.w3.org/2000/svg"><g fill="none" fill-rule="evenodd"><path d="M265.964 50l-2.615-6.675h-13.03L247.844 50H239l14.124-34h7.894L275 50h-9.036zm-9.035-24.924l-4.28 11.67h8.465l-4.185-11.67zM238 37.231c0 2.054-.342 3.924-1.027 5.609-.685 1.685-1.664 3.129-2.938 4.333-1.274 1.203-2.811 2.142-4.61 2.816-1.8.674-3.799 1.011-5.997 1.011-2.23 0-4.236-.337-6.02-1.011-1.783-.674-3.296-1.613-4.538-2.816-1.242-1.204-2.198-2.648-2.867-4.333S209 39.285 209 37.23V16h8.122v20.557c0 .93.12 1.813.358 2.648a6.82 6.82 0 0 0 1.1 2.239c.493.658 1.146 1.18 1.958 1.564.812.385 1.791.578 2.938.578 1.147 0 2.126-.193 2.938-.578.813-.385 1.473-.906 1.983-1.564a6.248 6.248 0 0 0 1.099-2.239c.223-.835.334-1.717.334-2.648V16H238v21.231zM204 47.134c-1.623.846-3.52 1.535-5.69 2.067-2.17.533-4.534.799-7.094.799-2.654 0-5.096-.423-7.329-1.268-2.232-.846-4.152-2.036-5.76-3.57-1.607-1.536-2.864-3.376-3.769-5.521-.905-2.145-1.358-4.534-1.358-7.164 0-2.663.46-5.074 1.381-7.235.921-2.161 2.194-4.002 3.817-5.52 1.623-1.52 3.528-2.686 5.713-3.5 2.185-.815 4.542-1.222 7.07-1.222 2.623 0 5.058.4 7.306 1.198 2.248.799 4.074 1.871 5.479 3.218l-5.058 5.779c-.78-.909-1.81-1.652-3.09-2.232-1.28-.58-2.732-.869-4.355-.869-1.405 0-2.7.258-3.887.775a9.345 9.345 0 0 0-3.09 2.161c-.875.924-1.554 2.02-2.038 3.289-.483 1.268-.725 2.654-.725 4.158 0 1.534.218 2.944.655 4.228.437 1.284 1.085 2.388 1.944 3.312.858.924 1.92 1.644 3.184 2.16 1.264.518 2.708.776 4.331.776.937 0 1.827-.07 2.67-.211a9.929 9.929 0 0 0 2.341-.682V36h-6.322v-6.483H204v17.617zM340 32.904c0 2.977-.54 5.547-1.618 7.708-1.079 2.16-2.501 3.937-4.268 5.33a17.637 17.637 0 0 1-5.98 3.074c-2.22.656-4.47.984-6.753.984H309V16h12.006c2.345 0 4.659.28 6.941.84 2.282.56 4.315 1.49 6.097 2.786s3.22 3.033 4.315 5.21c1.094 2.177 1.641 4.866 1.641 8.068zm-8.348 0c0-1.921-.305-3.514-.914-4.778-.61-1.265-1.423-2.273-2.44-3.026a9.649 9.649 0 0 0-3.47-1.608 16.677 16.677 0 0 0-4.01-.48h-3.986v19.88h3.799a16.86 16.86 0 0 0 4.15-.504c1.33-.336 2.502-.888 3.518-1.656 1.016-.769 1.829-1.793 2.439-3.074.61-1.28.914-2.865.914-4.754zM169 32.904c0 2.977-.54 5.547-1.618 7.708-1.079 2.16-2.501 3.937-4.268 5.33a17.637 17.637 0 0 1-5.98 3.074c-2.22.656-4.47.984-6.753.984H138V16h12.006c2.345 0 4.659.28 6.941.84 2.282.56 4.315 1.49 6.097 2.786s3.22 3.033 4.315 5.21c1.094 2.177 1.641 4.866 1.641 8.068zm-8.348 0c0-1.921-.305-3.514-.914-4.778-.61-1.265-1.423-2.273-2.44-3.026a9.649 9.649 0 0 0-3.47-1.608 16.677 16.677 0 0 0-4.01-.48h-3.986v19.88h3.799a16.86 16.86 0 0 0 4.15-.504c1.33-.336 2.502-.888 3.518-1.656 1.016-.769 1.829-1.793 2.439-3.074.61-1.28.914-2.865.914-4.754zM126.964 50l-2.615-6.675h-13.03L108.844 50H100l14.124-34h7.894L136 50h-9.036zm-9.035-24.924l-4.28 11.67h8.465l-4.185-11.67zM295.674 50l-7.135-13.494h-2.705V50H278V16h12.59c1.586 0 3.133.168 4.64.504 1.508.336 2.86.905 4.058 1.705 1.196.8 2.152 1.857 2.867 3.17.715 1.312 1.073 2.945 1.073 4.898 0 2.305-.606 4.242-1.819 5.81-1.212 1.57-2.89 2.69-5.036 3.362L305 50h-9.326zm-.327-23.58c0-.8-.163-1.448-.49-1.944a3.39 3.39 0 0 0-1.259-1.153 5.355 5.355 0 0 0-1.725-.552 12.364 12.364 0 0 0-1.842-.144h-4.243v7.924h3.777c.653 0 1.321-.056 2.005-.168a6.257 6.257 0 0 0 1.865-.6 3.596 3.596 0 0 0 1.376-1.25c.357-.543.536-1.248.536-2.112z" fill="#242424"/><path d="M44.477 0C30.575 0 13.805 3.255 0 10.419 0 25.89-.19 64.436 44.477 90.772 89.145 64.436 88.956 25.89 88.956 10.42 75.149 3.255 58.38 0 44.476 0z" fill="#68BC71"/><path d="M44.431 90.746C-.19 64.41 0 25.886 0 10.419 13.79 3.263 30.538.007 44.431 0v90.746z" fill="#67B279"/><path d="M42.854 60.566L69.75 24.477c-1.97-1.572-3.7-.462-4.65.397l-.036.003L42.64 48.102l-8.45-10.123c-4.03-4.636-9.51-1.1-10.79-.165l19.455 22.752" fill="#FFF"/><path d="M102.65 83V64.8h2.054v8.086h10.504V64.8h2.054V83h-2.054v-8.19h-10.504V83h-2.054zm28.21.312c-5.538 0-9.256-4.342-9.256-9.412 0-5.018 3.77-9.412 9.308-9.412s9.256 4.342 9.256 9.412c0 5.018-3.77 9.412-9.308 9.412zm.052-1.898c4.16 0 7.124-3.328 7.124-7.514 0-4.134-3.016-7.514-7.176-7.514s-7.124 3.328-7.124 7.514c0 4.134 3.016 7.514 7.176 7.514zM144.51 83V64.8h2.08l6.63 9.932 6.63-9.932h2.08V83h-2.054V68.258l-6.63 9.75h-.104l-6.63-9.724V83h-2.002zm22.568 0V64.8h13.156v1.872h-11.102v6.214h9.932v1.872h-9.932v6.37h11.232V83h-13.286z" fill="#4D4D4D"/></g></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="164" height="41" viewBox="0 0 164 41"><g fill-rule="evenodd"><path d="M129.984 22l-1.162-2.945h-5.792L121.931 22H118l6.277-15h3.509L134 22h-4.016zm-4.016-10.996l-1.902 5.149h3.762l-1.86-5.149zM117 16.1c0 .88-.153 1.682-.46 2.404a5.223 5.223 0 0 1-1.318 1.857c-.57.516-1.26.918-2.066 1.207-.807.289-1.703.433-2.688.433-1 0-1.9-.144-2.699-.433-.8-.29-1.477-.691-2.034-1.207a5.232 5.232 0 0 1-1.285-1.857c-.3-.722-.45-1.524-.45-2.404V7h3.64v8.81c0 .4.054.777.161 1.135.108.358.272.677.493.96.221.281.514.505.878.67.364.165.803.248 1.317.248.514 0 .953-.083 1.317-.248.365-.165.66-.389.89-.67.228-.283.392-.602.492-.96.1-.358.15-.736.15-1.135V7H117v9.099zm-16 4.673c-.733.362-1.59.658-2.57.886-.98.228-2.047.342-3.203.342-1.199 0-2.302-.181-3.31-.544-1.008-.362-1.875-.872-2.601-1.53a6.977 6.977 0 0 1-1.703-2.366c-.409-.92-.613-1.943-.613-3.07 0-1.141.208-2.175.624-3.1a6.903 6.903 0 0 1 1.723-2.367 7.71 7.71 0 0 1 2.58-1.5C92.914 7.174 93.98 7 95.121 7c1.184 0 2.284.171 3.299.513 1.015.343 1.84.802 2.474 1.38l-2.284 2.476c-.352-.39-.817-.708-1.395-.956-.579-.249-1.234-.373-1.967-.373-.635 0-1.22.111-1.756.332a4.23 4.23 0 0 0-1.395.927 4.178 4.178 0 0 0-.92 1.41 4.734 4.734 0 0 0-.328 1.78c0 .659.099 1.263.296 1.813.197.55.49 1.024.878 1.42.387.395.867.704 1.438.926.57.221 1.223.332 1.956.332.423 0 .825-.03 1.205-.09.381-.061.733-.158 1.058-.293V16h-2.855v-2.779H101v7.55zm63-6.314c0 1.313-.244 2.447-.73 3.4a6.855 6.855 0 0 1-1.928 2.352 8.035 8.035 0 0 1-2.7 1.356 10.94 10.94 0 0 1-3.05.434H150V7h5.422c1.06 0 2.104.124 3.135.37a7.866 7.866 0 0 1 2.753 1.23c.805.572 1.454 1.338 1.949 2.298.494.96.741 2.147.741 3.56zm-3.77 0c0-.848-.138-1.55-.413-2.108a3.549 3.549 0 0 0-1.101-1.335 4.405 4.405 0 0 0-1.568-.71 7.7 7.7 0 0 0-1.81-.212h-1.8v8.771h1.715c.65 0 1.274-.074 1.874-.222a4.43 4.43 0 0 0 1.589-.731 3.62 3.62 0 0 0 1.1-1.356c.276-.565.414-1.264.414-2.097zm-75.23 0c0 1.313-.244 2.447-.73 3.4a6.855 6.855 0 0 1-1.928 2.352 8.035 8.035 0 0 1-2.7 1.356 10.94 10.94 0 0 1-3.05.434H71V7h5.422c1.06 0 2.104.124 3.135.37A7.866 7.866 0 0 1 82.31 8.6c.805.572 1.454 1.338 1.949 2.298.494.96.741 2.147.741 3.56zm-3.77 0c0-.848-.138-1.55-.413-2.108a3.549 3.549 0 0 0-1.101-1.335 4.405 4.405 0 0 0-1.568-.71 7.7 7.7 0 0 0-1.81-.212h-1.8v8.771h1.715c.65 0 1.274-.074 1.874-.222a4.43 4.43 0 0 0 1.589-.731 3.62 3.62 0 0 0 1.1-1.356c.276-.565.414-1.264.414-2.097zM65.984 22l-1.162-2.945H59.03L57.931 22H54l6.277-15h3.509L70 22h-4.016zm-4.016-10.996l-1.902 5.149h3.762l-1.86-5.149zM143.855 22l-3.171-5.953h-1.202V22H136V7h5.596c.705 0 1.392.074 2.062.222.67.149 1.271.4 1.803.753a3.9 3.9 0 0 1 1.275 1.398c.318.579.476 1.3.476 2.16 0 1.018-.269 1.872-.808 2.564-.539.693-1.285 1.187-2.238 1.484L148 22h-4.145zm-.145-10.403c0-.353-.073-.639-.218-.858a1.502 1.502 0 0 0-.56-.508 2.393 2.393 0 0 0-.766-.244 5.535 5.535 0 0 0-.819-.063h-1.886v3.495h1.679c.29 0 .587-.024.891-.074.304-.05.58-.137.83-.264.248-.128.452-.311.61-.551.16-.24.239-.551.239-.933zM55 37.851v-8.702h.951v3.866h4.866V29.15h.952v8.702h-.952v-3.916h-4.866v3.916H55zM68.068 38c-2.565 0-4.288-2.076-4.288-4.5 0-2.4 1.747-4.5 4.312-4.5 2.565 0 4.288 2.076 4.288 4.5 0 2.4-1.747 4.5-4.312 4.5zm.024-.907c1.927 0 3.3-1.592 3.3-3.593 0-1.977-1.397-3.593-3.324-3.593-1.927 0-3.3 1.592-3.3 3.593 0 1.977 1.397 3.593 3.324 3.593zm6.3.758v-8.702h.963l3.07 4.749 3.072-4.749h.964v8.702h-.952v-7.049l-3.071 4.662h-.048l-3.071-4.65v7.037h-.928zm10.453 0v-8.702h6.095v.895h-5.143v2.971h4.6v.895h-4.6v3.046H91v.895h-6.155z"/><path fill-rule="nonzero" d="M2.831 14.045c.775 4.287 2.266 8.333 4.685 12.143 2.958 4.659 7.21 8.797 12.984 12.319 5.774-3.522 10.026-7.66 12.984-12.319 2.42-3.81 3.91-7.856 4.685-12.143.489-2.706.644-4.844.672-8.003C33.368 3.522 26.636 2.14 20.5 2.14c-6.137 0-12.869 1.381-18.341 3.9.028 3.16.183 5.298.672 8.004zM20.5 0C26.908 0 34.637 1.47 41 4.706c0 6.988.087 24.398-20.5 36.294C-.088 29.104 0 11.694 0 4.706 6.363 1.47 14.092 0 20.5 0z"/><path d="M20.234 27L33 11.344c-.935-.682-1.756-.2-2.208.172l-.016.001-10.644 10.076-4.01-4.392c-1.913-2.011-4.514-.477-5.122-.072L20.234 27"/></g></svg>
--- a/client/src/components/Logs/index.js
+++ b/client/src/components/Logs/index.js
@@ -4,13 +4,14 @@ import ReactTable from 'react-table';
 import { saveAs } from 'file-saver/FileSaver';
 import escapeRegExp from 'lodash/escapeRegExp';
 import endsWith from 'lodash/endsWith';
+import { Trans, withNamespaces } from 'react-i18next';

 import { formatTime } from '../../helpers/helpers';
 import { getTrackerData } from '../../helpers/trackers/trackers';
 import PageTitle from '../ui/PageTitle';
 import Card from '../ui/Card';
 import Loading from '../ui/Loading';
-import Tooltip from '../ui/Tooltip';
+import PopoverFiltered from '../ui/PopoverFilter';
 import Popover from '../ui/Popover';
 import './Logs.css';

@@ -36,15 +37,16 @@ class Logs extends Component {
        }
    }

-    renderTooltip(isFiltered, rule) {
+    renderTooltip(isFiltered, rule, filter) {
        if (rule) {
-            return (isFiltered && <Tooltip text={rule}/>);
+            return (isFiltered && <PopoverFiltered rule={rule} filter={filter}/>);
        }
        return '';
    }

    toggleBlocking = (type, domain) => {
        const { userRules } = this.props.filtering;
+        const { t } = this.props;
        const lineEnding = !endsWith(userRules, '\n') ? '\n' : '';
        const baseRule = `||${domain}^$important`;
        const baseUnblocking = `@@${baseRule}`;
@@ -55,10 +57,10 @@ class Logs extends Component {

        if (userRules.match(preparedBlockingRule)) {
            this.props.setRules(userRules.replace(`${blockingRule}`, ''));
-            this.props.addSuccessToast(`Rule removed from the custom filtering rules: ${blockingRule}`);
+            this.props.addSuccessToast(`${t('rule_removed_from_custom_filtering_toast')}: ${blockingRule}`);
        } else if (!userRules.match(preparedUnblockingRule)) {
            this.props.setRules(`${userRules}${lineEnding}${unblockingRule}\n`);
-            this.props.addSuccessToast(`Rule added to the custom filtering rules: ${unblockingRule}`);
+            this.props.addSuccessToast(`${t('rule_added_to_custom_filtering_toast')}: ${unblockingRule}`);
        }

        this.props.getFilteringStatus();
@@ -66,30 +68,32 @@ class Logs extends Component {

    renderBlockingButton(isFiltered, domain) {
        const buttonClass = isFiltered ? 'btn-outline-secondary' : 'btn-outline-danger';
-        const buttonText = isFiltered ? 'Unblock' : 'Block';
+        const buttonText = isFiltered ? 'unblock_btn' : 'block_btn';
+        const buttonType = isFiltered ? 'unblock' : 'block';

        return (
            <div className="logs__action">
                <button
                    type="button"
                    className={`btn btn-sm ${buttonClass}`}
-                    onClick={() => this.toggleBlocking(buttonText.toLowerCase(), domain)}
+                    onClick={() => this.toggleBlocking(buttonType, domain)}
                >
-                    {buttonText}
+                    <Trans>{buttonText}</Trans>
                </button>
            </div>
        );
    }

    renderLogs(logs) {
+        const { t } = this.props;
        const columns = [{
-            Header: 'Time',
+            Header: t('time_table_header'),
            accessor: 'time',
            maxWidth: 110,
            filterable: false,
            Cell: ({ value }) => (<div className="logs__row"><span className="logs__text" title={value}>{formatTime(value)}</span></div>),
        }, {
-            Header: 'Domain name',
+            Header: t('domain_name_table_header'),
            accessor: 'domain',
            Cell: (row) => {
                const response = row.value;
@@ -105,11 +109,11 @@ class Logs extends Component {
                );
            },
        }, {
-            Header: 'Type',
+            Header: t('type_table_header'),
            accessor: 'type',
            maxWidth: 60,
        }, {
-            Header: 'Response',
+            Header: t('response_table_header'),
            accessor: 'response',
            Cell: (row) => {
                const responses = row.value;
@@ -117,14 +121,34 @@ class Logs extends Component {
                const isFiltered = row ? reason.indexOf('Filtered') === 0 : false;
                const parsedFilteredReason = reason.replace('Filtered', 'Filtered by ');
                const rule = row && row.original && row.original.rule;
+                const { filterId } = row.original;
+                const { filters } = this.props.filtering;
+                let filterName = '';
+
+                if (reason === 'FilteredBlackList' || reason === 'NotFilteredWhiteList') {
+                    if (filterId === 0) {
+                        filterName = t('custom_filter_rules');
+                    } else {
+                        const filterItem = Object.keys(filters)
+                            .filter(key => filters[key].id === filterId);
+
+                        if (typeof filterItem !== 'undefined' && typeof filters[filterItem] !== 'undefined') {
+                            filterName = filters[filterItem].name;
+                        }
+
+                        if (!filterName) {
+                            filterName = t('unknown_filter', { filterId });
+                        }
+                    }
+                }

                if (isFiltered) {
                    return (
                        <div className="logs__row">
-                            {this.renderTooltip(isFiltered, rule)}
                            <span className="logs__text" title={parsedFilteredReason}>
                                {parsedFilteredReason}
                            </span>
+                            {this.renderTooltip(isFiltered, rule, filterName)}
                        </div>
                    );
                }
@@ -132,24 +156,26 @@ class Logs extends Component {
                if (responses.length > 0) {
                    const liNodes = responses.map((response, index) =>
                        (<li key={index} title={response}>{response}</li>));
+                    const isRenderTooltip = reason === 'NotFilteredWhiteList';
+
                    return (
                        <div className="logs__row">
-                            {this.renderTooltip(isFiltered, rule)}
                            <ul className="list-unstyled">{liNodes}</ul>
+                            {this.renderTooltip(isRenderTooltip, rule, filterName)}
                        </div>
                    );
                }
                return (
                    <div className="logs__row">
-                        {this.renderTooltip(isFiltered, rule)}
-                        <span>Empty</span>
+                        <span><Trans>empty_response_status</Trans></span>
+                        {this.renderTooltip(isFiltered, rule, filterName)}
                    </div>
                );
            },
            filterMethod: (filter, row) => {
                if (filter.value === 'filtered') {
                    // eslint-disable-next-line no-underscore-dangle
-                    return row._original.reason.indexOf('Filtered') === 0;
+                    return row._original.reason.indexOf('Filtered') === 0 || row._original.reason === 'NotFilteredWhiteList';
                }
                return true;
            },
@@ -159,11 +185,11 @@ class Logs extends Component {
                    className="form-control"
                    value={filter ? filter.value : 'all'}
                >
-                    <option value="all">Show all</option>
-                    <option value="filtered">Show filtered</option>
+                    <option value="all">{ t('show_all_filter_type') }</option>
+                    <option value="filtered">{ t('show_filtered_type') }</option>
                </select>,
        }, {
-            Header: 'Client',
+            Header: t('client_table_header'),
            accessor: 'client',
            maxWidth: 250,
            Cell: (row) => {
@@ -191,7 +217,14 @@ class Logs extends Component {
                showPagination={true}
                defaultPageSize={50}
                minRows={7}
-                noDataText="No logs found"
+                // Text
+                previousText={ t('previous_btn') }
+                nextText={ t('next_btn') }
+                loadingText={ t('loading_table_status') }
+                pageText={ t('page_table_footer_text') }
+                ofText={ t('of_table_footer_text') }
+                rowsText={ t('rows_table_footer_text') }
+                noDataText={ t('no_logs_found') }
                defaultFilterMethod={(filter, row) => {
                    const id = filter.pivotId || filter.id;
                    return row[id] !== undefined ?
@@ -208,8 +241,19 @@ class Logs extends Component {
                    if (!rowInfo) {
                        return {};
                    }
+
+                    if (rowInfo.original.reason.indexOf('Filtered') === 0) {
+                        return {
+                            className: 'red',
+                        };
+                    } else if (rowInfo.original.reason === 'NotFilteredWhiteList') {
+                        return {
+                            className: 'green',
+                        };
+                    }
+
                    return {
-                        className: (rowInfo.original.reason.indexOf('Filtered') === 0 ? 'red' : ''),
+                        className: '',
                    };
                }}
                />);
@@ -233,17 +277,17 @@ class Logs extends Component {
                        className="btn btn-gray btn-sm mr-2"
                        type="submit"
                        onClick={() => this.props.toggleLogStatus(queryLogEnabled)}
-                    >Disable log</button>
+                    ><Trans>disabled_log_btn</Trans></button>
                    <button
                        className="btn btn-primary btn-sm mr-2"
                        type="submit"
                        onClick={this.handleDownloadButton}
-                    >Download log file</button>
+                    ><Trans>download_log_file_btn</Trans></button>
                    <button
                        className="btn btn-outline-primary btn-sm"
                        type="submit"
                        onClick={this.getLogs}
-                    >Refresh</button>
+                    ><Trans>refresh_btn</Trans></button>
                </Fragment>
            );
        }
@@ -253,16 +297,16 @@ class Logs extends Component {
                className="btn btn-success btn-sm mr-2"
                type="submit"
                onClick={() => this.props.toggleLogStatus(queryLogEnabled)}
-            >Enable log</button>
+            ><Trans>enabled_log_btn</Trans></button>
        );
    }

    render() {
-        const { queryLogs, dashboard } = this.props;
+        const { queryLogs, dashboard, t } = this.props;
        const { queryLogEnabled } = dashboard;
        return (
            <Fragment>
-                <PageTitle title="Query Log" subtitle="Last 5000 DNS queries">
+                <PageTitle title={ t('query_log') } subtitle={ t('last_dns_queries') }>
                    <div className="page-title__actions">
                        {this.renderButtons(queryLogEnabled)}
                    </div>
@@ -288,6 +332,7 @@ Logs.propTypes = {
    userRules: PropTypes.string,
    setRules: PropTypes.func,
    addSuccessToast: PropTypes.func,
+    t: PropTypes.func,
 };

-export default Logs;
+export default withNamespaces()(Logs);
--- a/client/src/components/Settings/Dhcp/Form.js
+++ b/client/src/components/Settings/Dhcp/Form.js
@@ -0,0 +1,149 @@
+import React, { Fragment } from 'react';
+import PropTypes from 'prop-types';
+import { Field, reduxForm } from 'redux-form';
+import { withNamespaces, Trans } from 'react-i18next';
+import flow from 'lodash/flow';
+
+import { R_IPV4 } from '../../../helpers/constants';
+
+const required = (value) => {
+    if (value || value === 0) {
+        return false;
+    }
+    return <Trans>form_error_required</Trans>;
+};
+
+const ipv4 = (value) => {
+    if (value && !new RegExp(R_IPV4).test(value)) {
+        return <Trans>form_error_ip_format</Trans>;
+    }
+    return false;
+};
+
+const isPositive = (value) => {
+    if ((value || value === 0) && (value <= 0)) {
+        return <Trans>form_error_positive</Trans>;
+    }
+    return false;
+};
+
+const toNumber = value => value && parseInt(value, 10);
+
+const renderField = ({
+    input, className, placeholder, type, disabled, meta: { touched, error },
+}) => (
+    <Fragment>
+        <input
+            {...input}
+            placeholder={placeholder}
+            type={type}
+            className={className}
+            disabled={disabled}
+        />
+        {!disabled && touched && (error && <span className="form__message form__message--error">{error}</span>)}
+    </Fragment>
+);
+
+const Form = (props) => {
+    const {
+        t,
+        handleSubmit,
+        pristine,
+        submitting,
+    } = props;
+
+    return (
+        <form onSubmit={handleSubmit}>
+            <div className="row">
+                <div className="col-lg-6">
+                    <div className="form__group form__group--dhcp">
+                        <label>{t('dhcp_form_gateway_input')}</label>
+                        <Field
+                            name="gateway_ip"
+                            component={renderField}
+                            type="text"
+                            className="form-control"
+                            placeholder={t('dhcp_form_gateway_input')}
+                            validate={[ipv4, required]}
+                        />
+                    </div>
+                    <div className="form__group form__group--dhcp">
+                        <label>{t('dhcp_form_subnet_input')}</label>
+                        <Field
+                            name="subnet_mask"
+                            component={renderField}
+                            type="text"
+                            className="form-control"
+                            placeholder={t('dhcp_form_subnet_input')}
+                            validate={[ipv4, required]}
+                        />
+                    </div>
+                </div>
+                <div className="col-lg-6">
+                    <div className="form__group form__group--dhcp">
+                        <div className="row">
+                            <div className="col-12">
+                                <label>{t('dhcp_form_range_title')}</label>
+                            </div>
+                            <div className="col">
+                                <Field
+                                    name="range_start"
+                                    component={renderField}
+                                    type="text"
+                                    className="form-control"
+                                    placeholder={t('dhcp_form_range_start')}
+                                    validate={[ipv4, required]}
+                                />
+                            </div>
+                            <div className="col">
+                                <Field
+                                    name="range_end"
+                                    component={renderField}
+                                    type="text"
+                                    className="form-control"
+                                    placeholder={t('dhcp_form_range_end')}
+                                    validate={[ipv4, required]}
+                                />
+                            </div>
+                        </div>
+                    </div>
+                    <div className="form__group form__group--dhcp">
+                        <label>{t('dhcp_form_lease_title')}</label>
+                        <Field
+                            name="lease_duration"
+                            component={renderField}
+                            type="number"
+                            className="form-control"
+                            placeholder={t('dhcp_form_lease_input')}
+                            validate={[required, isPositive]}
+                            normalize={toNumber}
+                        />
+                    </div>
+                </div>
+            </div>
+
+            <button
+                type="submit"
+                className="btn btn-success btn-standart"
+                disabled={pristine || submitting}
+            >
+                {t('save_config')}
+            </button>
+        </form>
+    );
+};
+
+Form.propTypes = {
+    handleSubmit: PropTypes.func,
+    pristine: PropTypes.bool,
+    submitting: PropTypes.bool,
+    interfaces: PropTypes.object,
+    processing: PropTypes.bool,
+    initialValues: PropTypes.object,
+    t: PropTypes.func,
+};
+
+export default flow([
+    withNamespaces(),
+    reduxForm({ form: 'dhcpForm' }),
+])(Form);
--- a/client/src/components/Settings/Dhcp/Interface.js
+++ b/client/src/components/Settings/Dhcp/Interface.js
@@ -0,0 +1,113 @@
+import React from 'react';
+import { connect } from 'react-redux';
+import PropTypes from 'prop-types';
+import { Field, reduxForm, formValueSelector } from 'redux-form';
+import { withNamespaces, Trans } from 'react-i18next';
+import flow from 'lodash/flow';
+
+const renderInterfaces = (interfaces => (
+    Object.keys(interfaces).map((item) => {
+        const option = interfaces[item];
+        const { name } = option;
+        const onlyIPv6 = option.ip_addresses.every(ip => ip.includes(':'));
+        let interfaceIP = option.ip_addresses[0];
+
+        if (!onlyIPv6) {
+            option.ip_addresses.forEach((ip) => {
+                if (!ip.includes(':')) {
+                    interfaceIP = ip;
+                }
+            });
+        }
+
+        return (
+            <option value={name} key={name} disabled={onlyIPv6}>
+                {name} - {interfaceIP}
+            </option>
+        );
+    })
+));
+
+const renderInterfaceValues = (interfaceValues => (
+    <ul className="list-unstyled mt-1 mb-0">
+        <li>
+            <span className="interface__title">MTU: </span>
+            {interfaceValues.mtu}
+        </li>
+        <li>
+            <span className="interface__title"><Trans>dhcp_hardware_address</Trans>: </span>
+            {interfaceValues.hardware_address}
+        </li>
+        <li>
+            <span className="interface__title"><Trans>dhcp_ip_addresses</Trans>: </span>
+            {
+                interfaceValues.ip_addresses
+                    .map(ip => <span key={ip} className="interface__ip">{ip}</span>)
+            }
+        </li>
+    </ul>
+));
+
+let Interface = (props) => {
+    const {
+        t,
+        handleChange,
+        interfaces,
+        processing,
+        interfaceValue,
+        enabled,
+    } = props;
+
+    return (
+        <form>
+            {!processing && interfaces &&
+                <div className="row">
+                    <div className="col-sm-12 col-md-6">
+                        <div className="form__group form__group--dhcp">
+                            <label>{t('dhcp_interface_select')}</label>
+                            <Field
+                                name="interface_name"
+                                component="select"
+                                className="form-control custom-select"
+                                onChange={handleChange}
+                            >
+                                <option value="" disabled={enabled}>{t('dhcp_interface_select')}</option>
+                                {renderInterfaces(interfaces)}
+                            </Field>
+                        </div>
+                    </div>
+                    {interfaceValue &&
+                        <div className="col-sm-12 col-md-6">
+                            {renderInterfaceValues(interfaces[interfaceValue])}
+                        </div>
+                    }
+                </div>
+            }
+            <hr/>
+        </form>
+    );
+};
+
+Interface.propTypes = {
+    handleChange: PropTypes.func,
+    interfaces: PropTypes.object,
+    processing: PropTypes.bool,
+    interfaceValue: PropTypes.string,
+    initialValues: PropTypes.object,
+    enabled: PropTypes.bool,
+    t: PropTypes.func,
+};
+
+const selector = formValueSelector('dhcpInterface');
+
+Interface = connect((state) => {
+    const interfaceValue = selector(state, 'interface_name');
+    return {
+        interfaceValue,
+    };
+})(Interface);
+
+export default flow([
+    withNamespaces(),
+    reduxForm({ form: 'dhcpInterface' }),
+])(Interface);
--- a/client/src/components/Settings/Dhcp/Leases.js
+++ b/client/src/components/Settings/Dhcp/Leases.js
@@ -0,0 +1,36 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import ReactTable from 'react-table';
+import { withNamespaces } from 'react-i18next';
+
+const columns = [{
+    Header: 'MAC',
+    accessor: 'mac',
+}, {
+    Header: 'IP',
+    accessor: 'ip',
+}, {
+    Header: 'Hostname',
+    accessor: 'hostname',
+}, {
+    Header: 'Expires',
+    accessor: 'expires',
+}];
+
+const Leases = props => (
+    <ReactTable
+        data={props.leases || []}
+        columns={columns}
+        showPagination={false}
+        noDataText={ props.t('dhcp_leases_not_found') }
+        minRows={6}
+        className="-striped -highlight card-table-overflow"
+    />
+);
+
+Leases.propTypes = {
+    leases: PropTypes.array,
+    t: PropTypes.func,
+};
+
+export default withNamespaces()(Leases);
--- a/client/src/components/Settings/Dhcp/index.js
+++ b/client/src/components/Settings/Dhcp/index.js
@@ -0,0 +1,159 @@
+import React, { Component, Fragment } from 'react';
+import PropTypes from 'prop-types';
+import classnames from 'classnames';
+import { Trans, withNamespaces } from 'react-i18next';
+
+import Form from './Form';
+import Leases from './Leases';
+import Interface from './Interface';
+import Card from '../../ui/Card';
+
+class Dhcp extends Component {
+    handleFormSubmit = (values) => {
+        this.props.setDhcpConfig(values);
+    };
+
+    handleFormChange = (value) => {
+        this.props.setDhcpConfig(value);
+    }
+
+    handleToggle = (config) => {
+        this.props.toggleDhcp(config);
+        this.props.findActiveDhcp(config.interface_name);
+    }
+
+    getToggleDhcpButton = () => {
+        const { config, active } = this.props.dhcp;
+        const activeDhcpFound = active && active.found;
+        const filledConfig = Object.keys(config).every((key) => {
+            if (key === 'enabled') {
+                return true;
+            }
+
+            return config[key];
+        });
+
+        if (config.enabled) {
+            return (
+                <button
+                    type="button"
+                    className="btn btn-standart mr-2 btn-gray"
+                    onClick={() => this.props.toggleDhcp(config)}
+                >
+                    <Trans>dhcp_disable</Trans>
+                </button>
+            );
+        }
+
+        return (
+            <button
+                type="button"
+                className="btn btn-standart mr-2 btn-success"
+                onClick={() => this.handleToggle(config)}
+                disabled={!filledConfig || activeDhcpFound}
+            >
+                <Trans>dhcp_enable</Trans>
+            </button>
+        );
+    }
+
+    getActiveDhcpMessage = () => {
+        const { active } = this.props.dhcp;
+
+        if (active) {
+            if (active.error) {
+                return (
+                    <div className="text-danger">
+                        {active.error}
+                    </div>
+                );
+            }
+
+            return (
+                <Fragment>
+                    {active.found ? (
+                        <div className="text-danger">
+                            <Trans>dhcp_found</Trans>
+                        </div>
+                    ) : (
+                        <div className="text-secondary">
+                            <Trans>dhcp_not_found</Trans>
+                        </div>
+                    )}
+                </Fragment>
+            );
+        }
+
+        return '';
+    }
+
+    render() {
+        const { t, dhcp } = this.props;
+        const statusButtonClass = classnames({
+            'btn btn-primary btn-standart': true,
+            'btn btn-primary btn-standart btn-loading': dhcp.processingStatus,
+        });
+
+        return (
+            <Fragment>
+                <Card title={ t('dhcp_title') } subtitle={ t('dhcp_description') } bodyType="card-body box-body--settings">
+                    <div className="dhcp">
+                        {!dhcp.processing &&
+                            <Fragment>
+                                <Interface
+                                    onChange={this.handleFormChange}
+                                    initialValues={dhcp.config}
+                                    interfaces={dhcp.interfaces}
+                                    processing={dhcp.processingInterfaces}
+                                    enabled={dhcp.config.enabled}
+                                />
+                                <Form
+                                    onSubmit={this.handleFormSubmit}
+                                    initialValues={dhcp.config}
+                                    interfaces={dhcp.interfaces}
+                                    processing={dhcp.processingInterfaces}
+                                />
+                                <hr/>
+                                <div className="card-actions mb-3">
+                                    {this.getToggleDhcpButton()}
+                                    <button
+                                        type="button"
+                                        className={statusButtonClass}
+                                        onClick={() =>
+                                            this.props.findActiveDhcp(dhcp.config.interface_name)
+                                        }
+                                        disabled={!dhcp.config.interface_name}
+                                    >
+                                        <Trans>check_dhcp_servers</Trans>
+                                    </button>
+                                </div>
+                                {this.getActiveDhcpMessage()}
+                            </Fragment>
+                        }
+                    </div>
+                </Card>
+                {!dhcp.processing && dhcp.config.enabled &&
+                    <Card title={ t('dhcp_leases') } bodyType="card-body box-body--settings">
+                        <div className="row">
+                            <div className="col">
+                                <Leases leases={dhcp.leases} />
+                            </div>
+                        </div>
+                    </Card>
+                }
+            </Fragment>
+        );
+    }
+}
+
+Dhcp.propTypes = {
+    dhcp: PropTypes.object,
+    toggleDhcp: PropTypes.func,
+    getDhcpStatus: PropTypes.func,
+    setDhcpConfig: PropTypes.func,
+    findActiveDhcp: PropTypes.func,
+    handleSubmit: PropTypes.func,
+    t: PropTypes.func,
+};
+
+export default withNamespaces()(Dhcp);
--- a/client/src/components/Settings/Settings.css
+++ b/client/src/components/Settings/Settings.css
@@ -1,4 +1,5 @@
 .form__group {
+    position: relative;
    margin-bottom: 15px;
 }

@@ -6,6 +7,10 @@
    margin-bottom: 0;
 }

+.form__group--dhcp:last-child {
+    margin-bottom: 15px;
+}
+
 .btn-standart {
    padding-left: 20px;
    padding-right: 20px;
@@ -18,3 +23,28 @@
 .form-control--textarea-large {
    min-height: 240px;
 }
+
+.form__message {
+    font-size: 11px;
+}
+
+.form__message--error {
+    color: #cd201f;
+}
+
+.interface__title {
+    font-size: 13px;
+    font-weight: 700;
+}
+
+.interface__ip:after {
+    content: ", ";
+}
+
+.interface__ip:last-child:after {
+    content: "";
+}
+
+.dhcp {
+    min-height: 450px;
+}
--- a/client/src/components/Settings/Upstream.js
+++ b/client/src/components/Settings/Upstream.js
@@ -1,9 +1,10 @@
 import React, { Component } from 'react';
 import PropTypes from 'prop-types';
 import classnames from 'classnames';
+import { Trans, withNamespaces } from 'react-i18next';
 import Card from '../ui/Card';

-export default class Upstream extends Component {
+class Upstream extends Component {
    handleChange = (e) => {
        const { value } = e.currentTarget;
        this.props.handleUpstreamChange(value);
@@ -23,11 +24,12 @@ export default class Upstream extends Component {
            'btn btn-primary btn-standart mr-2': true,
            'btn btn-primary btn-standart mr-2 btn-loading': this.props.processingTestUpstream,
        });
+        const { t } = this.props;

        return (
            <Card
-                title="Upstream DNS servers"
-                subtitle="If you keep this field empty, AdGuard Home will use <a href='https://1.1.1.1/' target='_blank'>Cloudflare DNS</a> as an upstream. Use tls:// prefix for DNS over TLS servers."
+                title={ t('upstream_dns') }
+                subtitle={ t('upstream_dns_hint') }
                bodyType="card-body box-body--settings"
            >
                <div className="row">
@@ -44,17 +46,38 @@ export default class Upstream extends Component {
                                    type="button"
                                    onClick={this.handleTest}
                                >
-                                    Test upstreams
+                                    <Trans>test_upstream_btn</Trans>
                                </button>
                                <button
                                    className="btn btn-success btn-standart"
                                    type="submit"
                                    onClick={this.handleSubmit}
                                >
-                                    Apply
+                                    <Trans>apply_btn</Trans>
                                </button>
                            </div>
                        </form>
+                        <hr/>
+                        <div className="list leading-loose">
+                            <Trans>examples_title</Trans>:
+                            <ol className="leading-loose">
+                                <li>
+                                    <code>1.1.1.1</code> - { t('example_upstream_regular') }
+                                </li>
+                                <li>
+                                    <code>tls://1dot1dot1dot1.cloudflare-dns.com</code> - <span dangerouslySetInnerHTML={{ __html: t('example_upstream_dot') }} />
+                                </li>
+                                <li>
+                                    <code>https://cloudflare-dns.com/dns-query</code> - <span dangerouslySetInnerHTML={{ __html: t('example_upstream_doh') }} />
+                                </li>
+                                <li>
+                                    <code>tcp://1.1.1.1</code> - { t('example_upstream_tcp') }
+                                </li>
+                                <li>
+                                    <code>sdns://...</code> - <span dangerouslySetInnerHTML={{ __html: t('example_upstream_sdns') }} />
+                                </li>
+                            </ol>
+                        </div>
                    </div>
                </div>
            </Card>
@@ -68,4 +91,7 @@ Upstream.propTypes = {
    handleUpstreamChange: PropTypes.func,
    handleUpstreamSubmit: PropTypes.func,
    handleUpstreamTest: PropTypes.func,
+    t: PropTypes.func,
 };
+
+export default withNamespaces()(Upstream);
--- a/client/src/components/Settings/index.js
+++ b/client/src/components/Settings/index.js
@@ -1,38 +1,42 @@
 import React, { Component, Fragment } from 'react';
 import PropTypes from 'prop-types';
+import { withNamespaces, Trans } from 'react-i18next';
 import Upstream from './Upstream';
+import Dhcp from './Dhcp';
 import Checkbox from '../ui/Checkbox';
 import Loading from '../ui/Loading';
 import PageTitle from '../ui/PageTitle';
 import Card from '../ui/Card';
 import './Settings.css';

-export default class Settings extends Component {
+class Settings extends Component {
    settings = {
        filtering: {
            enabled: false,
-            title: 'Block domains using filters and hosts files',
-            subtitle: 'You can setup blocking rules in the <a href="#filters">Filters</a> settings.',
+            title: 'block_domain_use_filters_and_hosts',
+            subtitle: 'filters_block_toggle_hint',
        },
        safebrowsing: {
            enabled: false,
-            title: 'Use AdGuard browsing security web service',
-            subtitle: 'AdGuard Home will check if domain is blacklisted by the browsing security web service. It will use privacy-friendly lookup API to perform the check: only a short prefix of the domain name SHA256 hash is sent to the server.',
+            title: 'use_adguard_browsing_sec',
+            subtitle: 'use_adguard_browsing_sec_hint',
        },
        parental: {
            enabled: false,
-            title: 'Use AdGuard parental control web service',
-            subtitle: 'AdGuard Home will check if domain contains adult materials. It uses the same privacy-friendly API as the browsing security web service.',
+            title: 'use_adguard_parental',
+            subtitle: 'use_adguard_parental_hint',
        },
        safesearch: {
            enabled: false,
-            title: 'Enforce safe search',
-            subtitle: 'AdGuard Home can enforce safe search in the following search engines: Google, Bing, Yandex.',
+            title: 'enforce_safe_search',
+            subtitle: 'enforce_save_search_hint',
        },
    };

    componentDidMount() {
        this.props.initSettings(this.settings);
+        this.props.getDhcpStatus();
+        this.props.getDhcpInterfaces();
    }

    handleUpstreamChange = (value) => {
@@ -47,7 +51,7 @@ export default class Settings extends Component {
        if (this.props.dashboard.upstreamDns.length > 0) {
            this.props.testUpstream(this.props.dashboard.upstreamDns);
        } else {
-            this.props.addErrorToast({ error: 'No servers specified' });
+            this.props.addErrorToast({ error: this.props.t('no_servers_specified') });
        }
    };

@@ -64,22 +68,22 @@ export default class Settings extends Component {
            });
        }
        return (
-            <div>No settings</div>
+            <div><Trans>no_settings</Trans></div>
        );
    }

    render() {
-        const { settings } = this.props;
+        const { settings, t } = this.props;
        const { upstreamDns } = this.props.dashboard;
        return (
            <Fragment>
-                <PageTitle title="Settings" />
+                <PageTitle title={ t('settings') } />
                {settings.processing && <Loading />}
                {!settings.processing &&
                    <div className="content">
                        <div className="row">
                            <div className="col-md-12">
-                                <Card title="General settings" bodyType="card-body box-body--settings">
+                                <Card title={ t('general_settings') } bodyType="card-body box-body--settings">
                                    <div className="form">
                                        {this.renderSettings(settings.settingsList)}
                                    </div>
@@ -91,6 +95,13 @@ export default class Settings extends Component {
                                    handleUpstreamSubmit={this.handleUpstreamSubmit}
                                    handleUpstreamTest={this.handleUpstreamTest}
                                />
+                                <Dhcp
+                                    dhcp={this.props.dhcp}
+                                    toggleDhcp={this.props.toggleDhcp}
+                                    getDhcpStatus={this.props.getDhcpStatus}
+                                    findActiveDhcp={this.props.findActiveDhcp}
+                                    setDhcpConfig={this.props.setDhcpConfig}
+                                />
                            </div>
                        </div>
                    </div>
@@ -108,4 +119,7 @@ Settings.propTypes = {
    handleUpstreamChange: PropTypes.func,
    setUpstream: PropTypes.func,
    upstream: PropTypes.string,
+    t: PropTypes.func,
 };
+
+export default withNamespaces()(Settings);
--- a/client/src/components/Toasts/Toast.css
+++ b/client/src/components/Toasts/Toast.css
@@ -2,7 +2,7 @@
    position: fixed;
    right: 24px;
    bottom: 24px;
-    z-index: 10;
+    z-index: 103;
    width: 345px;
 }

--- a/client/src/components/Toasts/Toast.js
+++ b/client/src/components/Toasts/Toast.js
@@ -1,5 +1,6 @@
 import React, { Component } from 'react';
 import PropTypes from 'prop-types';
+import { Trans, withNamespaces } from 'react-i18next';

 class Toast extends Component {
    componentDidMount() {
@@ -18,7 +19,7 @@ class Toast extends Component {
        return (
            <div className={`toast toast--${this.props.type}`}>
                <p className="toast__content">
-                    {this.props.message}
+                    <Trans>{this.props.message}</Trans>
                </p>
                <button className="toast__dismiss" onClick={() => this.props.removeToast(this.props.id)}>
                    <svg stroke="#fff" fill="none" width="20" height="20" strokeWidth="2" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><path d="m18 6-12 12"/><path d="m6 6 12 12"/></svg>
@@ -35,4 +36,4 @@ Toast.propTypes = {
    removeToast: PropTypes.func.isRequired,
 };

-export default Toast;
+export default withNamespaces()(Toast);
--- a/client/src/components/ui/Card.css
+++ b/client/src/components/ui/Card.css
@@ -49,15 +49,14 @@
 }

 .card-title-stats {
+    font-size: 13px;
    color: #9aa0ac;
-    white-space: nowrap;
-    text-overflow: ellipsis;
-    overflow: hidden;
 }

 .card-body-stats {
    position: relative;
    flex: 1 1 auto;
+    height: calc(100% - 3rem);
    margin: 0;
    padding: 1rem 1.5rem;
 }
@@ -84,3 +83,17 @@
 .card-value-percent:after {
    content: "%";
 }
+
+.card--full {
+    height: calc(100% - 1.5rem);
+}
+
+.card-wrap {
+    height: 100%;
+}
+
+@media screen and (min-width: 1280px) {
+    .card-title-stats {
+        font-size: 14px;
+    }
+}
--- a/client/src/components/ui/Card.js
+++ b/client/src/components/ui/Card.js
@@ -4,8 +4,8 @@ import PropTypes from 'prop-types';
 import './Card.css';

 const Card = props => (
-    <div className="card">
-        { props.title &&
+    <div className={props.type ? `card ${props.type}` : 'card'}>
+        {props.title &&
        <div className="card-header with-border">
            <div className="card-inner">
                <div className="card-title">
@@ -33,6 +33,7 @@ Card.propTypes = {
    title: PropTypes.string,
    subtitle: PropTypes.string,
    bodyType: PropTypes.string,
+    type: PropTypes.string,
    refresh: PropTypes.node,
    children: PropTypes.node.isRequired,
 };
--- a/client/src/components/ui/Checkbox.js
+++ b/client/src/components/ui/Checkbox.js
@@ -1,5 +1,6 @@
 import React, { Component } from 'react';
 import PropTypes from 'prop-types';
+import { withNamespaces } from 'react-i18next';

 import './Checkbox.css';

@@ -10,6 +11,7 @@ class Checkbox extends Component {
            subtitle,
            enabled,
            handleChange,
+            t,
        } = this.props;
        return (
            <div className="form__group">
@@ -18,8 +20,8 @@ class Checkbox extends Component {
                <input type="checkbox" className="checkbox__input" onChange={handleChange} checked={enabled}/>
                <span className="checkbox__label">
                    <span className="checkbox__label-text">
-                    <span className="checkbox__label-title">{title}</span>
-                    <span className="checkbox__label-subtitle" dangerouslySetInnerHTML={{ __html: subtitle }}/>
+                    <span className="checkbox__label-title">{ t(title) }</span>
+                    <span className="checkbox__label-subtitle" dangerouslySetInnerHTML={{ __html: t(subtitle) }}/>
                    </span>
                </span>
                </label>
@@ -33,6 +35,7 @@ Checkbox.propTypes = {
    subtitle: PropTypes.string.isRequired,
    enabled: PropTypes.bool.isRequired,
    handleChange: PropTypes.func.isRequired,
+    t: PropTypes.func,
 };

-export default Checkbox;
+export default withNamespaces()(Checkbox);
--- a/client/src/components/ui/Footer.css
+++ b/client/src/components/ui/Footer.css
@@ -0,0 +1,45 @@
+.footer__row {
+    display: flex;
+    align-items: center;
+    flex-direction: column;
+}
+
+.footer__column {
+    margin-bottom: 15px;
+}
+
+.footer__column--language {
+    min-width: 220px;
+    margin-bottom: 0;
+}
+
+.footer__link {
+    display: inline-block;
+    vertical-align: middle;
+    margin-right: 15px;
+}
+
+.footer__link--report {
+    position: relative;
+    top: 1px;
+    margin-right: 0;
+}
+
+@media screen and (min-width: 768px) {
+    .footer__copyright {
+        margin-right: 25px;
+    }
+
+    .footer__row {
+        flex-direction: row;
+    }
+
+    .footer__column {
+        margin-bottom: 0;
+    }
+
+    .footer__column--language {
+        min-width: initial;
+        margin-left: auto;
+    }
+}
--- a/client/src/components/ui/Footer.js
+++ b/client/src/components/ui/Footer.js
@@ -1,5 +1,10 @@
 import React, { Component } from 'react';
-import { REPOSITORY } from '../../helpers/constants';
+import { Trans, withNamespaces } from 'react-i18next';
+import { REPOSITORY, LANGUAGES } from '../../helpers/constants';
+import i18n from '../../i18n';
+
+import './Footer.css';
+import './Select.css';

 class Footer extends Component {
    getYear = () => {
@@ -7,30 +12,36 @@ class Footer extends Component {
        return today.getFullYear();
    };

+    changeLanguage = (event) => {
+        i18n.changeLanguage(event.target.value);
+    }
+
    render() {
        return (
            <footer className="footer">
                <div className="container">
-                    <div className="row align-items-center flex-row">
-                        <div className="col-12 col-lg-auto mt-3 mt-lg-0 text-center">
-                            <div className="row align-items-center justify-content-center">
-                                <div className="col-auto">
-                                    Copyright © {this.getYear()} <a href="https://adguard.com/">AdGuard</a>
-                                </div>
-                                <div className="col-auto">
-                                    <ul className="list-inline text-center mb-0">
-                                        <li className="list-inline-item">
-                                            <a href={REPOSITORY.URL} target="_blank" rel="noopener noreferrer">Homepage</a>
-                                        </li>
-                                    </ul>
-                                </div>
-                                <div className="col-auto">
-                                    <a href={`${REPOSITORY.URL}/issues/new`} className="btn btn-outline-primary btn-sm" target="_blank" rel="noopener noreferrer">
-                                        Report an issue
-                                    </a>
-                                </div>
+                    <div className="footer__row">
+                        <div className="footer__column">
+                            <div className="footer__copyright">
+                                <Trans>copyright</Trans> © {this.getYear()} <a href="https://adguard.com/">AdGuard</a>
                            </div>
                        </div>
+                        <div className="footer__column">
+                            <a href={REPOSITORY.URL} className="footer__link" target="_blank" rel="noopener noreferrer">
+                                <Trans>homepage</Trans>
+                            </a>
+                            <a href={`${REPOSITORY.URL}/issues/new`} className="btn btn-outline-primary btn-sm footer__link footer__link--report" target="_blank" rel="noopener noreferrer">
+                                <Trans>report_an_issue</Trans>
+                            </a>
+                        </div>
+                        <div className="footer__column footer__column--language">
+                            <select className="form-control select select--language" value={i18n.language} onChange={this.changeLanguage}>
+                                {LANGUAGES.map(language =>
+                                    <option key={language.key} value={language.key}>
+                                        {language.name}
+                                    </option>)}
+                            </select>
+                        </div>
                    </div>
                </div>
            </footer>
@@ -38,4 +49,4 @@ class Footer extends Component {
    }
 }

-export default Footer;
+export default withNamespaces()(Footer);
--- a/client/src/components/ui/Line.js
+++ b/client/src/components/ui/Line.js
@@ -19,11 +19,11 @@ const Line = props => (
            curve='linear'
            axisBottom={{
                tickSize: 0,
-                tickPadding: 0,
+                tickPadding: 10,
            }}
            axisLeft={{
                tickSize: 0,
-                tickPadding: 0,
+                tickPadding: 10,
            }}
            enableGridX={false}
            enableGridY={false}
--- a/client/src/components/ui/Modal.js
+++ b/client/src/components/ui/Modal.js
@@ -2,6 +2,7 @@ import React, { Component } from 'react';
 import PropTypes from 'prop-types';
 import ReactModal from 'react-modal';
 import classnames from 'classnames';
+import { Trans, withNamespaces } from 'react-i18next';
 import { R_URL_REQUIRES_PROTOCOL } from '../../helpers/constants';
 import './Modal.css';

@@ -13,7 +14,7 @@ const initialState = {
    isUrlValid: false,
 };

-export default class Modal extends Component {
+class Modal extends Component {
    state = initialState;

    // eslint-disable-next-line
@@ -70,8 +71,8 @@ export default class Modal extends Component {
            if (!this.props.isFilterAdded) {
                return (
                    <React.Fragment>
-                        <input type="text" className={inputNameClass} placeholder="Enter name" onChange={this.handleNameChange} />
-                        <input type="text" className={inputUrlClass} placeholder="Enter URL" onChange={this.handleUrlChange} />
+                        <input type="text" className={inputNameClass} placeholder={ this.props.t('enter_name_hint') } onChange={this.handleNameChange} />
+                        <input type="text" className={inputUrlClass} placeholder={ this.props.t('enter_url_hint') } onChange={this.handleUrlChange} />
                        {inputDescription &&
                            <div className="description">
                                {inputDescription}
@@ -81,7 +82,7 @@ export default class Modal extends Component {
            }
            return (
                <div className="description">
-                    Url added successfully
+                    <Trans>Url added successfully</Trans>
                </div>
            );
        };
@@ -110,8 +111,8 @@ export default class Modal extends Component {
                    {
                        !this.props.isFilterAdded &&
                            <div className="modal-footer">
-                                <button type="button" className="btn btn-secondary" onClick={this.closeModal}>Cancel</button>
-                                <button type="button" className="btn btn-success" onClick={this.handleNext} disabled={isValidForSubmit}>Add filter</button>
+                                <button type="button" className="btn btn-secondary" onClick={this.closeModal}><Trans>cancel_btn</Trans></button>
+                                <button type="button" className="btn btn-success" onClick={this.handleNext} disabled={isValidForSubmit}><Trans>add_filter_btn</Trans></button>
                            </div>
                    }
                </div>
@@ -127,4 +128,7 @@ Modal.propTypes = {
    inputDescription: PropTypes.string,
    addFilter: PropTypes.func.isRequired,
    isFilterAdded: PropTypes.bool,
+    t: PropTypes.func,
 };
+
+export default withNamespaces()(Modal);
--- a/client/src/components/ui/Popover.css
+++ b/client/src/components/ui/Popover.css
@@ -1,7 +1,9 @@
 .popover-wrap {
    position: relative;
+    top: 1px;
    display: inline-block;
    vertical-align: middle;
+    align-self: flex-start;
 }

 .popover__trigger {
@@ -24,9 +26,9 @@
    content: "";
    display: flex;
    position: absolute;
-    min-width: 275px;
    bottom: calc(100% + 3px);
    left: 50%;
+    min-width: 275px;
    padding: 10px 15px;
    font-size: 0.8rem;
    white-space: normal;
@@ -39,6 +41,10 @@
    opacity: 0;
 }

+.popover__body--filter {
+    min-width: 100%;
+}
+
 .popover__body:after {
    content: "";
    position: absolute;
@@ -63,6 +69,10 @@
    stroke: #9aa0ac;
 }

+.popover__icon--green {
+    stroke: #66b574;
+}
+
 .popover__list-title {
    margin-bottom: 3px;
 }
@@ -71,6 +81,13 @@
    margin-bottom: 2px;
 }

+.popover__list-item--nowrap {
+    max-width: 300px;
+    text-overflow: ellipsis;
+    white-space: nowrap;
+    overflow: hidden;
+}
+
 .popover__list-item:last-child {
    margin-bottom: 0;
 }
--- a/client/src/components/ui/Popover.js
+++ b/client/src/components/ui/Popover.js
@@ -1,5 +1,6 @@
 import React, { Component } from 'react';
 import PropTypes from 'prop-types';
+import { Trans, withNamespaces } from 'react-i18next';
 import { getSourceData } from '../../helpers/trackers/trackers';
 import { captitalizeWords } from '../../helpers/helpers';

@@ -13,13 +14,13 @@ class Popover extends Component {

        const source = (
            <div className="popover__list-item">
-                Source: <a className="popover__link" target="_blank" rel="noopener noreferrer" href={sourceData.url}><strong>{sourceData.name}</strong></a>
+                <Trans>source_label</Trans>: <a className="popover__link" target="_blank" rel="noopener noreferrer" href={sourceData.url}><strong>{sourceData.name}</strong></a>
            </div>
        );

        const tracker = (
            <div className="popover__list-item">
-                Name: <a className="popover__link" target="_blank" rel="noopener noreferrer" href={data.url}><strong>{data.name}</strong></a>
+                <Trans>name_table_header</Trans>: <a className="popover__link" target="_blank" rel="noopener noreferrer" href={data.url}><strong>{data.name}</strong></a>
            </div>
        );

@@ -33,11 +34,12 @@ class Popover extends Component {
                <div className="popover__body">
                    <div className="popover__list">
                        <div className="popover__list-title">
-                            Found in the known domains database.
+                            <Trans>found_in_known_domain_db</Trans>
                        </div>
                        {tracker}
                        <div className="popover__list-item">
-                            Category: <strong>{categoryName}</strong>
+                            <Trans>category_label</Trans>: <strong>
+                            <Trans>{categoryName}</Trans></strong>
                        </div>
                        {source}
                    </div>
@@ -51,4 +53,4 @@ Popover.propTypes = {
    data: PropTypes.object.isRequired,
 };

-export default Popover;
+export default withNamespaces()(Popover);
--- a/client/src/components/ui/PopoverFilter.js
+++ b/client/src/components/ui/PopoverFilter.js
@@ -0,0 +1,34 @@
+import React, { Component } from 'react';
+import PropTypes from 'prop-types';
+import { Trans, withNamespaces } from 'react-i18next';
+
+import './Popover.css';
+
+class PopoverFilter extends Component {
+    render() {
+        return (
+            <div className="popover-wrap">
+                <div className="popover__trigger popover__trigger--filter">
+                    <svg className="popover__icon popover__icon--green" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" strokeWidth="2" strokeLinecap="round" strokeLinejoin="round"><circle cx="12" cy="12" r="10"></circle><path d="M9.09 9a3 3 0 0 1 5.83 1c0 2-3 3-3 3"></path><line x1="12" y1="17" x2="12" y2="17"></line></svg>
+                </div>
+                <div className="popover__body popover__body--filter">
+                    <div className="popover__list">
+                        <div className="popover__list-item popover__list-item--nowrap">
+                            <Trans>rule_label</Trans>: <strong>{this.props.rule}</strong>
+                        </div>
+                        {this.props.filter && <div className="popover__list-item popover__list-item--nowrap">
+                            <Trans>filter_label</Trans>: <strong>{this.props.filter}</strong>
+                        </div>}
+                    </div>
+                </div>
+            </div>
+        );
+    }
+}
+
+PopoverFilter.propTypes = {
+    rule: PropTypes.string.isRequired,
+    filter: PropTypes.string,
+};
+
+export default withNamespaces()(PopoverFilter);
--- a/client/src/components/ui/ReactTable.css
+++ b/client/src/components/ui/ReactTable.css
@@ -11,3 +11,7 @@
 .rt-tr-group .red {
    background-color: #fff4f2;
 }
+
+.rt-tr-group .green {
+    background-color: #f1faf3;
+}
--- a/client/src/components/ui/Select.css
+++ b/client/src/components/ui/Select.css
@@ -0,0 +1,16 @@
+.select.select--language {
+    height: 45px;
+    padding: 0 32px 2px 33px;
+    outline: 0;
+    border-color: rgba(0, 40, 100, 0.12);
+    background-image: url("./svg/globe.svg"), url("./svg/chevron-down.svg");
+    background-repeat: no-repeat, no-repeat;
+    background-position: left 11px center, right 9px center;
+    background-size: 14px, 17px 20px;
+    appearance: none;
+    cursor: pointer;
+}
+
+.select--language::-ms-expand {
+    opacity: 0;
+}
--- a/client/src/components/ui/Tabler.css
+++ b/client/src/components/ui/Tabler.css
@@ -10373,6 +10373,8 @@ body.fixed-header .header {
    font-size: 0.875rem;
    padding: 1.25rem 0;
    color: #9aa0ac;
+    position: relative;
+    z-index: 102;
 }

 .footer a:not(.btn) {
--- a/client/src/components/ui/Tooltip.css
+++ b/client/src/components/ui/Tooltip.css
@@ -50,5 +50,5 @@
 }

 .tooltip-custom--narrow:before {
-    width: 206px;
+    width: 220px;
 }
--- a/client/src/components/ui/svg/chevron-down.svg
+++ b/client/src/components/ui/svg/chevron-down.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="#9aa0ac" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-down"><polyline points="6 9 12 15 18 9"></polyline></svg>
--- a/client/src/components/ui/svg/globe.svg
+++ b/client/src/components/ui/svg/globe.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="#9aa0ac" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-globe"><circle cx="12" cy="12" r="10"/><path d="M2 12h20M12 2a15.3 15.3 0 0 1 4 10 15.3 15.3 0 0 1-4 10 15.3 15.3 0 0 1-4-10 15.3 15.3 0 0 1 4-10z"/></svg>
--- a/client/src/containers/Settings.js
+++ b/client/src/containers/Settings.js
@@ -1,10 +1,22 @@
 import { connect } from 'react-redux';
-import { initSettings, toggleSetting, handleUpstreamChange, setUpstream, testUpstream, addErrorToast } from '../actions';
+import {
+    initSettings,
+    toggleSetting,
+    handleUpstreamChange,
+    setUpstream,
+    testUpstream,
+    addErrorToast,
+    toggleDhcp,
+    getDhcpStatus,
+    getDhcpInterfaces,
+    setDhcpConfig,
+    findActiveDhcp,
+} from '../actions';
 import Settings from '../components/Settings';

 const mapStateToProps = (state) => {
-    const { settings, dashboard } = state;
-    const props = { settings, dashboard };
+    const { settings, dashboard, dhcp } = state;
+    const props = { settings, dashboard, dhcp };
    return props;
 };

@@ -15,6 +27,11 @@ const mapDispatchToProps = {
    setUpstream,
    testUpstream,
    addErrorToast,
+    toggleDhcp,
+    getDhcpStatus,
+    getDhcpInterfaces,
+    setDhcpConfig,
+    findActiveDhcp,
 };

 export default connect(
--- a/client/src/helpers/constants.js
+++ b/client/src/helpers/constants.js
@@ -1,12 +1,13 @@
 export const R_URL_REQUIRES_PROTOCOL = /^https?:\/\/\w[\w_\-.]*\.[a-z]{2,8}[^\s]*$/;
+export const R_IPV4 = /^(?:(?:^|\.)(?:2(?:5[0-5]|[0-4]\d)|1?\d?\d)){4}$/g;

 export const STATS_NAMES = {
-    avg_processing_time: 'Average processing time',
+    avg_processing_time: 'average_processing_time',
    blocked_filtering: 'Blocked by filters',
    dns_queries: 'DNS queries',
-    replaced_parental: 'Blocked adult websites',
-    replaced_safebrowsing: 'Blocked malware/phishing',
-    replaced_safesearch: 'Enforced safe search',
+    replaced_parental: 'stats_adult',
+    replaced_safebrowsing: 'stats_malware_phishing',
+    replaced_safesearch: 'enforced_save_search',
 };

 export const STATUS_COLORS = {
@@ -20,3 +21,42 @@ export const REPOSITORY = {
    URL: 'https://github.com/AdguardTeam/AdGuardHome',
    TRACKERS_DB: 'https://github.com/AdguardTeam/AdGuardHome/tree/master/client/src/helpers/trackers/adguard.json',
 };
+
+export const LANGUAGES = [
+    {
+        key: 'en',
+        name: 'English',
+    },
+    {
+        key: 'es',
+        name: 'Español',
+    },
+    {
+        key: 'fr',
+        name: 'Français',
+    },
+    {
+        key: 'pt-br',
+        name: 'Português (BR)',
+    },
+    {
+        key: 'sv',
+        name: 'Svenska',
+    },
+    {
+        key: 'vi',
+        name: 'Tiếng Việt',
+    },
+    {
+        key: 'ru',
+        name: 'Русский',
+    },
+    {
+        key: 'ja',
+        name: '日本語',
+    },
+    {
+        key: 'zh-tw',
+        name: '正體中文',
+    },
+];
--- a/client/src/helpers/helpers.js
+++ b/client/src/helpers/helpers.js
@@ -18,6 +18,7 @@ export const normalizeLogs = logs => logs.map((log) => {
        answer: response,
        reason,
        client,
+        filterId,
        rule,
    } = log;
    const { host: domain, type } = question;
@@ -32,6 +33,7 @@ export const normalizeLogs = logs => logs.map((log) => {
        response: responsesArray,
        reason,
        client,
+        filterId,
        rule,
    };
 });
@@ -64,11 +66,11 @@ export const normalizeFilteringStatus = (filteringStatus) => {
    const { enabled, filters, user_rules: userRules } = filteringStatus;
    const newFilters = filters ? filters.map((filter) => {
        const {
-            url, enabled, last_updated: lastUpdated = Date.now(), name = 'Default name', rules_count: rulesCount = 0,
+            id, url, enabled, lastUpdated: lastUpdated = Date.now(), name = 'Default name', rulesCount: rulesCount = 0,
        } = filter;

        return {
-            url, enabled, lastUpdated: formatTime(lastUpdated), name, rulesCount,
+            id, url, enabled, lastUpdated: formatTime(lastUpdated), name, rulesCount,
        };
    }) : [];
    const newUserRules = Array.isArray(userRules) ? userRules.join('\n') : '';
--- a/client/src/helpers/trackers/adguard.json
+++ b/client/src/helpers/trackers/adguard.json
@@ -61,6 +61,11 @@
            "name": "Branch.io",
            "categoryId": 101,
            "url": "https://branch.io/"
+        },
+        "adocean": {
+            "name": "Gemius Adocean",
+            "categoryId": 4,
+            "url": "https://adocean-global.com/"
        }
    },
    "trackerDomains": {
@@ -72,6 +77,7 @@
        "appsflyer.com": "appsflyer",
        "appmetrica.yandex.com": "yandex_appmetrica",
        "adjust.com": "adjust",
-        "mobileapptracking.com": "branch"
+        "mobileapptracking.com": "branch",
+        "adocean.cz": "adocean"
    }
 }
--- a/client/src/helpers/trackers/trackers.js
+++ b/client/src/helpers/trackers/trackers.js
@@ -62,6 +62,7 @@ const getTrackerDataFromDb = (domainName, trackersDb, source) => {
 /**
 * Gets the source metadata for the specified tracker
 * @param {TrackerData} trackerData tracker data
+ * @returns {source} source metadata or null if no matching tracker found
 */
 export const getSourceData = (trackerData) => {
    if (!trackerData || !trackerData.source) {
--- a/client/src/helpers/versionCompare.js
+++ b/client/src/helpers/versionCompare.js
@@ -0,0 +1,63 @@
+/*
+* Project: tiny-version-compare https://github.com/bfred-it/tiny-version-compare
+* License (MIT) https://github.com/bfred-it/tiny-version-compare/blob/master/LICENSE
+*/
+const split = v => String(v).replace(/^[vr]/, '') // Drop initial 'v' or 'r'
+    .replace(/([a-z]+)/gi, '.$1.') // Sort each word separately
+    .replace(/[-.]+/g, '.') // Consider dashes as separators (+ trim multiple separators)
+    .split('.');
+
+// Development versions are considered "negative",
+// but localeCompare doesn't handle negative numbers.
+// This offset is applied to reset the lowest development version to 0
+const offset = (part) => {
+    // Not numeric, return as is
+    if (Number.isNaN(part)) {
+        return part;
+    }
+    return 5 + Number(part);
+};
+
+const parsePart = (part) => {
+    // Missing, consider it zero
+    if (typeof part === 'undefined') {
+        return 0;
+    }
+    // Sort development versions
+    switch (part.toLowerCase()) {
+        case 'dev':
+            return -5;
+        case 'alpha':
+            return -4;
+        case 'beta':
+            return -3;
+        case 'rc':
+            return -2;
+        case 'pre':
+            return -1;
+        default:
+    }
+    // Return as is, it’s either a plain number or text that will be sorted alphabetically
+    return part;
+};
+
+const versionCompare = (prev, next) => {
+    const a = split(prev);
+    const b = split(next);
+    for (let i = 0; i < a.length || i < b.length; i += 1) {
+        const ai = offset(parsePart(a[i]));
+        const bi = offset(parsePart(b[i]));
+        const sort = String(ai).localeCompare(bi, 'en', {
+            numeric: true,
+        });
+        // Once the difference is found,
+        // stop comparing the rest of the parts
+        if (sort !== 0) {
+            return sort;
+        }
+    }
+    // No difference found
+    return 0;
+};
+
+export default versionCompare;
--- a/client/src/i18n.js
+++ b/client/src/i18n.js
@@ -0,0 +1,63 @@
+import i18n from 'i18next';
+import { reactI18nextModule } from 'react-i18next';
+import { initReactI18n } from 'react-i18next/hooks';
+import langDetect from 'i18next-browser-languagedetector';
+
+import vi from './__locales/vi.json';
+import en from './__locales/en.json';
+import ru from './__locales/ru.json';
+import es from './__locales/es.json';
+import fr from './__locales/fr.json';
+import ja from './__locales/ja.json';
+import sv from './__locales/sv.json';
+import ptBR from './__locales/pt-br.json';
+import zhTW from './__locales/zh-tw.json';
+
+const resources = {
+    en: {
+        translation: en,
+    },
+    vi: {
+        translation: vi,
+    },
+    ru: {
+        translation: ru,
+    },
+    es: {
+        translation: es,
+    },
+    fr: {
+        translation: fr,
+    },
+    ja: {
+        translation: ja,
+    },
+    sv: {
+        translation: sv,
+    },
+    'pt-BR': {
+        translation: ptBR,
+    },
+    'zh-TW': {
+        translation: zhTW,
+    },
+};
+
+i18n
+    .use(langDetect)
+    .use(initReactI18n)
+    .use(reactI18nextModule) // passes i18n down to react-i18next
+    .init({
+        resources,
+        fallbackLng: 'en',
+        keySeparator: false, // we use content as keys
+        nsSeparator: false, // Fix character in content
+        interpolation: {
+            escapeValue: false, // not needed for react!!
+        },
+        react: {
+            wait: true,
+        },
+    });
+
+export default i18n;
--- a/client/src/index.js
+++ b/client/src/index.js
@@ -5,6 +5,7 @@ import './components/App/index.css';
 import App from './containers/App';
 import configureStore from './configureStore';
 import reducers from './reducers';
+import './i18n';

 const store = configureStore(reducers, {}); // set initial state
 ReactDOM.render(
--- a/client/src/reducers/index.js
+++ b/client/src/reducers/index.js
@@ -1,8 +1,9 @@
 import { combineReducers } from 'redux';
 import { handleActions } from 'redux-actions';
 import { loadingBarReducer } from 'react-redux-loading-bar';
-import versionCompare from 'tiny-version-compare';
 import nanoid from 'nanoid';
+import { reducer as formReducer } from 'redux-form';
+import versionCompare from '../helpers/versionCompare';

 import * as actions from '../actions';

@@ -35,6 +36,7 @@ const settings = handleActions({
    processing: true,
    processingTestUpstream: false,
    processingSetUpstream: false,
+    processingDhcpStatus: false,
 });

 const dashboard = handleActions({
@@ -49,6 +51,7 @@ const dashboard = handleActions({
            querylog_enabled: queryLogEnabled,
            upstream_dns: upstreamDns,
            protection_enabled: protectionEnabled,
+            language,
        } = payload;
        const newState = {
            ...state,
@@ -60,6 +63,7 @@ const dashboard = handleActions({
            queryLogEnabled,
            upstreamDns: upstreamDns.join('\n'),
            protectionEnabled,
+            language,
        };
        return newState;
    },
@@ -145,6 +149,11 @@ const dashboard = handleActions({
        const { upstreamDns } = payload;
        return { ...state, upstreamDns };
    },
+
+    [actions.getLanguageSuccess]: (state, { payload }) => {
+        const newState = { ...state, language: payload };
+        return newState;
+    },
 }, {
    processing: true,
    isCoreRunning: false,
@@ -251,11 +260,61 @@ const toasts = handleActions({
    },
 }, { notices: [] });

+const dhcp = handleActions({
+    [actions.getDhcpStatusRequest]: state => ({ ...state, processing: true }),
+    [actions.getDhcpStatusFailure]: state => ({ ...state, processing: false }),
+    [actions.getDhcpStatusSuccess]: (state, { payload }) => {
+        const newState = {
+            ...state,
+            ...payload,
+            processing: false,
+        };
+        return newState;
+    },
+
+    [actions.getDhcpInterfacesRequest]: state => ({ ...state, processingInterfaces: true }),
+    [actions.getDhcpInterfacesFailure]: state => ({ ...state, processingInterfaces: false }),
+    [actions.getDhcpInterfacesSuccess]: (state, { payload }) => {
+        const newState = {
+            ...state,
+            interfaces: payload,
+            processingInterfaces: false,
+        };
+        return newState;
+    },
+
+    [actions.findActiveDhcpRequest]: state => ({ ...state, processingStatus: true }),
+    [actions.findActiveDhcpFailure]: state => ({ ...state, processingStatus: false }),
+    [actions.findActiveDhcpSuccess]: (state, { payload }) => ({
+        ...state,
+        active: payload,
+        processingStatus: false,
+    }),
+
+    [actions.toggleDhcpSuccess]: (state) => {
+        const { config } = state;
+        const newConfig = { ...config, enabled: !config.enabled };
+        const newState = { ...state, config: newConfig };
+        return newState;
+    },
+}, {
+    processing: true,
+    processingStatus: false,
+    processingInterfaces: false,
+    config: {
+        enabled: false,
+    },
+    active: null,
+    leases: [],
+});
+
 export default combineReducers({
    settings,
    dashboard,
    queryLogs,
    filtering,
    toasts,
+    dhcp,
    loadingBar: loadingBarReducer,
+    form: formReducer,
 });
--- a/config.go
+++ b/config.go
@@ -1,61 +1,51 @@
 package main

 import (
-	"bytes"
 	"io/ioutil"
-	"log"
 	"os"
 	"path/filepath"
-	"regexp"
 	"sync"
-	"text/template"
-	"time"

+	"github.com/AdguardTeam/AdGuardHome/dhcpd"
+	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
+	"github.com/AdguardTeam/AdGuardHome/dnsforward"
+	"github.com/hmage/golibs/log"
 	"gopkg.in/yaml.v2"
 )

-// configuration is loaded from YAML
-type configuration struct {
-	ourConfigFilename string
-	ourBinaryDir      string
+const (
+	dataDir   = "data"    // data storage
+	filterDir = "filters" // cache location for downloaded filters, it's under DataDir
+)

-	BindHost  string        `yaml:"bind_host"`
-	BindPort  int           `yaml:"bind_port"`
-	AuthName  string        `yaml:"auth_name"`
-	AuthPass  string        `yaml:"auth_pass"`
-	CoreDNS   coreDNSConfig `yaml:"coredns"`
-	Filters   []filter      `yaml:"filters"`
-	UserRules []string      `yaml:"user_rules"`
+// configuration is loaded from YAML
+// field ordering is important -- yaml fields will mirror ordering from here
+type configuration struct {
+	ourConfigFilename string // Config filename (can be overriden via the command line arguments)
+	ourBinaryDir      string // Location of our directory, used to protect against CWD being somewhere else
+
+	BindHost  string             `yaml:"bind_host"`
+	BindPort  int                `yaml:"bind_port"`
+	AuthName  string             `yaml:"auth_name"`
+	AuthPass  string             `yaml:"auth_pass"`
+	Language  string             `yaml:"language"` // two-letter ISO 639-1 language code
+	DNS       dnsConfig          `yaml:"dns"`
+	Filters   []filter           `yaml:"filters"`
+	UserRules []string           `yaml:"user_rules"`
+	DHCP      dhcpd.ServerConfig `yaml:"dhcp"`

 	sync.RWMutex `yaml:"-"`
+
+	SchemaVersion int `yaml:"schema_version"` // keeping last so that users will be less tempted to change it -- used when upgrading between versions
 }

-type coreDNSConfig struct {
-	binaryFile          string
-	coreFile            string
-	FilterFile          string   `yaml:"-"`
-	Port                int      `yaml:"port"`
-	ProtectionEnabled   bool     `yaml:"protection_enabled"`
-	FilteringEnabled    bool     `yaml:"filtering_enabled"`
-	SafeBrowsingEnabled bool     `yaml:"safebrowsing_enabled"`
-	SafeSearchEnabled   bool     `yaml:"safesearch_enabled"`
-	ParentalEnabled     bool     `yaml:"parental_enabled"`
-	ParentalSensitivity int      `yaml:"parental_sensitivity"`
-	BlockedResponseTTL  int      `yaml:"blocked_response_ttl"`
-	QueryLogEnabled     bool     `yaml:"querylog_enabled"`
-	Pprof               string   `yaml:"-"`
-	Cache               string   `yaml:"-"`
-	Prometheus          string   `yaml:"-"`
-	UpstreamDNS         []string `yaml:"upstream_dns"`
-}
+// field ordering is important -- yaml fields will mirror ordering from here
+type dnsConfig struct {
+	Port int `yaml:"port"`

-type filter struct {
-	URL         string `json:"url"`
-	Name        string `json:"name" yaml:"name"`
-	Enabled     bool   `json:"enabled"`
-	RulesCount  int    `json:"rules_count" yaml:"-"`
-	contents    []byte
-	LastUpdated time.Time `json:"last_updated" yaml:"-"`
+	dnsforward.FilteringConfig `yaml:",inline"`
+
+	UpstreamDNS []string `yaml:"upstream_dns"`
 }

 var defaultDNS = []string{"tls://1.1.1.1", "tls://1.0.0.1"}
@@ -65,37 +55,38 @@ var config = configuration{
 	ourConfigFilename: "AdGuardHome.yaml",
 	BindPort:          3000,
 	BindHost:          "127.0.0.1",
-	CoreDNS: coreDNSConfig{
-		Port:                53,
-		binaryFile:          "coredns",       // only filename, no path
-		coreFile:            "Corefile",      // only filename, no path
-		FilterFile:          "dnsfilter.txt", // only filename, no path
-		ProtectionEnabled:   true,
-		FilteringEnabled:    true,
-		SafeBrowsingEnabled: false,
-		BlockedResponseTTL:  10, // in seconds
-		QueryLogEnabled:     true,
-		UpstreamDNS:         defaultDNS,
-		Cache:               "cache",
-		Prometheus:          "prometheus :9153",
+	DNS: dnsConfig{
+		Port: 53,
+		FilteringConfig: dnsforward.FilteringConfig{
+			ProtectionEnabled:  true, // whether or not use any of dnsfilter features
+			FilteringEnabled:   true, // whether or not use filter lists
+			BlockedResponseTTL: 10,   // in seconds
+			QueryLogEnabled:    true,
+			Ratelimit:          20,
+			RefuseAny:          true,
+			BootstrapDNS:       "8.8.8.8:53",
+		},
+		UpstreamDNS: defaultDNS,
 	},
 	Filters: []filter{
-		{Enabled: true, URL: "https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt"},
-		{Enabled: false, URL: "https://adaway.org/hosts.txt", Name: "AdAway"},
-		{Enabled: false, URL: "https://hosts-file.net/ad_servers.txt", Name: "hpHosts - Ad and Tracking servers only"},
-		{Enabled: false, URL: "http://www.malwaredomainlist.com/hostslist/hosts.txt", Name: "MalwareDomainList.com Hosts List"},
+		{Filter: dnsfilter.Filter{ID: 1}, Enabled: true, URL: "https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt", Name: "AdGuard Simplified Domain Names filter"},
+		{Filter: dnsfilter.Filter{ID: 2}, Enabled: false, URL: "https://adaway.org/hosts.txt", Name: "AdAway"},
+		{Filter: dnsfilter.Filter{ID: 3}, Enabled: false, URL: "https://hosts-file.net/ad_servers.txt", Name: "hpHosts - Ad and Tracking servers only"},
+		{Filter: dnsfilter.Filter{ID: 4}, Enabled: false, URL: "http://www.malwaredomainlist.com/hostslist/hosts.txt", Name: "MalwareDomainList.com Hosts List"},
 	},
+	SchemaVersion: currentSchemaVersion,
 }

+// Loads configuration from the YAML file
 func parseConfig() error {
-	configfile := filepath.Join(config.ourBinaryDir, config.ourConfigFilename)
-	log.Printf("Reading YAML file: %s", configfile)
-	if _, err := os.Stat(configfile); os.IsNotExist(err) {
+	configFile := filepath.Join(config.ourBinaryDir, config.ourConfigFilename)
+	log.Printf("Reading YAML file: %s", configFile)
+	if _, err := os.Stat(configFile); os.IsNotExist(err) {
 		// do nothing, file doesn't exist
-		log.Printf("YAML file doesn't exist, skipping: %s", configfile)
+		log.Printf("YAML file doesn't exist, skipping: %s", configFile)
 		return nil
 	}
-	yamlFile, err := ioutil.ReadFile(configfile)
+	yamlFile, err := ioutil.ReadFile(configFile)
 	if err != nil {
 		log.Printf("Couldn't read config file: %s", err)
 		return err
@@ -106,104 +97,47 @@ func parseConfig() error {
 		return err
 	}

+	// Deduplicate filters
+	deduplicateFilters()
+
+	updateUniqueFilterID(config.Filters)
+
 	return nil
 }

-func writeConfig() error {
-	configfile := filepath.Join(config.ourBinaryDir, config.ourConfigFilename)
-	log.Printf("Writing YAML file: %s", configfile)
+// Saves configuration to the YAML file and also saves the user filter contents to a file
+func (c *configuration) write() error {
+	c.Lock()
+	defer c.Unlock()
+	configFile := filepath.Join(config.ourBinaryDir, config.ourConfigFilename)
+	log.Printf("Writing YAML file: %s", configFile)
 	yamlText, err := yaml.Marshal(&config)
 	if err != nil {
 		log.Printf("Couldn't generate YAML file: %s", err)
 		return err
 	}
-	err = ioutil.WriteFile(configfile+".tmp", yamlText, 0644)
+	err = safeWriteFile(configFile, yamlText)
 	if err != nil {
-		log.Printf("Couldn't write YAML config: %s", err)
+		log.Printf("Couldn't save YAML config: %s", err)
 		return err
 	}
-	err = os.Rename(configfile+".tmp", configfile)
-	if err != nil {
-		log.Printf("Couldn't rename YAML config: %s", err)
-		return err
-	}
-	return nil
-}

-// --------------
-// coredns config
-// --------------
-func writeCoreDNSConfig() error {
-	corefile := filepath.Join(config.ourBinaryDir, config.CoreDNS.coreFile)
-	log.Printf("Writing DNS config: %s", corefile)
-	configtext, err := generateCoreDNSConfigText()
-	if err != nil {
-		log.Printf("Couldn't generate DNS config: %s", err)
-		return err
-	}
-	err = ioutil.WriteFile(corefile+".tmp", []byte(configtext), 0644)
-	if err != nil {
-		log.Printf("Couldn't write DNS config: %s", err)
-	}
-	err = os.Rename(corefile+".tmp", corefile)
-	if err != nil {
-		log.Printf("Couldn't rename DNS config: %s", err)
-	}
-	return err
+	return nil
 }

 func writeAllConfigs() error {
-	err := writeConfig()
+	err := config.write()
 	if err != nil {
-		log.Printf("Couldn't write our config: %s", err)
+		log.Printf("Couldn't write config: %s", err)
 		return err
 	}
-	err = writeCoreDNSConfig()
+
+	userFilter := userFilter()
+	err = userFilter.save()
 	if err != nil {
-		log.Printf("Couldn't write DNS config: %s", err)
+		log.Printf("Couldn't save the user filter: %s", err)
 		return err
 	}
+
 	return nil
 }
-
-const coreDNSConfigTemplate = `.:{{.Port}} {
-    {{if .ProtectionEnabled}}dnsfilter {{if .FilteringEnabled}}{{.FilterFile}}{{end}} {
-        {{if .SafeBrowsingEnabled}}safebrowsing{{end}}
-        {{if .ParentalEnabled}}parental {{.ParentalSensitivity}}{{end}}
-        {{if .SafeSearchEnabled}}safesearch{{end}}
-        {{if .QueryLogEnabled}}querylog{{end}}
-        blocked_ttl {{.BlockedResponseTTL}}
-    }{{end}}
-    {{.Pprof}}
-    hosts {
-        fallthrough
-    }
-    {{if .UpstreamDNS}}forward . {{range .UpstreamDNS}}{{.}} {{end}}{{end}}
-    {{.Cache}}
-    {{.Prometheus}}
-}
-`
-
-var removeEmptyLines = regexp.MustCompile("([\t ]*\n)+")
-
-// generate config text
-func generateCoreDNSConfigText() (string, error) {
-	t, err := template.New("config").Parse(coreDNSConfigTemplate)
-	if err != nil {
-		log.Printf("Couldn't generate DNS config: %s", err)
-		return "", err
-	}
-
-	var configBytes bytes.Buffer
-	// run the template
-	err = t.Execute(&configBytes, config.CoreDNS)
-	if err != nil {
-		log.Printf("Couldn't generate DNS config: %s", err)
-		return "", err
-	}
-	configtext := configBytes.String()
-
-	// remove empty lines from generated config
-	configtext = removeEmptyLines.ReplaceAllString(configtext, "\n")
-	return configtext, nil
-}
--- a/control.go
+++ b/control.go
--- a/coredns.go
+++ b/coredns.go
@@ -1,127 +0,0 @@
-package main
-
-import (
-	"fmt"
-	"log"
-	"sync"
-
-	// Include all plugins.
-	_ "github.com/AdguardTeam/AdGuardHome/coredns_plugin"
-	_ "github.com/coredns/coredns/plugin/auto"
-	_ "github.com/coredns/coredns/plugin/autopath"
-	_ "github.com/coredns/coredns/plugin/bind"
-	_ "github.com/coredns/coredns/plugin/cache"
-	_ "github.com/coredns/coredns/plugin/chaos"
-	_ "github.com/coredns/coredns/plugin/debug"
-	_ "github.com/coredns/coredns/plugin/dnssec"
-	_ "github.com/coredns/coredns/plugin/dnstap"
-	_ "github.com/coredns/coredns/plugin/erratic"
-	_ "github.com/coredns/coredns/plugin/errors"
-	_ "github.com/coredns/coredns/plugin/file"
-	_ "github.com/coredns/coredns/plugin/forward"
-	_ "github.com/coredns/coredns/plugin/health"
-	_ "github.com/coredns/coredns/plugin/hosts"
-	_ "github.com/coredns/coredns/plugin/loadbalance"
-	_ "github.com/coredns/coredns/plugin/log"
-	_ "github.com/coredns/coredns/plugin/loop"
-	_ "github.com/coredns/coredns/plugin/metadata"
-	_ "github.com/coredns/coredns/plugin/metrics"
-	_ "github.com/coredns/coredns/plugin/nsid"
-	_ "github.com/coredns/coredns/plugin/pprof"
-	_ "github.com/coredns/coredns/plugin/proxy"
-	_ "github.com/coredns/coredns/plugin/reload"
-	_ "github.com/coredns/coredns/plugin/rewrite"
-	_ "github.com/coredns/coredns/plugin/root"
-	_ "github.com/coredns/coredns/plugin/secondary"
-	_ "github.com/coredns/coredns/plugin/template"
-	_ "github.com/coredns/coredns/plugin/tls"
-	_ "github.com/coredns/coredns/plugin/whoami"
-	_ "github.com/mholt/caddy/onevent"
-
-	"github.com/coredns/coredns/core/dnsserver"
-	"github.com/coredns/coredns/coremain"
-)
-
-// Directives are registered in the order they should be
-// executed.
-//
-// Ordering is VERY important. Every plugin will
-// feel the effects of all other plugin below
-// (after) them during a request, but they must not
-// care what plugin above them are doing.
-
-var directives = []string{
-	"metadata",
-	"tls",
-	"reload",
-	"nsid",
-	"root",
-	"bind",
-	"debug",
-	"health",
-	"pprof",
-	"prometheus",
-	"errors",
-	"log",
-	"dnsfilter",
-	"dnstap",
-	"chaos",
-	"loadbalance",
-	"cache",
-	"rewrite",
-	"dnssec",
-	"autopath",
-	"template",
-	"hosts",
-	"file",
-	"auto",
-	"secondary",
-	"loop",
-	"forward",
-	"proxy",
-	"erratic",
-	"whoami",
-	"on",
-}
-
-func init() {
-	dnsserver.Directives = directives
-}
-
-var (
-	isCoreDNSRunningLock sync.Mutex
-	isCoreDNSRunning     = false
-)
-
-func isRunning() bool {
-	isCoreDNSRunningLock.Lock()
-	value := isCoreDNSRunning
-	isCoreDNSRunningLock.Unlock()
-	return value
-}
-
-func startDNSServer() error {
-	isCoreDNSRunningLock.Lock()
-	if isCoreDNSRunning {
-		isCoreDNSRunningLock.Unlock()
-		return fmt.Errorf("Unable to start coreDNS: Already running")
-	}
-	isCoreDNSRunning = true
-	isCoreDNSRunningLock.Unlock()
-
-	err := writeCoreDNSConfig()
-	if err != nil {
-		errortext := fmt.Errorf("Unable to write coredns config: %s", err)
-		log.Println(errortext)
-		return errortext
-	}
-	err = writeFilterFile()
-	if err != nil {
-		errortext := fmt.Errorf("Couldn't write filter file: %s", err)
-		log.Println(errortext)
-		return errortext
-	}
-
-	go coremain.Run()
-	return nil
-}
--- a/coredns_plugin/coredns_plugin.go
+++ b/coredns_plugin/coredns_plugin.go
@@ -1,579 +0,0 @@
-package dnsfilter
-
-import (
-	"bufio"
-	"errors"
-	"fmt"
-	"log"
-	"net"
-	"os"
-	"strconv"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
-	"github.com/coredns/coredns/core/dnsserver"
-	"github.com/coredns/coredns/plugin"
-	"github.com/coredns/coredns/plugin/metrics"
-	"github.com/coredns/coredns/plugin/pkg/dnstest"
-	"github.com/coredns/coredns/plugin/pkg/upstream"
-	"github.com/coredns/coredns/request"
-	"github.com/mholt/caddy"
-	"github.com/miekg/dns"
-	"github.com/prometheus/client_golang/prometheus"
-	"golang.org/x/net/context"
-)
-
-var defaultSOA = &dns.SOA{
-	// values copied from verisign's nonexistent .com domain
-	// their exact values are not important in our use case because they are used for domain transfers between primary/secondary DNS servers
-	Refresh: 1800,
-	Retry:   900,
-	Expire:  604800,
-	Minttl:  86400,
-}
-
-func init() {
-	caddy.RegisterPlugin("dnsfilter", caddy.Plugin{
-		ServerType: "dns",
-		Action:     setup,
-	})
-}
-
-type cacheEntry struct {
-	answer      []dns.RR
-	lastUpdated time.Time
-}
-
-var (
-	lookupCacheTime = time.Minute * 30
-	lookupCache     = map[string]cacheEntry{}
-)
-
-type plugSettings struct {
-	SafeBrowsingBlockHost string
-	ParentalBlockHost     string
-	QueryLogEnabled       bool
-	BlockedTTL            uint32 // in seconds, default 3600
-}
-
-type plug struct {
-	d        *dnsfilter.Dnsfilter
-	Next     plugin.Handler
-	upstream upstream.Upstream
-	hosts    map[string]net.IP
-	settings plugSettings
-
-	sync.RWMutex
-}
-
-var defaultPluginSettings = plugSettings{
-	SafeBrowsingBlockHost: "safebrowsing.block.dns.adguard.com",
-	ParentalBlockHost:     "family.block.dns.adguard.com",
-	BlockedTTL:            3600, // in seconds
-}
-
-//
-// coredns handling functions
-//
-func setupPlugin(c *caddy.Controller) (*plug, error) {
-	// create new Plugin and copy default values
-	p := &plug{
-		settings: defaultPluginSettings,
-		d:        dnsfilter.New(),
-		hosts:    make(map[string]net.IP),
-	}
-
-	filterFileNames := []string{}
-	for c.Next() {
-		args := c.RemainingArgs()
-		if len(args) > 0 {
-			filterFileNames = append(filterFileNames, args...)
-		}
-		for c.NextBlock() {
-			switch c.Val() {
-			case "safebrowsing":
-				p.d.EnableSafeBrowsing()
-				if c.NextArg() {
-					if len(c.Val()) == 0 {
-						return nil, c.ArgErr()
-					}
-					p.d.SetSafeBrowsingServer(c.Val())
-				}
-			case "safesearch":
-				p.d.EnableSafeSearch()
-			case "parental":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-				sensitivity, err := strconv.Atoi(c.Val())
-				if err != nil {
-					return nil, c.ArgErr()
-				}
-				err = p.d.EnableParental(sensitivity)
-				if err != nil {
-					return nil, c.ArgErr()
-				}
-				if c.NextArg() {
-					if len(c.Val()) == 0 {
-						return nil, c.ArgErr()
-					}
-					p.settings.ParentalBlockHost = c.Val()
-				}
-			case "blocked_ttl":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-				blockttl, err := strconv.ParseUint(c.Val(), 10, 32)
-				if err != nil {
-					return nil, c.ArgErr()
-				}
-				p.settings.BlockedTTL = uint32(blockttl)
-			case "querylog":
-				p.settings.QueryLogEnabled = true
-			}
-		}
-	}
-
-	log.Printf("filterFileNames = %+v", filterFileNames)
-
-	for i, filterFileName := range filterFileNames {
-		file, err := os.Open(filterFileName)
-		if err != nil {
-			return nil, err
-		}
-		defer file.Close()
-
-		count := 0
-		scanner := bufio.NewScanner(file)
-		for scanner.Scan() {
-			text := scanner.Text()
-			if p.parseEtcHosts(text) {
-				continue
-			}
-			err = p.d.AddRule(text, uint32(i))
-			if err == dnsfilter.ErrInvalidSyntax {
-				continue
-			}
-			if err != nil {
-				return nil, err
-			}
-			count++
-		}
-		log.Printf("Added %d rules from %s", count, filterFileName)
-
-		if err = scanner.Err(); err != nil {
-			return nil, err
-		}
-	}
-
-	log.Printf("Loading stats from querylog")
-	err := fillStatsFromQueryLog()
-	if err != nil {
-		log.Printf("Failed to load stats from querylog: %s", err)
-		return nil, err
-	}
-
-	if p.settings.QueryLogEnabled {
-		onceQueryLog.Do(func() {
-			go startQueryLogServer() // TODO: how to handle errors?
-		})
-	}
-
-	onceHook.Do(func() {
-		caddy.RegisterEventHook("dnsfilter-reload", hook)
-	})
-
-	p.upstream, err = upstream.New(nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return p, nil
-}
-
-func setup(c *caddy.Controller) error {
-	p, err := setupPlugin(c)
-	if err != nil {
-		return err
-	}
-	config := dnsserver.GetConfig(c)
-	config.AddPlugin(func(next plugin.Handler) plugin.Handler {
-		p.Next = next
-		return p
-	})
-
-	c.OnStartup(func() error {
-		m := dnsserver.GetConfig(c).Handler("prometheus")
-		if m == nil {
-			return nil
-		}
-		if x, ok := m.(*metrics.Metrics); ok {
-			x.MustRegister(requests)
-			x.MustRegister(filtered)
-			x.MustRegister(filteredLists)
-			x.MustRegister(filteredSafebrowsing)
-			x.MustRegister(filteredParental)
-			x.MustRegister(whitelisted)
-			x.MustRegister(safesearch)
-			x.MustRegister(errorsTotal)
-			x.MustRegister(elapsedTime)
-			x.MustRegister(p)
-		}
-		return nil
-	})
-	c.OnShutdown(p.onShutdown)
-	c.OnFinalShutdown(p.onFinalShutdown)
-
-	return nil
-}
-
-func (p *plug) parseEtcHosts(text string) bool {
-	if pos := strings.IndexByte(text, '#'); pos != -1 {
-		text = text[0:pos]
-	}
-	fields := strings.Fields(text)
-	if len(fields) < 2 {
-		return false
-	}
-	addr := net.ParseIP(fields[0])
-	if addr == nil {
-		return false
-	}
-	for _, host := range fields[1:] {
-		// debug logging for duplicate values, pretty common if you subscribe to many hosts files
-		// if val, ok := p.hosts[host]; ok {
-		// 	log.Printf("warning: host %s already has value %s, will overwrite it with %s", host, val, addr)
-		// }
-		p.hosts[host] = addr
-	}
-	return true
-}
-
-func (p *plug) onShutdown() error {
-	p.Lock()
-	p.d.Destroy()
-	p.d = nil
-	p.Unlock()
-	return nil
-}
-
-func (p *plug) onFinalShutdown() error {
-	logBufferLock.Lock()
-	err := flushToFile(logBuffer)
-	if err != nil {
-		log.Printf("failed to flush to file: %s", err)
-		return err
-	}
-	logBufferLock.Unlock()
-	return nil
-}
-
-type statsFunc func(ch interface{}, name string, text string, value float64, valueType prometheus.ValueType)
-
-func doDesc(ch interface{}, name string, text string, value float64, valueType prometheus.ValueType) {
-	realch, ok := ch.(chan<- *prometheus.Desc)
-	if !ok {
-		log.Printf("Couldn't convert ch to chan<- *prometheus.Desc\n")
-		return
-	}
-	realch <- prometheus.NewDesc(name, text, nil, nil)
-}
-
-func doMetric(ch interface{}, name string, text string, value float64, valueType prometheus.ValueType) {
-	realch, ok := ch.(chan<- prometheus.Metric)
-	if !ok {
-		log.Printf("Couldn't convert ch to chan<- prometheus.Metric\n")
-		return
-	}
-	desc := prometheus.NewDesc(name, text, nil, nil)
-	realch <- prometheus.MustNewConstMetric(desc, valueType, value)
-}
-
-func gen(ch interface{}, doFunc statsFunc, name string, text string, value float64, valueType prometheus.ValueType) {
-	doFunc(ch, name, text, value, valueType)
-}
-
-func doStatsLookup(ch interface{}, doFunc statsFunc, name string, lookupstats *dnsfilter.LookupStats) {
-	gen(ch, doFunc, fmt.Sprintf("coredns_dnsfilter_%s_requests", name), fmt.Sprintf("Number of %s HTTP requests that were sent", name), float64(lookupstats.Requests), prometheus.CounterValue)
-	gen(ch, doFunc, fmt.Sprintf("coredns_dnsfilter_%s_cachehits", name), fmt.Sprintf("Number of %s lookups that didn't need HTTP requests", name), float64(lookupstats.CacheHits), prometheus.CounterValue)
-	gen(ch, doFunc, fmt.Sprintf("coredns_dnsfilter_%s_pending", name), fmt.Sprintf("Number of currently pending %s HTTP requests", name), float64(lookupstats.Pending), prometheus.GaugeValue)
-	gen(ch, doFunc, fmt.Sprintf("coredns_dnsfilter_%s_pending_max", name), fmt.Sprintf("Maximum number of pending %s HTTP requests", name), float64(lookupstats.PendingMax), prometheus.GaugeValue)
-}
-
-func (p *plug) doStats(ch interface{}, doFunc statsFunc) {
-	p.RLock()
-	stats := p.d.GetStats()
-	doStatsLookup(ch, doFunc, "safebrowsing", &stats.Safebrowsing)
-	doStatsLookup(ch, doFunc, "parental", &stats.Parental)
-	p.RUnlock()
-}
-
-// Describe is called by prometheus handler to know stat types
-func (p *plug) Describe(ch chan<- *prometheus.Desc) {
-	p.doStats(ch, doDesc)
-}
-
-// Collect is called by prometheus handler to collect stats
-func (p *plug) Collect(ch chan<- prometheus.Metric) {
-	p.doStats(ch, doMetric)
-}
-
-func (p *plug) replaceHostWithValAndReply(ctx context.Context, w dns.ResponseWriter, r *dns.Msg, host string, val string, question dns.Question) (int, error) {
-	// check if it's a domain name or IP address
-	addr := net.ParseIP(val)
-	var records []dns.RR
-	// log.Println("Will give", val, "instead of", host) // debug logging
-	if addr != nil {
-		// this is an IP address, return it
-		result, err := dns.NewRR(fmt.Sprintf("%s %d A %s", host, p.settings.BlockedTTL, val))
-		if err != nil {
-			log.Printf("Got error %s\n", err)
-			return dns.RcodeServerFailure, fmt.Errorf("plugin/dnsfilter: %s", err)
-		}
-		records = append(records, result)
-	} else {
-		// this is a domain name, need to look it up
-		cacheentry := lookupCache[val]
-		if time.Since(cacheentry.lastUpdated) > lookupCacheTime {
-			req := new(dns.Msg)
-			req.SetQuestion(dns.Fqdn(val), question.Qtype)
-			req.RecursionDesired = true
-			reqstate := request.Request{W: w, Req: req, Context: ctx}
-			result, err := p.upstream.Lookup(reqstate, dns.Fqdn(val), reqstate.QType())
-			if err != nil {
-				log.Printf("Got error %s\n", err)
-				return dns.RcodeServerFailure, fmt.Errorf("plugin/dnsfilter: %s", err)
-			}
-			if result != nil {
-				for _, answer := range result.Answer {
-					answer.Header().Name = question.Name
-				}
-				records = result.Answer
-				cacheentry.answer = result.Answer
-				cacheentry.lastUpdated = time.Now()
-				lookupCache[val] = cacheentry
-			}
-		} else {
-			// get from cache
-			records = cacheentry.answer
-		}
-	}
-	m := new(dns.Msg)
-	m.SetReply(r)
-	m.Authoritative, m.RecursionAvailable, m.Compress = true, true, true
-	m.Answer = append(m.Answer, records...)
-	state := request.Request{W: w, Req: r, Context: ctx}
-	state.SizeAndDo(m)
-	err := state.W.WriteMsg(m)
-	if err != nil {
-		log.Printf("Got error %s\n", err)
-		return dns.RcodeServerFailure, fmt.Errorf("plugin/dnsfilter: %s", err)
-	}
-	return dns.RcodeSuccess, nil
-}
-
-// generate SOA record that makes DNS clients cache NXdomain results
-// the only value that is important is TTL in header, other values like refresh, retry, expire and minttl are irrelevant
-func (p *plug) genSOA(r *dns.Msg) []dns.RR {
-	zone := r.Question[0].Name
-	header := dns.RR_Header{Name: zone, Rrtype: dns.TypeSOA, Ttl: p.settings.BlockedTTL, Class: dns.ClassINET}
-
-	Mbox := "hostmaster."
-	if zone[0] != '.' {
-		Mbox += zone
-	}
-	Ns := "fake-for-negative-caching.adguard.com."
-
-	soa := *defaultSOA
-	soa.Hdr = header
-	soa.Mbox = Mbox
-	soa.Ns = Ns
-	soa.Serial = 100500 // faster than uint32(time.Now().Unix())
-	return []dns.RR{&soa}
-}
-
-func (p *plug) writeNXdomain(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
-	state := request.Request{W: w, Req: r, Context: ctx}
-	m := new(dns.Msg)
-	m.SetRcode(state.Req, dns.RcodeNameError)
-	m.Authoritative, m.RecursionAvailable, m.Compress = true, true, true
-	m.Ns = p.genSOA(r)
-
-	state.SizeAndDo(m)
-	err := state.W.WriteMsg(m)
-	if err != nil {
-		log.Printf("Got error %s\n", err)
-		return dns.RcodeServerFailure, err
-	}
-	return dns.RcodeNameError, nil
-}
-
-func (p *plug) serveDNSInternal(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, dnsfilter.Result, error) {
-	if len(r.Question) != 1 {
-		// google DNS, bind and others do the same
-		return dns.RcodeFormatError, dnsfilter.Result{}, fmt.Errorf("Got DNS request with != 1 questions")
-	}
-	for _, question := range r.Question {
-		host := strings.ToLower(strings.TrimSuffix(question.Name, "."))
-		// is it a safesearch domain?
-		p.RLock()
-		if val, ok := p.d.SafeSearchDomain(host); ok {
-			rcode, err := p.replaceHostWithValAndReply(ctx, w, r, host, val, question)
-			if err != nil {
-				p.RUnlock()
-				return rcode, dnsfilter.Result{}, err
-			}
-			p.RUnlock()
-			return rcode, dnsfilter.Result{Reason: dnsfilter.FilteredSafeSearch}, err
-		}
-		p.RUnlock()
-
-		// is it in hosts?
-		if val, ok := p.hosts[host]; ok {
-			// it is, if it's a loopback host, reply with NXDOMAIN
-			// TODO: research if it's better than 127.0.0.1
-			if false && val.IsLoopback() {
-				rcode, err := p.writeNXdomain(ctx, w, r)
-				if err != nil {
-					return rcode, dnsfilter.Result{}, err
-				}
-				return rcode, dnsfilter.Result{Reason: dnsfilter.FilteredInvalid}, err
-			}
-			// it's not a loopback host, replace it with value specified
-			rcode, err := p.replaceHostWithValAndReply(ctx, w, r, host, val.String(), question)
-			if err != nil {
-				return rcode, dnsfilter.Result{}, err
-			}
-			// TODO: This must be handled in the dnsfilter and not here!
-			rule := val.String() + " " + host
-			return rcode, dnsfilter.Result{Reason: dnsfilter.FilteredBlackList, Rule: rule}, err
-		}
-
-		// needs to be filtered instead
-		p.RLock()
-		result, err := p.d.CheckHost(host)
-		if err != nil {
-			log.Printf("plugin/dnsfilter: %s\n", err)
-			p.RUnlock()
-			return dns.RcodeServerFailure, dnsfilter.Result{}, fmt.Errorf("plugin/dnsfilter: %s", err)
-		}
-		p.RUnlock()
-
-		if result.IsFiltered {
-			switch result.Reason {
-			case dnsfilter.FilteredSafeBrowsing:
-				// return cname safebrowsing.block.dns.adguard.com
-				val := p.settings.SafeBrowsingBlockHost
-				rcode, err := p.replaceHostWithValAndReply(ctx, w, r, host, val, question)
-				if err != nil {
-					return rcode, dnsfilter.Result{}, err
-				}
-				return rcode, result, err
-			case dnsfilter.FilteredParental:
-				// return cname family.block.dns.adguard.com
-				val := p.settings.ParentalBlockHost
-				rcode, err := p.replaceHostWithValAndReply(ctx, w, r, host, val, question)
-				if err != nil {
-					return rcode, dnsfilter.Result{}, err
-				}
-				return rcode, result, err
-			case dnsfilter.FilteredBlackList:
-				// return NXdomain
-				rcode, err := p.writeNXdomain(ctx, w, r)
-				if err != nil {
-					return rcode, dnsfilter.Result{}, err
-				}
-				return rcode, result, err
-			case dnsfilter.FilteredInvalid:
-				// return NXdomain
-				rcode, err := p.writeNXdomain(ctx, w, r)
-				if err != nil {
-					return rcode, dnsfilter.Result{}, err
-				}
-				return rcode, result, err
-			default:
-				log.Printf("SHOULD NOT HAPPEN -- got unknown reason for filtering host \"%s\": %v, %+v", host, result.Reason, result)
-			}
-		} else {
-			switch result.Reason {
-			case dnsfilter.NotFilteredWhiteList:
-				rcode, err := plugin.NextOrFailure(p.Name(), p.Next, ctx, w, r)
-				return rcode, result, err
-			case dnsfilter.NotFilteredNotFound:
-				// do nothing, pass through to lower code
-			default:
-				log.Printf("SHOULD NOT HAPPEN -- got unknown reason for not filtering host \"%s\": %v, %+v", host, result.Reason, result)
-			}
-		}
-	}
-	rcode, err := plugin.NextOrFailure(p.Name(), p.Next, ctx, w, r)
-	return rcode, dnsfilter.Result{}, err
-}
-
-// ServeDNS handles the DNS request and refuses if it's in filterlists
-func (p *plug) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
-	start := time.Now()
-	requests.Inc()
-	state := request.Request{W: w, Req: r}
-	ip := state.IP()
-
-	// capture the written answer
-	rrw := dnstest.NewRecorder(w)
-	rcode, result, err := p.serveDNSInternal(ctx, rrw, r)
-	if rcode > 0 {
-		// actually send the answer if we have one
-		answer := new(dns.Msg)
-		answer.SetRcode(r, rcode)
-		state.SizeAndDo(answer)
-		err = w.WriteMsg(answer)
-		if err != nil {
-			return dns.RcodeServerFailure, err
-		}
-	}
-
-	// increment counters
-	switch {
-	case err != nil:
-		errorsTotal.Inc()
-	case result.Reason == dnsfilter.FilteredBlackList:
-		filtered.Inc()
-		filteredLists.Inc()
-	case result.Reason == dnsfilter.FilteredSafeBrowsing:
-		filtered.Inc()
-		filteredSafebrowsing.Inc()
-	case result.Reason == dnsfilter.FilteredParental:
-		filtered.Inc()
-		filteredParental.Inc()
-	case result.Reason == dnsfilter.FilteredInvalid:
-		filtered.Inc()
-		filteredInvalid.Inc()
-	case result.Reason == dnsfilter.FilteredSafeSearch:
-		// the request was passsed through but not filtered, don't increment filtered
-		safesearch.Inc()
-	case result.Reason == dnsfilter.NotFilteredWhiteList:
-		whitelisted.Inc()
-	case result.Reason == dnsfilter.NotFilteredNotFound:
-		// do nothing
-	case result.Reason == dnsfilter.NotFilteredError:
-		text := "SHOULD NOT HAPPEN: got DNSFILTER_NOTFILTERED_ERROR without err != nil!"
-		log.Println(text)
-		err = errors.New(text)
-		rcode = dns.RcodeServerFailure
-	}
-
-	// log
-	elapsed := time.Since(start)
-	elapsedTime.Observe(elapsed.Seconds())
-	if p.settings.QueryLogEnabled {
-		logRequest(r, rrw.Msg, result, time.Since(start), ip)
-	}
-	return rcode, err
-}
-
-// Name returns name of the plugin as seen in Corefile and plugin.cfg
-func (p *plug) Name() string { return "dnsfilter" }
-
-var onceHook sync.Once
-var onceQueryLog sync.Once
--- a/coredns_plugin/coredns_plugin_test.go
+++ b/coredns_plugin/coredns_plugin_test.go
@@ -1,155 +0,0 @@
-package dnsfilter
-
-import (
-	"context"
-	"fmt"
-	"io/ioutil"
-	"net"
-	"os"
-	"testing"
-
-	"github.com/coredns/coredns/plugin"
-	"github.com/coredns/coredns/plugin/pkg/dnstest"
-	"github.com/coredns/coredns/plugin/test"
-	"github.com/mholt/caddy"
-	"github.com/miekg/dns"
-)
-
-func TestSetup(t *testing.T) {
-	for i, testcase := range []struct {
-		config  string
-		failing bool
-	}{
-		{`dnsfilter`, false},
-		{`dnsfilter /dev/nonexistent/abcdef`, true},
-		{`dnsfilter ../tests/dns.txt`, false},
-		{`dnsfilter ../tests/dns.txt { safebrowsing }`, false},
-		{`dnsfilter ../tests/dns.txt { parental }`, true},
-	} {
-		c := caddy.NewTestController("dns", testcase.config)
-		err := setup(c)
-		if err != nil {
-			if !testcase.failing {
-				t.Fatalf("Test #%d expected no errors, but got: %v", i, err)
-			}
-			continue
-		}
-		if testcase.failing {
-			t.Fatalf("Test #%d expected to fail but it didn't", i)
-		}
-	}
-}
-
-func TestEtcHostsParse(t *testing.T) {
-	addr := "216.239.38.120"
-	text := []byte(fmt.Sprintf("   %s  google.com www.google.com   # enforce google's safesearch   ", addr))
-	tmpfile, err := ioutil.TempFile("", "")
-	if err != nil {
-		t.Fatal(err)
-	}
-	if _, err = tmpfile.Write(text); err != nil {
-		t.Fatal(err)
-	}
-	if err = tmpfile.Close(); err != nil {
-		t.Fatal(err)
-	}
-
-	defer os.Remove(tmpfile.Name())
-
-	c := caddy.NewTestController("dns", fmt.Sprintf("dnsfilter %s", tmpfile.Name()))
-	p, err := setupPlugin(c)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if len(p.hosts) != 2 {
-		t.Fatal("Expected p.hosts to have two keys")
-	}
-
-	val, ok := p.hosts["google.com"]
-	if !ok {
-		t.Fatal("Expected google.com to be set in p.hosts")
-	}
-	if !val.Equal(net.ParseIP(addr)) {
-		t.Fatalf("Expected google.com's value %s to match %s", val, addr)
-	}
-}
-
-func TestEtcHostsFilter(t *testing.T) {
-	text := []byte("127.0.0.1 doubleclick.net\n" + "127.0.0.1 example.org example.net www.example.org www.example.net")
-	tmpfile, err := ioutil.TempFile("", "")
-	if err != nil {
-		t.Fatal(err)
-	}
-	if _, err = tmpfile.Write(text); err != nil {
-		t.Fatal(err)
-	}
-	if err = tmpfile.Close(); err != nil {
-		t.Fatal(err)
-	}
-
-	defer os.Remove(tmpfile.Name())
-
-	c := caddy.NewTestController("dns", fmt.Sprintf("dnsfilter %s", tmpfile.Name()))
-	p, err := setupPlugin(c)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	p.Next = zeroTTLBackend()
-
-	ctx := context.TODO()
-
-	for _, testcase := range []struct {
-		host     string
-		filtered bool
-	}{
-		{"www.doubleclick.net", false},
-		{"doubleclick.net", true},
-		{"www2.example.org", false},
-		{"www2.example.net", false},
-		{"test.www.example.org", false},
-		{"test.www.example.net", false},
-		{"example.org", true},
-		{"example.net", true},
-		{"www.example.org", true},
-		{"www.example.net", true},
-	} {
-		req := new(dns.Msg)
-		req.SetQuestion(testcase.host+".", dns.TypeA)
-
-		resp := test.ResponseWriter{}
-		rrw := dnstest.NewRecorder(&resp)
-		rcode, err := p.ServeDNS(ctx, rrw, req)
-		if err != nil {
-			t.Fatalf("ServeDNS returned error: %s", err)
-		}
-		if rcode != rrw.Rcode {
-			t.Fatalf("ServeDNS return value for host %s has rcode %d that does not match captured rcode %d", testcase.host, rcode, rrw.Rcode)
-		}
-		A, ok := rrw.Msg.Answer[0].(*dns.A)
-		if !ok {
-			t.Fatalf("Host %s expected to have result A", testcase.host)
-		}
-		ip := net.IPv4(127, 0, 0, 1)
-		filtered := ip.Equal(A.A)
-		if testcase.filtered && testcase.filtered != filtered {
-			t.Fatalf("Host %s expected to be filtered, instead it is not filtered", testcase.host)
-		}
-		if !testcase.filtered && testcase.filtered != filtered {
-			t.Fatalf("Host %s expected to be not filtered, instead it is filtered", testcase.host)
-		}
-	}
-}
-
-func zeroTTLBackend() plugin.Handler {
-	return plugin.HandlerFunc(func(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
-		m := new(dns.Msg)
-		m.SetReply(r)
-		m.Response, m.RecursionAvailable = true, true
-
-		m.Answer = []dns.RR{test.A("example.org. 0 IN A 127.0.0.53")}
-		w.WriteMsg(m)
-		return dns.RcodeSuccess, nil
-	})
-}
--- a/coredns_plugin/ratelimit/ratelimit.go
+++ b/coredns_plugin/ratelimit/ratelimit.go
@@ -1,138 +0,0 @@
-package ratelimit
-
-import (
-	"errors"
-	"log"
-	"strconv"
-	"time"
-
-	// ratelimiting and per-ip buckets
-	"github.com/beefsack/go-rate"
-	"github.com/patrickmn/go-cache"
-
-	// coredns plugin
-	"github.com/coredns/coredns/core/dnsserver"
-	"github.com/coredns/coredns/plugin"
-	"github.com/coredns/coredns/plugin/metrics"
-	"github.com/coredns/coredns/request"
-	"github.com/mholt/caddy"
-	"github.com/miekg/dns"
-	"github.com/prometheus/client_golang/prometheus"
-	"golang.org/x/net/context"
-)
-
-const defaultRatelimit = 100
-const defaultMaxRateLimitedIPs = 1024 * 1024
-
-var (
-	tokenBuckets = cache.New(time.Hour, time.Hour)
-)
-
-// ServeDNS handles the DNS request and refuses if it's an beyind specified ratelimit
-func (p *plug) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
-	state := request.Request{W: w, Req: r}
-	ip := state.IP()
-	allow, err := p.allowRequest(ip)
-	if err != nil {
-		return 0, err
-	}
-	if !allow {
-		ratelimited.Inc()
-		return 0, nil
-	}
-	return plugin.NextOrFailure(p.Name(), p.Next, ctx, w, r)
-}
-
-func (p *plug) allowRequest(ip string) (bool, error) {
-	if _, found := tokenBuckets.Get(ip); !found {
-		tokenBuckets.Set(ip, rate.New(p.ratelimit, time.Second), time.Hour)
-	}
-
-	value, found := tokenBuckets.Get(ip)
-	if !found {
-		// should not happen since we've just inserted it
-		text := "SHOULD NOT HAPPEN: just-inserted ratelimiter disappeared"
-		log.Println(text)
-		err := errors.New(text)
-		return true, err
-	}
-
-	rl, ok := value.(*rate.RateLimiter)
-	if !ok {
-		text := "SHOULD NOT HAPPEN: non-bool entry found in safebrowsing lookup cache"
-		log.Println(text)
-		err := errors.New(text)
-		return true, err
-	}
-
-	allow, _ := rl.Try()
-	return allow, nil
-}
-
-//
-// helper functions
-//
-func init() {
-	caddy.RegisterPlugin("ratelimit", caddy.Plugin{
-		ServerType: "dns",
-		Action:     setup,
-	})
-}
-
-type plug struct {
-	Next plugin.Handler
-
-	// configuration for creating above
-	ratelimit int // in requests per second per IP
-}
-
-func setup(c *caddy.Controller) error {
-	p := &plug{ratelimit: defaultRatelimit}
-	config := dnsserver.GetConfig(c)
-
-	for c.Next() {
-		args := c.RemainingArgs()
-		if len(args) <= 0 {
-			continue
-		}
-		ratelimit, err := strconv.Atoi(args[0])
-		if err != nil {
-			return c.ArgErr()
-		}
-		p.ratelimit = ratelimit
-	}
-
-	config.AddPlugin(func(next plugin.Handler) plugin.Handler {
-		p.Next = next
-		return p
-	})
-
-	c.OnStartup(func() error {
-		m := dnsserver.GetConfig(c).Handler("prometheus")
-		if m == nil {
-			return nil
-		}
-		if x, ok := m.(*metrics.Metrics); ok {
-			x.MustRegister(ratelimited)
-		}
-		return nil
-	})
-
-	return nil
-}
-
-func newDNSCounter(name string, help string) prometheus.Counter {
-	return prometheus.NewCounter(prometheus.CounterOpts{
-		Namespace: plugin.Namespace,
-		Subsystem: "ratelimit",
-		Name:      name,
-		Help:      help,
-	})
-}
-
-var (
-	ratelimited = newDNSCounter("dropped_total", "Count of requests that have been dropped because of rate limit")
-)
-
-// Name returns name of the plugin as seen in Corefile and plugin.cfg
-func (p *plug) Name() string { return "ratelimit" }
--- a/coredns_plugin/refuseany/refuseany.go
+++ b/coredns_plugin/refuseany/refuseany.go
@@ -1,93 +0,0 @@
-package refuseany
-
-import (
-	"fmt"
-	"log"
-
-	"github.com/coredns/coredns/core/dnsserver"
-	"github.com/coredns/coredns/plugin"
-	"github.com/coredns/coredns/plugin/metrics"
-	"github.com/coredns/coredns/request"
-	"github.com/mholt/caddy"
-	"github.com/miekg/dns"
-	"github.com/prometheus/client_golang/prometheus"
-	"golang.org/x/net/context"
-)
-
-type plug struct {
-	Next plugin.Handler
-}
-
-// ServeDNS handles the DNS request and refuses if it's an ANY request
-func (p *plug) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
-	if len(r.Question) != 1 {
-		// google DNS, bind and others do the same
-		return dns.RcodeFormatError, fmt.Errorf("Got DNS request with != 1 questions")
-	}
-
-	q := r.Question[0]
-	if q.Qtype == dns.TypeANY {
-		log.Printf("Got request with type ANY, will respond with NOTIMP\n")
-
-		state := request.Request{W: w, Req: r, Context: ctx}
-		rcode := dns.RcodeNotImplemented
-
-		m := new(dns.Msg)
-		m.SetRcode(r, rcode)
-		state.SizeAndDo(m)
-		err := state.W.WriteMsg(m)
-		if err != nil {
-			log.Printf("Got error %s\n", err)
-			return dns.RcodeServerFailure, err
-		}
-		return rcode, nil
-	}
-
-	return plugin.NextOrFailure(p.Name(), p.Next, ctx, w, r)
-}
-
-func init() {
-	caddy.RegisterPlugin("refuseany", caddy.Plugin{
-		ServerType: "dns",
-		Action:     setup,
-	})
-}
-
-func setup(c *caddy.Controller) error {
-	p := &plug{}
-	config := dnsserver.GetConfig(c)
-
-	config.AddPlugin(func(next plugin.Handler) plugin.Handler {
-		p.Next = next
-		return p
-	})
-
-	c.OnStartup(func() error {
-		m := dnsserver.GetConfig(c).Handler("prometheus")
-		if m == nil {
-			return nil
-		}
-		if x, ok := m.(*metrics.Metrics); ok {
-			x.MustRegister(ratelimited)
-		}
-		return nil
-	})
-
-	return nil
-}
-
-func newDNSCounter(name string, help string) prometheus.Counter {
-	return prometheus.NewCounter(prometheus.CounterOpts{
-		Namespace: plugin.Namespace,
-		Subsystem: "refuseany",
-		Name:      name,
-		Help:      help,
-	})
-}
-
-var (
-	ratelimited = newDNSCounter("refusedany_total", "Count of ANY requests that have been dropped")
-)
-
-// Name returns name of the plugin as seen in Corefile and plugin.cfg
-func (p *plug) Name() string { return "refuseany" }
--- a/coredns_plugin/reload.go
+++ b/coredns_plugin/reload.go
@@ -1,36 +0,0 @@
-package dnsfilter
-
-import (
-	"log"
-
-	"github.com/mholt/caddy"
-)
-
-var Reload = make(chan bool)
-
-func hook(event caddy.EventName, info interface{}) error {
-	if event != caddy.InstanceStartupEvent {
-		return nil
-	}
-
-	// this should be an instance. ok to panic if not
-	instance := info.(*caddy.Instance)
-
-	go func() {
-		for range Reload {
-			corefile, err := caddy.LoadCaddyfile(instance.Caddyfile().ServerType())
-			if err != nil {
-				continue
-			}
-			_, err = instance.Restart(corefile)
-			if err != nil {
-				log.Printf("Corefile changed but reload failed: %s", err)
-				continue
-			}
-			// hook will be called again from new instance
-			return
-		}
-	}()
-
-	return nil
-}
--- a/dhcp.go
+++ b/dhcp.go
@@ -0,0 +1,169 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/AdguardTeam/AdGuardHome/dhcpd"
+	"github.com/hmage/golibs/log"
+	"github.com/joomcode/errorx"
+)
+
+var dhcpServer = dhcpd.Server{}
+
+func handleDHCPStatus(w http.ResponseWriter, r *http.Request) {
+	rawLeases := dhcpServer.Leases()
+	leases := []map[string]string{}
+	for i := range rawLeases {
+		lease := map[string]string{
+			"mac":      rawLeases[i].HWAddr.String(),
+			"ip":       rawLeases[i].IP.String(),
+			"hostname": rawLeases[i].Hostname,
+			"expires":  rawLeases[i].Expiry.Format(time.RFC3339),
+		}
+		leases = append(leases, lease)
+
+	}
+	status := map[string]interface{}{
+		"config": config.DHCP,
+		"leases": leases,
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	err := json.NewEncoder(w).Encode(status)
+	if err != nil {
+		httpError(w, http.StatusInternalServerError, "Unable to marshal DHCP status json: %s", err)
+		return
+	}
+}
+
+func handleDHCPSetConfig(w http.ResponseWriter, r *http.Request) {
+	newconfig := dhcpd.ServerConfig{}
+	err := json.NewDecoder(r.Body).Decode(&newconfig)
+	if err != nil {
+		httpError(w, http.StatusBadRequest, "Failed to parse new DHCP config json: %s", err)
+		return
+	}
+
+	if newconfig.Enabled {
+		err := dhcpServer.Start(&newconfig)
+		if err != nil {
+			httpError(w, http.StatusBadRequest, "Failed to start DHCP server: %s", err)
+			return
+		}
+	}
+	if !newconfig.Enabled {
+		dhcpServer.Stop()
+	}
+	config.DHCP = newconfig
+	httpUpdateConfigReloadDNSReturnOK(w, r)
+}
+
+func handleDHCPInterfaces(w http.ResponseWriter, r *http.Request) {
+	response := map[string]interface{}{}
+
+	ifaces, err := net.Interfaces()
+	if err != nil {
+		httpError(w, http.StatusInternalServerError, "Couldn't get list of interfaces: %s", err)
+		return
+	}
+
+	type address struct {
+		IP      string
+		Netmask string
+	}
+
+	type responseInterface struct {
+		Name         string   `json:"name"`
+		MTU          int      `json:"mtu"`
+		HardwareAddr string   `json:"hardware_address"`
+		Addresses    []string `json:"ip_addresses"`
+	}
+
+	for i := range ifaces {
+		if ifaces[i].Flags&net.FlagLoopback != 0 {
+			// it's a loopback, skip it
+			continue
+		}
+		if ifaces[i].Flags&net.FlagBroadcast == 0 {
+			// this interface doesn't support broadcast, skip it
+			continue
+		}
+		if ifaces[i].Flags&net.FlagPointToPoint != 0 {
+			// this interface is ppp, don't do dhcp over it
+			continue
+		}
+		iface := responseInterface{
+			Name:         ifaces[i].Name,
+			MTU:          ifaces[i].MTU,
+			HardwareAddr: ifaces[i].HardwareAddr.String(),
+		}
+		addrs, err := ifaces[i].Addrs()
+		if err != nil {
+			httpError(w, http.StatusInternalServerError, "Failed to get addresses for interface %v: %s", ifaces[i].Name, err)
+			return
+		}
+		for _, addr := range addrs {
+			iface.Addresses = append(iface.Addresses, addr.String())
+		}
+		if len(iface.Addresses) == 0 {
+			// this interface has no addresses, skip it
+			continue
+		}
+		response[ifaces[i].Name] = iface
+	}
+
+	err = json.NewEncoder(w).Encode(response)
+	if err != nil {
+		httpError(w, http.StatusInternalServerError, "Failed to marshal json with available interfaces: %s", err)
+		return
+	}
+}
+
+func handleDHCPFindActiveServer(w http.ResponseWriter, r *http.Request) {
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		errorText := fmt.Sprintf("failed to read request body: %s", err)
+		log.Println(errorText)
+		http.Error(w, errorText, http.StatusBadRequest)
+		return
+	}
+
+	interfaceName := strings.TrimSpace(string(body))
+	if interfaceName == "" {
+		errorText := fmt.Sprintf("empty interface name specified")
+		log.Println(errorText)
+		http.Error(w, errorText, http.StatusBadRequest)
+		return
+	}
+	found, err := dhcpd.CheckIfOtherDHCPServersPresent(interfaceName)
+	result := map[string]interface{}{}
+	if err != nil {
+		result["error"] = err.Error()
+	} else {
+		result["found"] = found
+	}
+	w.Header().Set("Content-Type", "application/json")
+	err = json.NewEncoder(w).Encode(result)
+	if err != nil {
+		httpError(w, http.StatusInternalServerError, "Failed to marshal DHCP found json: %s", err)
+		return
+	}
+}
+
+func startDHCPServer() error {
+	if config.DHCP.Enabled == false {
+		// not enabled, don't do anything
+		return nil
+	}
+	err := dhcpServer.Start(&config.DHCP)
+	if err != nil {
+		return errorx.Decorate(err, "Couldn't start DHCP server")
+	}
+	return nil
+}
--- a/dhcpd/check_other_dhcp.go
+++ b/dhcpd/check_other_dhcp.go
@@ -0,0 +1,144 @@
+package dhcpd
+
+import (
+	"crypto/rand"
+	"encoding/binary"
+	"fmt"
+	"math"
+	"net"
+	"os"
+	"time"
+
+	"github.com/hmage/golibs/log"
+	"github.com/krolaw/dhcp4"
+)
+
+func CheckIfOtherDHCPServersPresent(ifaceName string) (bool, error) {
+	iface, err := net.InterfaceByName(ifaceName)
+	if err != nil {
+		return false, wrapErrPrint(err, "Couldn't find interface by name %s", ifaceName)
+	}
+
+	// get ipv4 address of an interface
+	ifaceIPNet := getIfaceIPv4(iface)
+	if ifaceIPNet == nil {
+		return false, fmt.Errorf("Couldn't find IPv4 address of interface %s %+v", ifaceName, iface)
+	}
+
+	srcIP := ifaceIPNet.IP
+	src := net.JoinHostPort(srcIP.String(), "68")
+	dst := "255.255.255.255:67"
+
+	// form a DHCP request packet, try to emulate existing client as much as possible
+	xId := make([]byte, 8)
+	n, err := rand.Read(xId)
+	if n != 8 && err == nil {
+		err = fmt.Errorf("Generated less than 8 bytes")
+	}
+	if err != nil {
+		return false, wrapErrPrint(err, "Couldn't generate 8 random bytes")
+	}
+	hostname, err := os.Hostname()
+	if err != nil {
+		return false, wrapErrPrint(err, "Couldn't get hostname")
+	}
+	requestList := []byte{
+		byte(dhcp4.OptionSubnetMask),
+		byte(dhcp4.OptionClasslessRouteFormat),
+		byte(dhcp4.OptionRouter),
+		byte(dhcp4.OptionDomainNameServer),
+		byte(dhcp4.OptionDomainName),
+		byte(dhcp4.OptionDomainSearch),
+		252, // private/proxy autodiscovery
+		95,  // LDAP
+		byte(dhcp4.OptionNetBIOSOverTCPIPNameServer),
+		byte(dhcp4.OptionNetBIOSOverTCPIPNodeType),
+	}
+	maxUDPsizeRaw := make([]byte, 2)
+	binary.BigEndian.PutUint16(maxUDPsizeRaw, 1500)
+	leaseTimeRaw := make([]byte, 4)
+	leaseTime := uint32(math.RoundToEven(time.Duration(time.Hour * 24 * 90).Seconds()))
+	binary.BigEndian.PutUint32(leaseTimeRaw, leaseTime)
+	options := []dhcp4.Option{
+		{dhcp4.OptionParameterRequestList, requestList},
+		{dhcp4.OptionMaximumDHCPMessageSize, maxUDPsizeRaw},
+		{dhcp4.OptionClientIdentifier, append([]byte{0x01}, iface.HardwareAddr...)},
+		{dhcp4.OptionIPAddressLeaseTime, leaseTimeRaw},
+		{dhcp4.OptionHostName, []byte(hostname)},
+	}
+	packet := dhcp4.RequestPacket(dhcp4.Discover, iface.HardwareAddr, nil, xId, false, options)
+
+	// resolve 0.0.0.0:68
+	udpAddr, err := net.ResolveUDPAddr("udp4", src)
+	if err != nil {
+		return false, wrapErrPrint(err, "Couldn't resolve UDP address %s", src)
+	}
+	// spew.Dump(udpAddr, err)
+
+	if !udpAddr.IP.To4().Equal(srcIP) {
+		return false, wrapErrPrint(err, "Resolved UDP address is not %s", src)
+	}
+
+	// resolve 255.255.255.255:67
+	dstAddr, err := net.ResolveUDPAddr("udp4", dst)
+	if err != nil {
+		return false, wrapErrPrint(err, "Couldn't resolve UDP address %s", dst)
+	}
+
+	// bind to 0.0.0.0:68
+	log.Tracef("Listening to udp4 %+v", udpAddr)
+	c, err := net.ListenPacket("udp4", src)
+	if c != nil {
+		defer c.Close()
+	}
+	// spew.Dump(c, err)
+	// spew.Printf("net.ListenUDP returned %v, %v\n", c, err)
+	if err != nil {
+		return false, wrapErrPrint(err, "Couldn't listen to %s", src)
+	}
+
+	// send to 255.255.255.255:67
+	n, err = c.WriteTo(packet, dstAddr)
+	// spew.Dump(n, err)
+	if err != nil {
+		return false, wrapErrPrint(err, "Couldn't send a packet to %s", dst)
+	}
+
+	// wait for answer
+	log.Tracef("Waiting %v for an answer", defaultDiscoverTime)
+	// TODO: replicate dhclient's behaviour of retrying several times with progressively bigger timeouts
+	b := make([]byte, 1500)
+	c.SetReadDeadline(time.Now().Add(defaultDiscoverTime))
+	n, _, err = c.ReadFrom(b)
+	if isTimeout(err) {
+		// timed out -- no DHCP servers
+		return false, nil
+	}
+	if err != nil {
+		return false, wrapErrPrint(err, "Couldn't receive packet")
+	}
+	if n > 0 {
+		b = b[:n]
+	}
+	// spew.Dump(n, fromAddr, err, b)
+
+	if n < 240 {
+		// packet too small for dhcp
+		return false, wrapErrPrint(err, "got packet that's too small for DHCP")
+	}
+
+	response := dhcp4.Packet(b[:n])
+	if response.HLen() > 16 {
+		// invalid size
+		return false, wrapErrPrint(err, "got malformed packet with HLen() > 16")
+	}
+
+	parsedOptions := response.ParseOptions()
+	_, ok := parsedOptions[dhcp4.OptionDHCPMessageType]
+	if !ok {
+		return false, wrapErrPrint(err, "got malformed packet without DHCP message type")
+	}
+
+	// that's a DHCP server there
+	return true, nil
+}
--- a/dhcpd/dhcpd.go
+++ b/dhcpd/dhcpd.go
@@ -0,0 +1,398 @@
+package dhcpd
+
+import (
+	"bytes"
+	"fmt"
+	"net"
+	"sync"
+	"time"
+
+	"github.com/hmage/golibs/log"
+	"github.com/krolaw/dhcp4"
+)
+
+const defaultDiscoverTime = time.Second * 3
+
+// field ordering is important -- yaml fields will mirror ordering from here
+type Lease struct {
+	HWAddr   net.HardwareAddr `json:"mac" yaml:"hwaddr"`
+	IP       net.IP           `json:"ip"`
+	Hostname string           `json:"hostname"`
+	Expiry   time.Time        `json:"expires"`
+}
+
+// field ordering is important -- yaml fields will mirror ordering from here
+type ServerConfig struct {
+	Enabled       bool   `json:"enabled" yaml:"enabled"`
+	InterfaceName string `json:"interface_name" yaml:"interface_name"` // eth0, en0 and so on
+	GatewayIP     string `json:"gateway_ip" yaml:"gateway_ip"`
+	SubnetMask    string `json:"subnet_mask" yaml:"subnet_mask"`
+	RangeStart    string `json:"range_start" yaml:"range_start"`
+	RangeEnd      string `json:"range_end" yaml:"range_end"`
+	LeaseDuration uint   `json:"lease_duration" yaml:"lease_duration"` // in seconds
+}
+
+type Server struct {
+	conn *filterConn // listening UDP socket
+
+	ipnet *net.IPNet // if interface name changes, this needs to be reset
+
+	// leases
+	leases       []*Lease
+	leaseStart   net.IP        // parsed from config RangeStart
+	leaseStop    net.IP        // parsed from config RangeEnd
+	leaseTime    time.Duration // parsed from config LeaseDuration
+	leaseOptions dhcp4.Options // parsed from config GatewayIP and SubnetMask
+
+	// IP address pool -- if entry is in the pool, then it's attached to a lease
+	IPpool map[[4]byte]net.HardwareAddr
+
+	ServerConfig
+	sync.RWMutex
+}
+
+// Start will listen on port 67 and serve DHCP requests.
+// Even though config can be nil, it is not optional (at least for now), since there are no default values (yet).
+func (s *Server) Start(config *ServerConfig) error {
+	if config != nil {
+		s.ServerConfig = *config
+	}
+
+	iface, err := net.InterfaceByName(s.InterfaceName)
+	if err != nil {
+		s.closeConn() // in case it was already started
+		return wrapErrPrint(err, "Couldn't find interface by name %s", s.InterfaceName)
+	}
+
+	// get ipv4 address of an interface
+	s.ipnet = getIfaceIPv4(iface)
+	if s.ipnet == nil {
+		s.closeConn() // in case it was already started
+		return wrapErrPrint(err, "Couldn't find IPv4 address of interface %s %+v", s.InterfaceName, iface)
+	}
+
+	if s.LeaseDuration == 0 {
+		s.leaseTime = time.Hour * 2
+		s.LeaseDuration = uint(s.leaseTime.Seconds())
+	} else {
+		s.leaseTime = time.Second * time.Duration(s.LeaseDuration)
+	}
+
+	s.leaseStart, err = parseIPv4(s.RangeStart)
+	if err != nil {
+		s.closeConn() // in case it was already started
+		return wrapErrPrint(err, "Failed to parse range start address %s", s.RangeStart)
+	}
+
+	s.leaseStop, err = parseIPv4(s.RangeEnd)
+	if err != nil {
+		s.closeConn() // in case it was already started
+		return wrapErrPrint(err, "Failed to parse range end address %s", s.RangeEnd)
+	}
+
+	subnet, err := parseIPv4(s.SubnetMask)
+	if err != nil {
+		s.closeConn() // in case it was already started
+		return wrapErrPrint(err, "Failed to parse subnet mask %s", s.SubnetMask)
+	}
+
+	// if !bytes.Equal(subnet, s.ipnet.Mask) {
+	// 	s.closeConn() // in case it was already started
+	// 	return wrapErrPrint(err, "specified subnet mask %s does not meatch interface %s subnet mask %s", s.SubnetMask, s.InterfaceName, s.ipnet.Mask)
+	// }
+
+	router, err := parseIPv4(s.GatewayIP)
+	if err != nil {
+		s.closeConn() // in case it was already started
+		return wrapErrPrint(err, "Failed to parse gateway IP %s", s.GatewayIP)
+	}
+
+	s.leaseOptions = dhcp4.Options{
+		dhcp4.OptionSubnetMask:       subnet,
+		dhcp4.OptionRouter:           router,
+		dhcp4.OptionDomainNameServer: s.ipnet.IP,
+	}
+
+	// TODO: don't close if interface and addresses are the same
+	if s.conn != nil {
+		s.closeConn()
+	}
+
+	c, err := newFilterConn(*iface, ":67") // it has to be bound to 0.0.0.0:67, otherwise it won't see DHCP discover/request packets
+	if err != nil {
+		return wrapErrPrint(err, "Couldn't start listening socket on 0.0.0.0:67")
+	}
+
+	s.conn = c
+
+	go func() {
+		// operate on c instead of c.conn because c.conn can change over time
+		err := dhcp4.Serve(c, s)
+		if err != nil {
+			log.Printf("dhcp4.Serve() returned with error: %s", err)
+		}
+		c.Close() // in case Serve() exits for other reason than listening socket closure
+	}()
+
+	return nil
+}
+
+func (s *Server) Stop() error {
+	if s.conn == nil {
+		// nothing to do, return silently
+		return nil
+	}
+	err := s.closeConn()
+	if err != nil {
+		return wrapErrPrint(err, "Couldn't close UDP listening socket")
+	}
+
+	return nil
+}
+
+// closeConn will close the connection and set it to zero
+func (s *Server) closeConn() error {
+	if s.conn == nil {
+		return nil
+	}
+	err := s.conn.Close()
+	s.conn = nil
+	return err
+}
+
+func (s *Server) reserveLease(p dhcp4.Packet) (*Lease, error) {
+	// WARNING: do not remove copy()
+	// the given hwaddr by p.CHAddr() in the packet survives only during ServeDHCP() call
+	// since we need to retain it we need to make our own copy
+	hwaddrCOW := p.CHAddr()
+	hwaddr := make(net.HardwareAddr, len(hwaddrCOW))
+	copy(hwaddr, hwaddrCOW)
+	foundLease := s.locateLease(p)
+	if foundLease != nil {
+		// log.Tracef("found lease for %s: %+v", hwaddr, foundLease)
+		return foundLease, nil
+	}
+	// not assigned a lease, create new one, find IP from LRU
+	log.Tracef("Lease not found for %s: creating new one", hwaddr)
+	ip, err := s.findFreeIP(p, hwaddr)
+	if err != nil {
+		return nil, wrapErrPrint(err, "Couldn't find free IP for the lease %s", hwaddr.String())
+	}
+	log.Tracef("Assigning to %s IP address %s", hwaddr, ip.String())
+	hostname := p.ParseOptions()[dhcp4.OptionHostName]
+	lease := &Lease{HWAddr: hwaddr, IP: ip, Hostname: string(hostname)}
+	s.Lock()
+	s.leases = append(s.leases, lease)
+	s.Unlock()
+	return lease, nil
+}
+
+func (s *Server) locateLease(p dhcp4.Packet) *Lease {
+	hwaddr := p.CHAddr()
+	for i := range s.leases {
+		if bytes.Equal([]byte(hwaddr), []byte(s.leases[i].HWAddr)) {
+			// log.Tracef("bytes.Equal(%s, %s) returned true", hwaddr, s.leases[i].hwaddr)
+			return s.leases[i]
+		}
+	}
+	return nil
+}
+
+func (s *Server) findFreeIP(p dhcp4.Packet, hwaddr net.HardwareAddr) (net.IP, error) {
+	// if IP pool is nil, lazy initialize it
+	if s.IPpool == nil {
+		s.IPpool = make(map[[4]byte]net.HardwareAddr)
+	}
+
+	// go from start to end, find unreserved IP
+	var foundIP net.IP
+	for i := 0; i < dhcp4.IPRange(s.leaseStart, s.leaseStop); i++ {
+		newIP := dhcp4.IPAdd(s.leaseStart, i)
+		foundHWaddr := s.getIPpool(newIP)
+		log.Tracef("tried IP %v, got hwaddr %v", newIP, foundHWaddr)
+		if foundHWaddr != nil && len(foundHWaddr) != 0 {
+			// if !bytes.Equal(foundHWaddr, hwaddr) {
+			// 	log.Tracef("SHOULD NOT HAPPEN: hwaddr in IP pool %s is not equal to hwaddr in lease %s", foundHWaddr, hwaddr)
+			// }
+			log.Tracef("will try again")
+			continue
+		}
+		foundIP = newIP
+		break
+	}
+
+	if foundIP == nil {
+		// TODO: LRU
+		return nil, fmt.Errorf("Couldn't find free entry in IP pool")
+	}
+
+	s.reserveIP(foundIP, hwaddr)
+
+	return foundIP, nil
+}
+
+func (s *Server) getIPpool(ip net.IP) net.HardwareAddr {
+	rawIP := []byte(ip)
+	IP4 := [4]byte{rawIP[0], rawIP[1], rawIP[2], rawIP[3]}
+	return s.IPpool[IP4]
+}
+
+func (s *Server) reserveIP(ip net.IP, hwaddr net.HardwareAddr) {
+	rawIP := []byte(ip)
+	IP4 := [4]byte{rawIP[0], rawIP[1], rawIP[2], rawIP[3]}
+	s.IPpool[IP4] = hwaddr
+}
+
+func (s *Server) unreserveIP(ip net.IP) {
+	rawIP := []byte(ip)
+	IP4 := [4]byte{rawIP[0], rawIP[1], rawIP[2], rawIP[3]}
+	delete(s.IPpool, IP4)
+}
+
+func (s *Server) ServeDHCP(p dhcp4.Packet, msgType dhcp4.MessageType, options dhcp4.Options) dhcp4.Packet {
+	log.Tracef("Got %v message", msgType)
+	log.Tracef("Leases:")
+	for i, lease := range s.leases {
+		log.Tracef("Lease #%d: hwaddr %s, ip %s, expiry %s", i, lease.HWAddr, lease.IP, lease.Expiry)
+	}
+	log.Tracef("IP pool:")
+	for ip, hwaddr := range s.IPpool {
+		log.Tracef("IP pool entry %s -> %s", net.IPv4(ip[0], ip[1], ip[2], ip[3]), hwaddr)
+	}
+	// spew.Dump(s.leases, s.IPpool)
+	// log.Printf("Called with msgType = %v, options = %+v", msgType, options)
+	// spew.Dump(p)
+	// log.Printf("%14s %v", "p.Broadcast", p.Broadcast())       // false
+	// log.Printf("%14s %v", "p.CHAddr", p.CHAddr())             // 2c:f0:a2:f2:31:00
+	// log.Printf("%14s %v", "p.CIAddr", p.CIAddr())             // 0.0.0.0
+	// log.Printf("%14s %v", "p.Cookie", p.Cookie())             // [99 130 83 99]
+	// log.Printf("%14s %v", "p.File", p.File())                 // []
+	// log.Printf("%14s %v", "p.Flags", p.Flags())               // [0 0]
+	// log.Printf("%14s %v", "p.GIAddr", p.GIAddr())             // 0.0.0.0
+	// log.Printf("%14s %v", "p.HLen", p.HLen())                 // 6
+	// log.Printf("%14s %v", "p.HType", p.HType())               // 1
+	// log.Printf("%14s %v", "p.Hops", p.Hops())                 // 0
+	// log.Printf("%14s %v", "p.OpCode", p.OpCode())             // BootRequest
+	// log.Printf("%14s %v", "p.Options", p.Options())           // [53 1 1 55 10 1 121 3 6 15 119 252 95 44 46 57 2 5 220 61 7 1 44 240 162 242 49 0 51 4 0 118 167 0 12 4 119 104 109 100 255 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0]
+	// log.Printf("%14s %v", "p.ParseOptions", p.ParseOptions()) // map[OptionParameterRequestList:[1 121 3 6 15 119 252 95 44 46] OptionDHCPMessageType:[1] OptionMaximumDHCPMessageSize:[5 220] OptionClientIdentifier:[1 44 240 162 242 49 0] OptionIPAddressLeaseTime:[0 118 167 0] OptionHostName:[119 104 109 100]]
+	// log.Printf("%14s %v", "p.SIAddr", p.SIAddr())             // 0.0.0.0
+	// log.Printf("%14s %v", "p.SName", p.SName())               // []
+	// log.Printf("%14s %v", "p.Secs", p.Secs())                 // [0 8]
+	// log.Printf("%14s %v", "p.XId", p.XId())                   // [211 184 20 44]
+	// log.Printf("%14s %v", "p.YIAddr", p.YIAddr())             // 0.0.0.0
+
+	switch msgType {
+	case dhcp4.Discover: // Broadcast Packet From Client - Can I have an IP?
+		// find a lease, but don't update lease time
+		log.Tracef("Got from client: Discover")
+		lease, err := s.reserveLease(p)
+		if err != nil {
+			log.Tracef("Couldn't find free lease: %s", err)
+			// couldn't find lease, don't respond
+			return nil
+		}
+		reply := dhcp4.ReplyPacket(p, dhcp4.Offer, s.ipnet.IP, lease.IP, s.leaseTime, s.leaseOptions.SelectOrderOrAll(options[dhcp4.OptionParameterRequestList]))
+		log.Tracef("Replying with offer: offered IP %v for %v with options %+v", lease.IP, s.leaseTime, reply.ParseOptions())
+		return reply
+	case dhcp4.Request: // Broadcast From Client - I'll take that IP (Also start for renewals)
+		// start/renew a lease -- update lease time
+		// some clients (OSX) just go right ahead and do Request first from previously known IP, if they get NAK, they restart full cycle with Discover then Request
+		log.Tracef("Got from client: Request")
+		if server, ok := options[dhcp4.OptionServerIdentifier]; ok && !net.IP(server).Equal(s.ipnet.IP) {
+			log.Tracef("Request message not for this DHCP server (%v vs %v)", server, s.ipnet.IP)
+			return nil // Message not for this dhcp server
+		}
+
+		reqIP := net.IP(options[dhcp4.OptionRequestedIPAddress])
+		if reqIP == nil {
+			reqIP = net.IP(p.CIAddr())
+		}
+
+		if reqIP.To4() == nil {
+			log.Tracef("Replying with NAK: request IP isn't valid IPv4: %s", reqIP)
+			return dhcp4.ReplyPacket(p, dhcp4.NAK, s.ipnet.IP, nil, 0, nil)
+		}
+
+		if reqIP.Equal(net.IPv4zero) {
+			log.Tracef("Replying with NAK: request IP is 0.0.0.0")
+			return dhcp4.ReplyPacket(p, dhcp4.NAK, s.ipnet.IP, nil, 0, nil)
+		}
+
+		log.Tracef("requested IP is %s", reqIP)
+		lease, err := s.reserveLease(p)
+		if err != nil {
+			log.Tracef("Couldn't find free lease: %s", err)
+			// couldn't find lease, don't respond
+			return nil
+		}
+
+		if lease.IP.Equal(reqIP) {
+			// IP matches lease IP, nothing else to do
+			lease.Expiry = time.Now().Add(s.leaseTime)
+			log.Tracef("Replying with ACK: request IP matches lease IP, nothing else to do. IP %v for %v", lease.IP, p.CHAddr())
+			return dhcp4.ReplyPacket(p, dhcp4.ACK, s.ipnet.IP, lease.IP, s.leaseTime, s.leaseOptions.SelectOrderOrAll(options[dhcp4.OptionParameterRequestList]))
+		}
+
+		//
+		// requested IP different from lease
+		//
+
+		log.Tracef("lease IP is different from requested IP: %s vs %s", lease.IP, reqIP)
+
+		hwaddr := s.getIPpool(reqIP)
+		if hwaddr == nil {
+			// not in pool, check if it's in DHCP range
+			if dhcp4.IPInRange(s.leaseStart, s.leaseStop, reqIP) {
+				// okay, we can give it to our client -- it's in our DHCP range and not taken, so let them use their IP
+				log.Tracef("Replying with ACK: request IP %v is not taken, so assigning lease IP %v to it, for %v", reqIP, lease.IP, p.CHAddr())
+				s.unreserveIP(lease.IP)
+				lease.IP = reqIP
+				s.reserveIP(reqIP, p.CHAddr())
+				lease.Expiry = time.Now().Add(s.leaseTime)
+				return dhcp4.ReplyPacket(p, dhcp4.ACK, s.ipnet.IP, lease.IP, s.leaseTime, s.leaseOptions.SelectOrderOrAll(options[dhcp4.OptionParameterRequestList]))
+			}
+		}
+
+		if hwaddr != nil && !bytes.Equal(hwaddr, lease.HWAddr) {
+			log.Printf("SHOULD NOT HAPPEN: IP pool hwaddr does not match lease hwaddr: %s vs %s", hwaddr, lease.HWAddr)
+		}
+
+		// requsted IP is not sufficient, reply with NAK
+		if hwaddr != nil {
+			log.Tracef("Replying with NAK: request IP %s is taken, asked by %v", reqIP, p.CHAddr())
+			return dhcp4.ReplyPacket(p, dhcp4.NAK, s.ipnet.IP, nil, 0, nil)
+		}
+
+		// requested IP is outside of DHCP range
+		log.Tracef("Replying with NAK: request IP %s is outside of DHCP range [%s, %s], asked by %v", reqIP, s.leaseStart, s.leaseStop, p.CHAddr())
+		return dhcp4.ReplyPacket(p, dhcp4.NAK, s.ipnet.IP, nil, 0, nil)
+	case dhcp4.Decline: // Broadcast From Client - Sorry I can't use that IP
+		log.Tracef("Got from client: Decline")
+
+	case dhcp4.Release: // From Client, I don't need that IP anymore
+		log.Tracef("Got from client: Release")
+
+	case dhcp4.Inform: // From Client, I have this IP and there's nothing you can do about it
+		log.Tracef("Got from client: Inform")
+		// do nothing
+
+	// from server -- ignore those but enumerate just in case
+	case dhcp4.Offer: // Broadcast From Server - Here's an IP
+		log.Printf("SHOULD NOT HAPPEN -- FROM ANOTHER DHCP SERVER: Offer")
+	case dhcp4.ACK: // From Server, Yes you can have that IP
+		log.Printf("SHOULD NOT HAPPEN -- FROM ANOTHER DHCP SERVER: ACK")
+	case dhcp4.NAK: // From Server, No you cannot have that IP
+		log.Printf("SHOULD NOT HAPPEN -- FROM ANOTHER DHCP SERVER: NAK")
+	default:
+		log.Printf("Unknown DHCP packet detected, ignoring: %v", msgType)
+		return nil
+	}
+	return nil
+}
+
+func (s *Server) Leases() []*Lease {
+	s.RLock()
+	result := s.leases
+	s.RUnlock()
+	return result
+}
--- a/dhcpd/filter_conn.go
+++ b/dhcpd/filter_conn.go
@@ -0,0 +1,64 @@
+package dhcpd
+
+import (
+	"net"
+
+	"github.com/joomcode/errorx"
+	"golang.org/x/net/ipv4"
+)
+
+// filterConn listens to 0.0.0.0:67, but accepts packets only from specific interface
+// This is neccessary for DHCP daemon to work, since binding to IP address doesn't
+// us access to see Discover/Request packets from clients.
+//
+// TODO: on windows, controlmessage does not work, try to find out another way
+// https://github.com/golang/net/blob/master/ipv4/payload.go#L13
+type filterConn struct {
+	iface net.Interface
+	conn  *ipv4.PacketConn
+}
+
+func newFilterConn(iface net.Interface, address string) (*filterConn, error) {
+	c, err := net.ListenPacket("udp4", address)
+	if err != nil {
+		return nil, errorx.Decorate(err, "Couldn't listen to %s on UDP4", address)
+	}
+
+	p := ipv4.NewPacketConn(c)
+	err = p.SetControlMessage(ipv4.FlagInterface, true)
+	if err != nil {
+		c.Close()
+		return nil, errorx.Decorate(err, "Couldn't set control message FlagInterface on connection")
+	}
+
+	return &filterConn{iface: iface, conn: p}, nil
+}
+
+func (f *filterConn) ReadFrom(b []byte) (int, net.Addr, error) {
+	for { // read until we find a suitable packet
+		n, cm, addr, err := f.conn.ReadFrom(b)
+		if err != nil {
+			return 0, addr, errorx.Decorate(err, "Error when reading from socket")
+		}
+		if cm == nil {
+			// no controlmessage was passed, so pass the packet to the caller
+			return n, addr, nil
+		}
+		if cm.IfIndex == f.iface.Index {
+			return n, addr, nil
+		}
+		// packet doesn't match criteria, drop it
+	}
+	return 0, nil, nil
+}
+
+func (f *filterConn) WriteTo(b []byte, addr net.Addr) (int, error) {
+	cm := ipv4.ControlMessage{
+		IfIndex: f.iface.Index,
+	}
+	return f.conn.WriteTo(b, &cm, addr)
+}
+
+func (f *filterConn) Close() error {
+	return f.conn.Close()
+}
--- a/dhcpd/helpers.go
+++ b/dhcpd/helpers.go
@@ -0,0 +1,84 @@
+package dhcpd
+
+import (
+	"fmt"
+	"net"
+	"strings"
+
+	"github.com/hmage/golibs/log"
+	"github.com/joomcode/errorx"
+)
+
+func isTimeout(err error) bool {
+	operr, ok := err.(*net.OpError)
+	if !ok {
+		return false
+	}
+	return operr.Timeout()
+}
+
+// return first IPv4 address of an interface, if there is any
+func getIfaceIPv4(iface *net.Interface) *net.IPNet {
+	ifaceAddrs, err := iface.Addrs()
+	if err != nil {
+		panic(err)
+	}
+
+	for _, addr := range ifaceAddrs {
+		ipnet, ok := addr.(*net.IPNet)
+		if !ok {
+			// not an IPNet, should not happen
+			log.Fatalf("SHOULD NOT HAPPEN: got iface.Addrs() element %s that is not net.IPNet", addr)
+		}
+
+		if ipnet.IP.To4() == nil {
+			log.Printf("Got IP that is not IPv4: %v", ipnet.IP)
+			continue
+		}
+
+		log.Printf("Got IP that is IPv4: %v", ipnet.IP)
+		return &net.IPNet{
+			IP:   ipnet.IP.To4(),
+			Mask: ipnet.Mask,
+		}
+	}
+	return nil
+}
+
+func isConnClosed(err error) bool {
+	if err == nil {
+		return false
+	}
+	nerr, ok := err.(*net.OpError)
+	if !ok {
+		return false
+	}
+
+	if strings.Contains(nerr.Err.Error(), "use of closed network connection") {
+		return true
+	}
+
+	return false
+}
+
+func wrapErrPrint(err error, message string, args ...interface{}) error {
+	var errx error
+	if err == nil {
+		errx = fmt.Errorf(message, args...)
+	} else {
+		errx = errorx.Decorate(err, message, args...)
+	}
+	log.Println(errx.Error())
+	return errx
+}
+
+func parseIPv4(text string) (net.IP, error) {
+	result := net.ParseIP(text)
+	if result == nil {
+		return nil, fmt.Errorf("%s is not an IP address", text)
+	}
+	if result.To4() == nil {
+		return nil, fmt.Errorf("%s is not an IPv4 address", text)
+	}
+	return result.To4(), nil
+}
--- a/dhcpd/standalone/main.go
+++ b/dhcpd/standalone/main.go
@@ -0,0 +1,111 @@
+package main
+
+import (
+	"net"
+	"os"
+	"os/signal"
+	"syscall"
+	"time"
+
+	"github.com/AdguardTeam/AdGuardHome/dhcpd"
+	"github.com/hmage/golibs/log"
+	"github.com/krolaw/dhcp4"
+)
+
+func main() {
+	if len(os.Args) < 2 {
+		log.Printf("Usage: %s <interface name>", os.Args[0])
+		os.Exit(64)
+	}
+
+	ifaceName := os.Args[1]
+	present, err := dhcpd.CheckIfOtherDHCPServersPresent(ifaceName)
+	if err != nil {
+		panic(err)
+	}
+	log.Printf("Found DHCP server? %v", present)
+	if present {
+		log.Printf("Will not start DHCP server because there's already running one on the network")
+		os.Exit(1)
+	}
+
+	iface, err := net.InterfaceByName(ifaceName)
+	if err != nil {
+		panic(err)
+	}
+
+	// get ipv4 address of an interface
+	ifaceIPNet := getIfaceIPv4(iface)
+	if ifaceIPNet == nil {
+		panic(err)
+	}
+
+	// append 10 to server's IP address as start
+	start := dhcp4.IPAdd(ifaceIPNet.IP, 10)
+	// lease range is 100 IP's, but TODO: don't go beyond end of subnet mask
+	stop := dhcp4.IPAdd(start, 100)
+
+	server := dhcpd.Server{}
+	config := dhcpd.ServerConfig{
+		InterfaceName: ifaceName,
+		RangeStart:    start.String(),
+		RangeEnd:      stop.String(),
+		SubnetMask:    "255.255.255.0",
+		GatewayIP:     "192.168.7.1",
+	}
+	log.Printf("Starting DHCP server")
+	err = server.Start(&config)
+	if err != nil {
+		panic(err)
+	}
+
+	time.Sleep(time.Second)
+	log.Printf("Stopping DHCP server")
+	err = server.Stop()
+	if err != nil {
+		panic(err)
+	}
+	log.Printf("Starting DHCP server")
+	err = server.Start(&config)
+	if err != nil {
+		panic(err)
+	}
+	log.Printf("Starting DHCP server while it's already running")
+	err = server.Start(&config)
+	if err != nil {
+		panic(err)
+	}
+	log.Printf("Now serving DHCP")
+	signal_channel := make(chan os.Signal)
+	signal.Notify(signal_channel, syscall.SIGINT, syscall.SIGTERM)
+	<-signal_channel
+
+}
+
+// return first IPv4 address of an interface, if there is any
+func getIfaceIPv4(iface *net.Interface) *net.IPNet {
+	ifaceAddrs, err := iface.Addrs()
+	if err != nil {
+		panic(err)
+	}
+
+	for _, addr := range ifaceAddrs {
+		ipnet, ok := addr.(*net.IPNet)
+		if !ok {
+			// not an IPNet, should not happen
+			log.Fatalf("SHOULD NOT HAPPEN: got iface.Addrs() element %s that is not net.IPNet", addr)
+		}
+
+		if ipnet.IP.To4() == nil {
+			log.Printf("Got IP that is not IPv4: %v", ipnet.IP)
+			continue
+		}
+
+		log.Printf("Got IP that is IPv4: %v", ipnet.IP)
+		return &net.IPNet{
+			IP:   ipnet.IP.To4(),
+			Mask: ipnet.Mask,
+		}
+	}
+	return nil
+}
--- a/dns.go
+++ b/dns.go
@@ -0,0 +1,92 @@
+package main
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
+	"github.com/AdguardTeam/AdGuardHome/dnsforward"
+	"github.com/AdguardTeam/dnsproxy/upstream"
+	"github.com/hmage/golibs/log"
+	"github.com/joomcode/errorx"
+)
+
+var dnsServer = dnsforward.Server{}
+
+func isRunning() bool {
+	return dnsServer.IsRunning()
+}
+
+func generateServerConfig() dnsforward.ServerConfig {
+	filters := []dnsfilter.Filter{}
+	userFilter := userFilter()
+	filters = append(filters, dnsfilter.Filter{
+		ID:    userFilter.ID,
+		Rules: userFilter.Rules,
+	})
+	for _, filter := range config.Filters {
+		filters = append(filters, dnsfilter.Filter{
+			ID:    filter.ID,
+			Rules: filter.Rules,
+		})
+	}
+
+	newconfig := dnsforward.ServerConfig{
+		UDPListenAddr:   &net.UDPAddr{Port: config.DNS.Port},
+		TCPListenAddr:   &net.TCPAddr{Port: config.DNS.Port},
+		FilteringConfig: config.DNS.FilteringConfig,
+		Filters:         filters,
+	}
+
+	for _, u := range config.DNS.UpstreamDNS {
+		upstream, err := upstream.AddressToUpstream(u, config.DNS.BootstrapDNS, dnsforward.DefaultTimeout)
+		if err != nil {
+			log.Printf("Couldn't get upstream: %s", err)
+			// continue, just ignore the upstream
+			continue
+		}
+		newconfig.Upstreams = append(newconfig.Upstreams, upstream)
+	}
+	return newconfig
+}
+
+func startDNSServer() error {
+	if isRunning() {
+		return fmt.Errorf("Unable to start forwarding DNS server: Already running")
+	}
+
+	newconfig := generateServerConfig()
+	err := dnsServer.Start(&newconfig)
+	if err != nil {
+		return errorx.Decorate(err, "Couldn't start forwarding DNS server")
+	}
+
+	return nil
+}
+
+func reconfigureDNSServer() error {
+	if !isRunning() {
+		return fmt.Errorf("Refusing to reconfigure forwarding DNS server: not running")
+	}
+
+	config := generateServerConfig()
+	err := dnsServer.Reconfigure(&config)
+	if err != nil {
+		return errorx.Decorate(err, "Couldn't start forwarding DNS server")
+	}
+
+	return nil
+}
+
+func stopDNSServer() error {
+	if !isRunning() {
+		return fmt.Errorf("Refusing to stop forwarding DNS server: not running")
+	}
+
+	err := dnsServer.Stop()
+	if err != nil {
+		return errorx.Decorate(err, "Couldn't stop forwarding DNS server")
+	}
+
+	return nil
+}
--- a/dnsfilter/dnsfilter.go
+++ b/dnsfilter/dnsfilter.go
@@ -8,7 +8,7 @@ import (
 	"errors"
 	"fmt"
 	"io/ioutil"
-	"log"
+	"net"
 	"net/http"
 	"regexp"
 	"strings"
@@ -16,15 +16,15 @@ import (
 	"sync/atomic"
 	"time"

-	_ "github.com/benburkert/dns/init"
 	"github.com/bluele/gcache"
+	"github.com/hmage/golibs/log"
 	"golang.org/x/net/publicsuffix"
 )

 const defaultCacheSize = 64 * 1024 // in number of elements
-const defaultCacheTime time.Duration = 30 * time.Minute
+const defaultCacheTime = 30 * time.Minute

-const defaultHTTPTimeout time.Duration = 5 * time.Minute
+const defaultHTTPTimeout = 5 * time.Minute
 const defaultHTTPMaxIdleConnections = 100

 const defaultSafebrowsingServer = "sb.adtidy.org"
@@ -32,30 +32,35 @@ const defaultSafebrowsingURL = "http://%s/safebrowsing-lookup-hash.html?prefixes
 const defaultParentalServer = "pctrl.adguard.com"
 const defaultParentalURL = "http://%s/check-parental-control-hash?prefixes=%s&sensitivity=%d"

-// ErrInvalidSyntax is returned by AddRule when rule is invalid
+// ErrInvalidSyntax is returned by AddRule when the rule is invalid
 var ErrInvalidSyntax = errors.New("dnsfilter: invalid rule syntax")

-// ErrInvalidParental is returned by EnableParental when sensitivity is not a valid value
-var ErrInvalidParental = errors.New("dnsfilter: invalid parental sensitivity, must be either 3, 10, 13 or 17")
+// ErrInvalidSyntax is returned by AddRule when the rule was already added to the filter
+var ErrAlreadyExists = errors.New("dnsfilter: rule was already added")

 const shortcutLength = 6 // used for rule search optimization, 6 hits the sweet spot

 const enableFastLookup = true         // flag for debugging, must be true in production for faster performance
 const enableDelayedCompilation = true // flag for debugging, must be true in production for faster performance

-type config struct {
-	parentalServer      string
-	parentalSensitivity int // must be either 3, 10, 13 or 17
-	parentalEnabled     bool
-	safeSearchEnabled   bool
-	safeBrowsingEnabled bool
-	safeBrowsingServer  string
+// Config allows you to configure DNS filtering with New() or just change variables directly.
+type Config struct {
+	ParentalSensitivity int  `yaml:"parental_sensitivity"` // must be either 3, 10, 13 or 17
+	ParentalEnabled     bool `yaml:"parental_enabled"`
+	SafeSearchEnabled   bool `yaml:"safesearch_enabled"`
+	SafeBrowsingEnabled bool `yaml:"safebrowsing_enabled"`
+}
+
+type privateConfig struct {
+	parentalServer     string // access via methods
+	safeBrowsingServer string // access via methods
 }

 type rule struct {
 	text         string // text without @@ decorators or $ options
 	shortcut     string // for speeding up lookup
 	originalText string // original text for reporting back to applications
+	ip           net.IP // IP address (for the case when we're matching a hosts file)

 	// options
 	options []string // optional options after $
@@ -66,7 +71,7 @@ type rule struct {
 	isImportant bool

 	// user-supplied data
-	listID uint32
+	listID int64

 	// suffix matching
 	isSuffix bool
@@ -94,7 +99,7 @@ type Stats struct {

 // Dnsfilter holds added rules and performs hostname matches against the rules
 type Dnsfilter struct {
-	storage      map[string]*rule // rule storage, not used for matching, needs to be key->value
+	storage      map[string]bool // rule storage, not used for matching, just for filtering out duplicates
 	storageMutex sync.RWMutex

 	// rules are checked against these lists in the order defined here
@@ -106,7 +111,13 @@ type Dnsfilter struct {
 	client    http.Client     // handle for http client -- single instance as recommended by docs
 	transport *http.Transport // handle for http transport used by http client

-	config config
+	Config // for direct access by library users, even a = assignment
+	privateConfig
+}
+
+type Filter struct {
+	ID    int64    `json:"id"`         // auto-assigned when filter is added (see nextFilterID), json by default keeps ID uppercase but we need lowercase
+	Rules []string `json:"-" yaml:"-"` // not in yaml or json
 }

 //go:generate stringer -type=Reason
@@ -137,9 +148,11 @@ var (

 // Result holds state of hostname check
 type Result struct {
-	IsFiltered bool   `json:",omitempty"`
-	Reason     Reason `json:",omitempty"`
-	Rule       string `json:",omitempty"`
+	IsFiltered bool   `json:",omitempty"` // True if the host name is filtered
+	Reason     Reason `json:",omitempty"` // Reason for blocking / unblocking
+	Rule       string `json:",omitempty"` // Original rule text
+	Ip         net.IP `json:",omitempty"` // Not nil only in the case of a hosts file syntax
+	FilterID   int64  `json:",omitempty"` // Filter ID the rule belongs to
 }

 // Matched can be used to see if any match at all was found, no matter filtered or not
@@ -165,7 +178,7 @@ func (d *Dnsfilter) CheckHost(host string) (Result, error) {
 	}

 	// check safebrowsing if no match
-	if d.config.safeBrowsingEnabled {
+	if d.SafeBrowsingEnabled {
 		result, err = d.checkSafeBrowsing(host)
 		if err != nil {
 			// failed to do HTTP lookup -- treat it as if we got empty response, but don't save cache
@@ -178,7 +191,7 @@ func (d *Dnsfilter) CheckHost(host string) (Result, error) {
 	}

 	// check parental if no match
-	if d.config.parentalEnabled {
+	if d.ParentalEnabled {
 		result, err = d.checkParental(host)
 		if err != nil {
 			// failed to do HTTP lookup -- treat it as if we got empty response, but don't save cache
@@ -199,6 +212,7 @@ func (d *Dnsfilter) CheckHost(host string) (Result, error) {
 //

 type rulesTable struct {
+	rulesByHost     map[string]*rule
 	rulesByShortcut map[string][]*rule
 	rulesLeftovers  []*rule
 	sync.RWMutex
@@ -206,6 +220,7 @@ type rulesTable struct {

 func newRulesTable() *rulesTable {
 	return &rulesTable{
+		rulesByHost:     make(map[string]*rule),
 		rulesByShortcut: make(map[string][]*rule),
 		rulesLeftovers:  make([]*rule, 0),
 	}
@@ -213,16 +228,23 @@ func newRulesTable() *rulesTable {

 func (r *rulesTable) Add(rule *rule) {
 	r.Lock()
-	if len(rule.shortcut) == shortcutLength && enableFastLookup {
+
+	if rule.ip != nil {
+		// Hosts syntax
+		r.rulesByHost[rule.text] = rule
+	} else if len(rule.shortcut) == shortcutLength && enableFastLookup {
+		// Adblock syntax with a shortcut
 		r.rulesByShortcut[rule.shortcut] = append(r.rulesByShortcut[rule.shortcut], rule)
 	} else {
+		// Adblock syntax -- too short to have a shortcut
 		r.rulesLeftovers = append(r.rulesLeftovers, rule)
 	}
 	r.Unlock()
 }

 func (r *rulesTable) matchByHost(host string) (Result, error) {
-	res, err := r.searchShortcuts(host)
+	// First: examine the hosts-syntax rules
+	res, err := r.searchByHost(host)
 	if err != nil {
 		return res, err
 	}
@@ -230,6 +252,16 @@ func (r *rulesTable) matchByHost(host string) (Result, error) {
 		return res, nil
 	}

+	// Second: examine the adblock-syntax rules with shortcuts
+	res, err = r.searchShortcuts(host)
+	if err != nil {
+		return res, err
+	}
+	if res.Reason.Matched() {
+		return res, nil
+	}
+
+	// Third: examine the others
 	res, err = r.searchLeftovers(host)
 	if err != nil {
 		return res, err
@@ -241,6 +273,16 @@ func (r *rulesTable) matchByHost(host string) (Result, error) {
 	return Result{}, nil
 }

+func (r *rulesTable) searchByHost(host string) (Result, error) {
+	rule, ok := r.rulesByHost[host]
+
+	if ok {
+		return rule.match(host)
+	}
+
+	return Result{}, nil
+}
+
 func (r *rulesTable) searchShortcuts(host string) (Result, error) {
 	// check in shortcuts first
 	for i := 0; i < len(host); i++ {
@@ -424,8 +466,21 @@ func (rule *rule) compile() error {
 	return nil
 }

+// Checks if the rule matches the specified host and returns a corresponding Result object
 func (rule *rule) match(host string) (Result, error) {
 	res := Result{}
+
+	if rule.ip != nil && rule.text == host {
+		// This is a hosts-syntax rule -- just check that the hostname matches and return the result
+		return Result{
+			IsFiltered: true,
+			Reason:     FilteredBlackList,
+			Rule:       rule.originalText,
+			Ip:         rule.ip,
+			FilterID:   rule.listID,
+		}, nil
+	}
+
 	err := rule.compile()
 	if err != nil {
 		return res, err
@@ -445,11 +500,12 @@ func (rule *rule) match(host string) (Result, error) {
 	if matched {
 		res.Reason = FilteredBlackList
 		res.IsFiltered = true
+		res.FilterID = rule.listID
+		res.Rule = rule.originalText
 		if rule.isWhitelist {
 			res.Reason = NotFilteredWhiteList
 			res.IsFiltered = false
 		}
-		res.Rule = rule.text
 	}
 	return res, nil
 }
@@ -520,11 +576,11 @@ func hostnameToHashParam(host string, addslash bool) (string, map[string]bool) {

 func (d *Dnsfilter) checkSafeBrowsing(host string) (Result, error) {
 	// prevent recursion -- checking the host of safebrowsing server makes no sense
-	if host == d.config.safeBrowsingServer {
+	if host == d.safeBrowsingServer {
 		return Result{}, nil
 	}
 	format := func(hashparam string) string {
-		url := fmt.Sprintf(defaultSafebrowsingURL, d.config.safeBrowsingServer, hashparam)
+		url := fmt.Sprintf(defaultSafebrowsingURL, d.safeBrowsingServer, hashparam)
 		return url
 	}
 	handleBody := func(body []byte, hashes map[string]bool) (Result, error) {
@@ -561,11 +617,11 @@ func (d *Dnsfilter) checkSafeBrowsing(host string) (Result, error) {

 func (d *Dnsfilter) checkParental(host string) (Result, error) {
 	// prevent recursion -- checking the host of parental safety server makes no sense
-	if host == d.config.parentalServer {
+	if host == d.parentalServer {
 		return Result{}, nil
 	}
 	format := func(hashparam string) string {
-		url := fmt.Sprintf(defaultParentalURL, d.config.parentalServer, hashparam, d.config.parentalSensitivity)
+		url := fmt.Sprintf(defaultParentalURL, d.parentalServer, hashparam, d.ParentalSensitivity)
 		return url
 	}
 	handleBody := func(body []byte, hashes map[string]bool) (Result, error) {
@@ -678,28 +734,53 @@ func (d *Dnsfilter) lookupCommon(host string, lookupstats *LookupStats, cache gc
 // Adding rule and matching against the rules
 //

+// AddRules is a convinience function to add an array of filters in one call
+func (d *Dnsfilter) AddRules(filters []Filter) error {
+	for _, f := range filters {
+		for _, rule := range f.Rules {
+			err := d.AddRule(rule, f.ID)
+			if err == ErrAlreadyExists || err == ErrInvalidSyntax {
+				continue
+			}
+			if err != nil {
+				log.Printf("Cannot add rule %s: %s", rule, err)
+				// Just ignore invalid rules
+				continue
+			}
+		}
+	}
+	return nil
+}
+
 // AddRule adds a rule, checking if it is a valid rule first and if it wasn't added already
-func (d *Dnsfilter) AddRule(input string, filterListID uint32) error {
+func (d *Dnsfilter) AddRule(input string, filterListID int64) error {
 	input = strings.TrimSpace(input)
 	d.storageMutex.RLock()
 	_, exists := d.storage[input]
 	d.storageMutex.RUnlock()
 	if exists {
 		// already added
-		return ErrInvalidSyntax
+		return ErrAlreadyExists
 	}

 	if !isValidRule(input) {
 		return ErrInvalidSyntax
 	}

+	// First, check if this is a hosts-syntax rule
+	if d.parseEtcHosts(input, filterListID) {
+		// This is a valid hosts-syntax rule, no need for further parsing
+		return nil
+	}
+
+	// Start parsing the rule
 	rule := rule{
 		text:         input, // will be modified
 		originalText: input,
 		listID:       filterListID,
 	}

-	// mark rule as whitelist if it starts with @@
+	// Mark rule as whitelist if it starts with @@
 	if strings.HasPrefix(rule.text, "@@") {
 		rule.isWhitelist = true
 		rule.text = rule.text[2:]
@@ -727,12 +808,44 @@ func (d *Dnsfilter) AddRule(input string, filterListID uint32) error {
 	}

 	d.storageMutex.Lock()
-	d.storage[input] = &rule
+	d.storage[input] = true
 	d.storageMutex.Unlock()
 	destination.Add(&rule)
 	return nil
 }

+// Parses the hosts-syntax rules. Returns false if the input string is not of hosts-syntax.
+func (d *Dnsfilter) parseEtcHosts(input string, filterListID int64) bool {
+	// Strip the trailing comment
+	ruleText := input
+	if pos := strings.IndexByte(ruleText, '#'); pos != -1 {
+		ruleText = ruleText[0:pos]
+	}
+	fields := strings.Fields(ruleText)
+	if len(fields) < 2 {
+		return false
+	}
+	addr := net.ParseIP(fields[0])
+	if addr == nil {
+		return false
+	}
+
+	d.storageMutex.Lock()
+	d.storage[input] = true
+	d.storageMutex.Unlock()
+
+	for _, host := range fields[1:] {
+		rule := rule{
+			text:         host,
+			originalText: input,
+			listID:       filterListID,
+			ip:           addr,
+		}
+		d.blackList.Add(&rule)
+	}
+	return true
+}
+
 // matchHost is a low-level way to check only if hostname is filtered by rules, skipping expensive safebrowsing and parental lookups
 func (d *Dnsfilter) matchHost(host string) (Result, error) {
 	lists := []*rulesTable{
@@ -758,10 +871,10 @@ func (d *Dnsfilter) matchHost(host string) (Result, error) {
 //

 // New creates properly initialized DNS Filter that is ready to be used
-func New() *Dnsfilter {
+func New(c *Config) *Dnsfilter {
 	d := new(Dnsfilter)

-	d.storage = make(map[string]*rule)
+	d.storage = make(map[string]bool)
 	d.important = newRulesTable()
 	d.whiteList = newRulesTable()
 	d.blackList = newRulesTable()
@@ -779,8 +892,11 @@ func New() *Dnsfilter {
 		Transport: d.transport,
 		Timeout:   defaultHTTPTimeout,
 	}
-	d.config.safeBrowsingServer = defaultSafebrowsingServer
-	d.config.parentalServer = defaultParentalServer
+	d.safeBrowsingServer = defaultSafebrowsingServer
+	d.parentalServer = defaultParentalServer
+	if c != nil {
+		d.Config = *c
+	}

 	return d
 }
@@ -797,35 +913,21 @@ func (d *Dnsfilter) Destroy() {
 // config manipulation helpers
 //

-// EnableSafeBrowsing turns on checking hostnames in malware/phishing database
-func (d *Dnsfilter) EnableSafeBrowsing() {
-	d.config.safeBrowsingEnabled = true
-}
-
-// EnableParental turns on checking hostnames for containing adult content
-func (d *Dnsfilter) EnableParental(sensitivity int) error {
+// IsParentalSensitivityValid checks if sensitivity is valid value
+func IsParentalSensitivityValid(sensitivity int) bool {
 	switch sensitivity {
 	case 3, 10, 13, 17:
-		d.config.parentalSensitivity = sensitivity
-		d.config.parentalEnabled = true
-		return nil
-	default:
-		return ErrInvalidParental
+		return true
 	}
-}
-
-// EnableSafeSearch turns on enforcing safesearch in search engines
-// only used in coredns plugin and requires caller to use SafeSearchDomain()
-func (d *Dnsfilter) EnableSafeSearch() {
-	d.config.safeSearchEnabled = true
+	return false
 }

 // SetSafeBrowsingServer lets you optionally change hostname of safesearch lookup
 func (d *Dnsfilter) SetSafeBrowsingServer(host string) {
 	if len(host) == 0 {
-		d.config.safeBrowsingServer = defaultSafebrowsingServer
+		d.safeBrowsingServer = defaultSafebrowsingServer
 	} else {
-		d.config.safeBrowsingServer = host
+		d.safeBrowsingServer = host
 	}
 }

@@ -841,7 +943,7 @@ func (d *Dnsfilter) ResetHTTPTimeout() {

 // SafeSearchDomain returns replacement address for search engine
 func (d *Dnsfilter) SafeSearchDomain(host string) (string, bool) {
-	if d.config.safeSearchEnabled {
+	if d.SafeSearchEnabled {
 		val, ok := safeSearchDomains[host]
 		return val, ok
 	}
--- a/dnsfilter/dnsfilter_test.go
+++ b/dnsfilter/dnsfilter_test.go
@@ -17,6 +17,7 @@ import (
 	"os"
 	"runtime"

+	"github.com/hmage/golibs/log"
 	"github.com/shirou/gopsutil/process"
 	"go.uber.org/goleak"
 )
@@ -24,7 +25,7 @@ import (
 // first in file because it must be run first
 func TestLotsOfRulesMemoryUsage(t *testing.T) {
 	start := getRSS()
-	trace("RSS before loading rules - %d kB\n", start/1024)
+	log.Tracef("RSS before loading rules - %d kB\n", start/1024)
 	dumpMemProfile(_Func() + "1.pprof")

 	d := NewForTest()
@@ -35,7 +36,7 @@ func TestLotsOfRulesMemoryUsage(t *testing.T) {
 	}

 	afterLoad := getRSS()
-	trace("RSS after loading rules - %d kB (%d kB diff)\n", afterLoad/1024, (afterLoad-start)/1024)
+	log.Tracef("RSS after loading rules - %d kB (%d kB diff)\n", afterLoad/1024, (afterLoad-start)/1024)
 	dumpMemProfile(_Func() + "2.pprof")

 	tests := []struct {
@@ -58,7 +59,7 @@ func TestLotsOfRulesMemoryUsage(t *testing.T) {
 		}
 	}
 	afterMatch := getRSS()
-	trace("RSS after matching - %d kB (%d kB diff)\n", afterMatch/1024, (afterMatch-afterLoad)/1024)
+	log.Tracef("RSS after matching - %d kB (%d kB diff)\n", afterMatch/1024, (afterMatch-afterLoad)/1024)
 	dumpMemProfile(_Func() + "3.pprof")
 }

@@ -88,20 +89,20 @@ func dumpMemProfile(name string) {
 const topHostsFilename = "../tests/top-1m.csv"

 func fetchTopHostsFromNet() {
-	trace("Fetching top hosts from network")
+	log.Tracef("Fetching top hosts from network")
 	resp, err := http.Get("http://s3-us-west-1.amazonaws.com/umbrella-static/top-1m.csv.zip")
 	if err != nil {
 		panic(err)
 	}
 	defer resp.Body.Close()

-	trace("Reading zipfile body")
+	log.Tracef("Reading zipfile body")
 	zipfile, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		panic(err)
 	}

-	trace("Opening zipfile")
+	log.Tracef("Opening zipfile")
 	r, err := zip.NewReader(bytes.NewReader(zipfile), int64(len(zipfile)))
 	if err != nil {
 		panic(err)
@@ -111,19 +112,19 @@ func fetchTopHostsFromNet() {
 		panic(fmt.Errorf("zipfile must have only one entry: %+v", r))
 	}
 	f := r.File[0]
-	trace("Unpacking file %s from zipfile", f.Name)
+	log.Tracef("Unpacking file %s from zipfile", f.Name)
 	rc, err := f.Open()
 	if err != nil {
 		panic(err)
 	}
-	trace("Reading file %s contents", f.Name)
+	log.Tracef("Reading file %s contents", f.Name)
 	body, err := ioutil.ReadAll(rc)
 	if err != nil {
 		panic(err)
 	}
 	rc.Close()

-	trace("Writing file %s contents to disk", f.Name)
+	log.Tracef("Writing file %s contents to disk", f.Name)
 	err = ioutil.WriteFile(topHostsFilename+".tmp", body, 0644)
 	if err != nil {
 		panic(err)
@@ -144,16 +145,16 @@ func getTopHosts() {

 func TestLotsOfRulesLotsOfHostsMemoryUsage(t *testing.T) {
 	start := getRSS()
-	trace("RSS before loading rules - %d kB\n", start/1024)
+	log.Tracef("RSS before loading rules - %d kB\n", start/1024)
 	dumpMemProfile(_Func() + "1.pprof")

 	d := NewForTest()
 	defer d.Destroy()
 	mustLoadTestRules(d)
-	trace("Have %d rules", d.Count())
+	log.Tracef("Have %d rules", d.Count())

 	afterLoad := getRSS()
-	trace("RSS after loading rules - %d kB (%d kB diff)\n", afterLoad/1024, (afterLoad-start)/1024)
+	log.Tracef("RSS after loading rules - %d kB (%d kB diff)\n", afterLoad/1024, (afterLoad-start)/1024)
 	dumpMemProfile(_Func() + "2.pprof")

 	getTopHosts()
@@ -163,7 +164,7 @@ func TestLotsOfRulesLotsOfHostsMemoryUsage(t *testing.T) {
 	}
 	defer hostnames.Close()
 	afterHosts := getRSS()
-	trace("RSS after loading hosts - %d kB (%d kB diff)\n", afterHosts/1024, (afterHosts-afterLoad)/1024)
+	log.Tracef("RSS after loading hosts - %d kB (%d kB diff)\n", afterHosts/1024, (afterHosts-afterLoad)/1024)
 	dumpMemProfile(_Func() + "2.pprof")

 	{
@@ -182,7 +183,7 @@ func TestLotsOfRulesLotsOfHostsMemoryUsage(t *testing.T) {
 	}

 	afterMatch := getRSS()
-	trace("RSS after matching - %d kB (%d kB diff)\n", afterMatch/1024, (afterMatch-afterLoad)/1024)
+	log.Tracef("RSS after matching - %d kB (%d kB diff)\n", afterMatch/1024, (afterMatch-afterLoad)/1024)
 	dumpMemProfile(_Func() + "3.pprof")
 }

@@ -236,7 +237,7 @@ func TestSuffixRule(t *testing.T) {
 			t.Errorf("Result suffix does not match for \"%s\": got \"%s\" expected \"%s\"", testcase.rule, suffix, testcase.suffix)
 			continue
 		}
-		// trace("\"%s\": %v: %s", testcase.rule, isSuffix, suffix)
+		// log.Tracef("\"%s\": %v: %s", testcase.rule, isSuffix, suffix)
 	}
 }

@@ -261,7 +262,7 @@ func (d *Dnsfilter) checkAddRule(t *testing.T, rule string) {
 func (d *Dnsfilter) checkAddRuleFail(t *testing.T, rule string) {
 	t.Helper()
 	err := d.AddRule(rule, 0)
-	if err == ErrInvalidSyntax {
+	if err == ErrInvalidSyntax || err == ErrAlreadyExists {
 		return
 	}
 	if err != nil {
@@ -281,6 +282,20 @@ func (d *Dnsfilter) checkMatch(t *testing.T, hostname string) {
 	}
 }

+func (d *Dnsfilter) checkMatchIp(t *testing.T, hostname string, ip string) {
+	t.Helper()
+	ret, err := d.CheckHost(hostname)
+	if err != nil {
+		t.Errorf("Error while matching host %s: %s", hostname, err)
+	}
+	if !ret.IsFiltered {
+		t.Errorf("Expected hostname %s to match", hostname)
+	}
+	if ret.Ip == nil || ret.Ip.String() != ip {
+		t.Errorf("Expected ip %s to match, actual: %v", ip, ret.Ip)
+	}
+}
+
 func (d *Dnsfilter) checkMatchEmpty(t *testing.T, hostname string) {
 	t.Helper()
 	ret, err := d.CheckHost(hostname)
@@ -304,7 +319,7 @@ func loadTestRules(d *Dnsfilter) error {
 	for scanner.Scan() {
 		rule := scanner.Text()
 		err = d.AddRule(rule, 0)
-		if err == ErrInvalidSyntax {
+		if err == ErrInvalidSyntax || err == ErrAlreadyExists {
 			continue
 		}
 		if err != nil {
@@ -324,7 +339,7 @@ func mustLoadTestRules(d *Dnsfilter) {
 }

 func NewForTest() *Dnsfilter {
-	d := New()
+	d := New(nil)
 	purgeCaches()
 	return d
 }
@@ -345,6 +360,20 @@ func TestSanityCheck(t *testing.T) {
 	d.checkAddRuleFail(t, "lkfaojewhoawehfwacoefawr$@#$@3413841384")
 }

+func TestEtcHostsMatching(t *testing.T) {
+	d := NewForTest()
+	defer d.Destroy()
+
+	addr := "216.239.38.120"
+	text := fmt.Sprintf("   %s  google.com www.google.com   # enforce google's safesearch   ", addr)
+
+	d.checkAddRule(t, text)
+	d.checkMatchIp(t, "google.com", addr)
+	d.checkMatchIp(t, "www.google.com", addr)
+	d.checkMatchEmpty(t, "subdomain.google.com")
+	d.checkMatchEmpty(t, "example.org")
+}
+
 func TestSuffixMatching1(t *testing.T) {
 	d := NewForTest()
 	defer d.Destroy()
@@ -446,6 +475,15 @@ func TestDnsFilterWhitelist(t *testing.T) {
 	d.checkMatch(t, "example.org")
 	d.checkMatchEmpty(t, "test.example.org")
 	d.checkMatchEmpty(t, "test.test.example.org")
+
+	d.checkAddRule(t, "||googleadapis.l.google.com^|")
+	d.checkMatch(t, "googleadapis.l.google.com")
+	d.checkMatch(t, "test.googleadapis.l.google.com")
+
+	d.checkAddRule(t, "@@||googleadapis.l.google.com|")
+	d.checkMatchEmpty(t, "googleadapis.l.google.com")
+	d.checkMatchEmpty(t, "test.googleadapis.l.google.com")
+
 }

 func TestDnsFilterImportant(t *testing.T) {
@@ -505,7 +543,7 @@ func TestSafeBrowsing(t *testing.T) {
 		t.Run(fmt.Sprintf("%s in %s", tc, _Func()), func(t *testing.T) {
 			d := NewForTest()
 			defer d.Destroy()
-			d.EnableSafeBrowsing()
+			d.SafeBrowsingEnabled = true
 			stats.Safebrowsing.Requests = 0
 			d.checkMatch(t, "wmconvirus.narod.ru")
 			d.checkMatch(t, "wmconvirus.narod.ru")
@@ -533,7 +571,7 @@ func TestSafeBrowsing(t *testing.T) {
 func TestParallelSB(t *testing.T) {
 	d := NewForTest()
 	defer d.Destroy()
-	d.EnableSafeBrowsing()
+	d.SafeBrowsingEnabled = true
 	t.Run("group", func(t *testing.T) {
 		for i := 0; i < 100; i++ {
 			t.Run(fmt.Sprintf("aaa%d", i), func(t *testing.T) {
@@ -560,7 +598,7 @@ func TestSafeBrowsingCustomServerFail(t *testing.T) {
 	defer ts.Close()
 	address := ts.Listener.Addr().String()

-	d.EnableSafeBrowsing()
+	d.SafeBrowsingEnabled = true
 	d.SetHTTPTimeout(time.Second * 5)
 	d.SetSafeBrowsingServer(address) // this will ensure that test fails
 	d.checkMatchEmpty(t, "wmconvirus.narod.ru")
@@ -569,7 +607,8 @@ func TestSafeBrowsingCustomServerFail(t *testing.T) {
 func TestParentalControl(t *testing.T) {
 	d := NewForTest()
 	defer d.Destroy()
-	d.EnableParental(3)
+	d.ParentalEnabled = true
+	d.ParentalSensitivity = 3
 	d.checkMatch(t, "pornhub.com")
 	d.checkMatch(t, "pornhub.com")
 	if stats.Parental.Requests != 1 {
@@ -600,7 +639,7 @@ func TestSafeSearch(t *testing.T) {
 	if ok {
 		t.Errorf("Expected safesearch to error when disabled")
 	}
-	d.EnableSafeSearch()
+	d.SafeSearchEnabled = true
 	val, ok := d.SafeSearchDomain("www.google.com")
 	if !ok {
 		t.Errorf("Expected safesearch to find result for www.google.com")
@@ -696,6 +735,7 @@ func BenchmarkAddRule(b *testing.B) {
 		err := d.AddRule(rule, 0)
 		switch err {
 		case nil:
+		case ErrAlreadyExists: // ignore rules which were already added
 		case ErrInvalidSyntax: // ignore invalid syntax
 		default:
 			b.Fatalf("Error while adding rule %s: %s", rule, err)
@@ -715,6 +755,7 @@ func BenchmarkAddRuleParallel(b *testing.B) {
 		}
 		switch err {
 		case nil:
+		case ErrAlreadyExists: // ignore rules which were already added
 		case ErrInvalidSyntax: // ignore invalid syntax
 		default:
 			b.Fatalf("Error while adding rule %s: %s", rule, err)
@@ -885,7 +926,7 @@ func BenchmarkLotsOfRulesLotsOfHostsParallel(b *testing.B) {
 func BenchmarkSafeBrowsing(b *testing.B) {
 	d := NewForTest()
 	defer d.Destroy()
-	d.EnableSafeBrowsing()
+	d.SafeBrowsingEnabled = true
 	for n := 0; n < b.N; n++ {
 		hostname := "wmconvirus.narod.ru"
 		ret, err := d.CheckHost(hostname)
@@ -901,7 +942,7 @@ func BenchmarkSafeBrowsing(b *testing.B) {
 func BenchmarkSafeBrowsingParallel(b *testing.B) {
 	d := NewForTest()
 	defer d.Destroy()
-	d.EnableSafeBrowsing()
+	d.SafeBrowsingEnabled = true
 	b.RunParallel(func(pb *testing.PB) {
 		for pb.Next() {
 			hostname := "wmconvirus.narod.ru"
@@ -919,7 +960,7 @@ func BenchmarkSafeBrowsingParallel(b *testing.B) {
 func BenchmarkSafeSearch(b *testing.B) {
 	d := NewForTest()
 	defer d.Destroy()
-	d.EnableSafeSearch()
+	d.SafeSearchEnabled = true
 	for n := 0; n < b.N; n++ {
 		val, ok := d.SafeSearchDomain("www.google.com")
 		if !ok {
@@ -934,7 +975,7 @@ func BenchmarkSafeSearch(b *testing.B) {
 func BenchmarkSafeSearchParallel(b *testing.B) {
 	d := NewForTest()
 	defer d.Destroy()
-	d.EnableSafeSearch()
+	d.SafeSearchEnabled = true
 	b.RunParallel(func(pb *testing.PB) {
 		for pb.Next() {
 			val, ok := d.SafeSearchDomain("www.google.com")
@@ -970,17 +1011,3 @@ func _Func() string {
 	f := runtime.FuncForPC(pc[0])
 	return path.Base(f.Name())
 }
-
-func trace(format string, args ...interface{}) {
-	pc := make([]uintptr, 10) // at least 1 entry needed
-	runtime.Callers(2, pc)
-	f := runtime.FuncForPC(pc[0])
-	var buf strings.Builder
-	buf.WriteString(fmt.Sprintf("%s(): ", path.Base(f.Name())))
-	text := fmt.Sprintf(format, args...)
-	buf.WriteString(text)
-	if len(text) == 0 || text[len(text)-1] != '\n' {
-		buf.WriteRune('\n')
-	}
-	fmt.Print(buf.String())
-}
--- a/dnsfilter/helpers.go
+++ b/dnsfilter/helpers.go
@@ -19,11 +19,17 @@ func isValidRule(rule string) bool {
 		return false
 	}

+	// Filter out all sorts of cosmetic rules:
+	// https://kb.adguard.com/en/general/how-to-create-your-own-ad-filters#cosmetic-rules
 	masks := []string{
 		"##",
 		"#@#",
+		"#?#",
+		"#@?#",
 		"#$#",
 		"#@$#",
+		"#?$#",
+		"#@?$#",
 		"$$",
 		"$@$",
 		"#%#",
--- a/dnsfilter/rule_to_regexp.go
+++ b/dnsfilter/rule_to_regexp.go
@@ -72,6 +72,11 @@ func getSuffix(rule string) (bool, string) {
 	// last char was checked, eat it
 	rule = rule[:len(rule)-1]

+	// it might also end with ^|
+	if rule[len(rule)-1] == '^' {
+		rule = rule[:len(rule)-1]
+	}
+
 	// check that it doesn't have any special characters inside
 	for _, r := range rule {
 		switch r {
--- a/dnsfilter/safesearch.go
+++ b/dnsfilter/safesearch.go
@@ -198,4 +198,10 @@ var safeSearchDomains = map[string]string{
 	"www.google.vu":     "forcesafesearch.google.com",
 	"www.google.ws":     "forcesafesearch.google.com",
 	"www.google.rs":     "forcesafesearch.google.com",
+
+	"www.youtube.com":          "restrictmoderate.youtube.com",
+	"m.youtube.com":            "restrictmoderate.youtube.com",
+	"youtubei.googleapis.com":  "restrictmoderate.youtube.com",
+	"youtube.googleapis.com":   "restrictmoderate.youtube.com",
+	"www.youtube-nocookie.com": "restrictmoderate.youtube.com",
 }
--- a/dnsforward/dnsforward.go
+++ b/dnsforward/dnsforward.go
@@ -0,0 +1,406 @@
+package dnsforward
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
+	"github.com/AdguardTeam/dnsproxy/proxy"
+	"github.com/AdguardTeam/dnsproxy/upstream"
+	"github.com/hmage/golibs/log"
+	"github.com/joomcode/errorx"
+	"github.com/miekg/dns"
+)
+
+// DefaultTimeout is the default upstream timeout
+const DefaultTimeout = 10 * time.Second
+
+const (
+	safeBrowsingBlockHost = "standard-block.dns.adguard.com"
+	parentalBlockHost     = "family-block.dns.adguard.com"
+)
+
+// Server is the main way to start a DNS server.
+//
+// Example:
+//  s := dnsforward.Server{}
+//  err := s.Start(nil) // will start a DNS server listening on default port 53, in a goroutine
+//  err := s.Reconfigure(ServerConfig{UDPListenAddr: &net.UDPAddr{Port: 53535}}) // will reconfigure running DNS server to listen on UDP port 53535
+//  err := s.Stop() // will stop listening on port 53535 and cancel all goroutines
+//  err := s.Start(nil) // will start listening again, on port 53535, in a goroutine
+//
+// The zero Server is empty and ready for use.
+type Server struct {
+	dnsProxy *proxy.Proxy // DNS proxy instance
+
+	dnsFilter *dnsfilter.Dnsfilter // DNS filter instance
+
+	sync.RWMutex
+	ServerConfig
+}
+
+// FilteringConfig represents the DNS filtering configuration of AdGuard Home
+type FilteringConfig struct {
+	ProtectionEnabled  bool     `yaml:"protection_enabled"`   // whether or not use any of dnsfilter features
+	FilteringEnabled   bool     `yaml:"filtering_enabled"`    // whether or not use filter lists
+	BlockedResponseTTL uint32   `yaml:"blocked_response_ttl"` // if 0, then default is used (3600)
+	QueryLogEnabled    bool     `yaml:"querylog_enabled"`
+	Ratelimit          int      `yaml:"ratelimit"`
+	RatelimitWhitelist []string `yaml:"ratelimit_whitelist"`
+	RefuseAny          bool     `yaml:"refuse_any"`
+	BootstrapDNS       string   `yaml:"bootstrap_dns"`
+
+	dnsfilter.Config `yaml:",inline"`
+}
+
+// ServerConfig represents server configuration.
+// The zero ServerConfig is empty and ready for use.
+type ServerConfig struct {
+	UDPListenAddr *net.UDPAddr        // UDP listen address
+	TCPListenAddr *net.TCPAddr        // TCP listen address
+	Upstreams     []upstream.Upstream // Configured upstreams
+	Filters       []dnsfilter.Filter  // A list of filters to use
+
+	FilteringConfig
+}
+
+// if any of ServerConfig values are zero, then default values from below are used
+var defaultValues = ServerConfig{
+	UDPListenAddr:   &net.UDPAddr{Port: 53},
+	TCPListenAddr:   &net.TCPAddr{Port: 53},
+	FilteringConfig: FilteringConfig{BlockedResponseTTL: 3600},
+}
+
+func init() {
+	defaultDNS := []string{"8.8.8.8:53", "8.8.4.4:53"}
+
+	defaultUpstreams := make([]upstream.Upstream, 0)
+	for _, addr := range defaultDNS {
+		u, err := upstream.AddressToUpstream(addr, "", DefaultTimeout)
+		if err == nil {
+			defaultUpstreams = append(defaultUpstreams, u)
+		}
+	}
+	defaultValues.Upstreams = defaultUpstreams
+}
+
+// Start starts the DNS server
+func (s *Server) Start(config *ServerConfig) error {
+	s.Lock()
+	defer s.Unlock()
+	return s.startInternal(config)
+}
+
+// startInternal starts without locking
+func (s *Server) startInternal(config *ServerConfig) error {
+	if config != nil {
+		s.ServerConfig = *config
+	}
+
+	if s.dnsFilter != nil || s.dnsProxy != nil {
+		return errors.New("DNS server is already started")
+	}
+
+	err := s.initDNSFilter()
+	if err != nil {
+		return err
+	}
+
+	log.Printf("Loading stats from querylog")
+	err = fillStatsFromQueryLog()
+	if err != nil {
+		return errorx.Decorate(err, "failed to load stats from querylog")
+	}
+
+	once.Do(func() {
+		go periodicQueryLogRotate()
+		go periodicHourlyTopRotate()
+		go statsRotator()
+	})
+
+	proxyConfig := proxy.Config{
+		UDPListenAddr:      s.UDPListenAddr,
+		TCPListenAddr:      s.TCPListenAddr,
+		Ratelimit:          s.Ratelimit,
+		RatelimitWhitelist: s.RatelimitWhitelist,
+		RefuseAny:          s.RefuseAny,
+		CacheEnabled:       true,
+		Upstreams:          s.Upstreams,
+		Handler:            s.handleDNSRequest,
+	}
+
+	if proxyConfig.UDPListenAddr == nil {
+		proxyConfig.UDPListenAddr = defaultValues.UDPListenAddr
+	}
+
+	if proxyConfig.TCPListenAddr == nil {
+		proxyConfig.TCPListenAddr = defaultValues.TCPListenAddr
+	}
+
+	if len(proxyConfig.Upstreams) == 0 {
+		proxyConfig.Upstreams = defaultValues.Upstreams
+	}
+
+	// Initialize and start the DNS proxy
+	s.dnsProxy = &proxy.Proxy{Config: proxyConfig}
+	return s.dnsProxy.Start()
+}
+
+// Initializes the DNS filter
+func (s *Server) initDNSFilter() error {
+	log.Printf("Creating dnsfilter")
+	s.dnsFilter = dnsfilter.New(&s.Config)
+	// add rules only if they are enabled
+	if s.FilteringEnabled {
+		err := s.dnsFilter.AddRules(s.Filters)
+		if err != nil {
+			return errorx.Decorate(err, "could not initialize dnsfilter")
+		}
+	}
+	return nil
+}
+
+// Stop stops the DNS server
+func (s *Server) Stop() error {
+	s.Lock()
+	defer s.Unlock()
+	return s.stopInternal()
+}
+
+// stopInternal stops without locking
+func (s *Server) stopInternal() error {
+	if s.dnsProxy != nil {
+		err := s.dnsProxy.Stop()
+		s.dnsProxy = nil
+		if err != nil {
+			return errorx.Decorate(err, "could not stop the DNS server properly")
+		}
+	}
+
+	if s.dnsFilter != nil {
+		s.dnsFilter.Destroy()
+		s.dnsFilter = nil
+	}
+
+	// flush remainder to file
+	logBufferLock.Lock()
+	flushBuffer := logBuffer
+	logBuffer = nil
+	logBufferLock.Unlock()
+	err := flushToFile(flushBuffer)
+	if err != nil {
+		log.Printf("Saving querylog to file failed: %s", err)
+		return err
+	}
+
+	return nil
+}
+
+// IsRunning returns true if the DNS server is running
+func (s *Server) IsRunning() bool {
+	s.RLock()
+	isRunning := true
+	if s.dnsProxy == nil {
+		isRunning = false
+	}
+	s.RUnlock()
+	return isRunning
+}
+
+// Reconfigure applies the new configuration to the DNS server
+func (s *Server) Reconfigure(config *ServerConfig) error {
+	s.Lock()
+	defer s.Unlock()
+
+	log.Print("Start reconfiguring the server")
+	err := s.stopInternal()
+	if err != nil {
+		return errorx.Decorate(err, "could not reconfigure the server")
+	}
+	err = s.startInternal(config)
+	if err != nil {
+		return errorx.Decorate(err, "could not reconfigure the server")
+	}
+
+	return nil
+}
+
+// handleDNSRequest filters the incoming DNS requests and writes them to the query log
+func (s *Server) handleDNSRequest(p *proxy.Proxy, d *proxy.DNSContext) error {
+	start := time.Now()
+
+	// use dnsfilter before cache -- changed settings or filters would require cache invalidation otherwise
+	res, err := s.filterDNSRequest(d)
+	if err != nil {
+		return err
+	}
+
+	if d.Res == nil {
+		// request was not filtered so let it be processed further
+		err = p.Resolve(d)
+		if err != nil {
+			return err
+		}
+	}
+
+	shouldLog := true
+	msg := d.Req
+
+	// don't log ANY request if refuseAny is enabled
+	if len(msg.Question) >= 1 && msg.Question[0].Qtype == dns.TypeANY && s.RefuseAny {
+		shouldLog = false
+	}
+
+	if s.QueryLogEnabled && shouldLog {
+		elapsed := time.Since(start)
+		upstreamAddr := ""
+		if d.Upstream != nil {
+			upstreamAddr = d.Upstream.Address()
+		}
+		logRequest(msg, d.Res, res, elapsed, d.Addr, upstreamAddr)
+	}
+
+	return nil
+}
+
+// filterDNSRequest applies the dnsFilter and sets d.Res if the request was filtered
+func (s *Server) filterDNSRequest(d *proxy.DNSContext) (*dnsfilter.Result, error) {
+	msg := d.Req
+	host := strings.TrimSuffix(msg.Question[0].Name, ".")
+
+	s.RLock()
+	protectionEnabled := s.ProtectionEnabled
+	dnsFilter := s.dnsFilter
+	s.RUnlock()
+
+	if !protectionEnabled {
+		return nil, nil
+	}
+
+	var res dnsfilter.Result
+	var err error
+
+	res, err = dnsFilter.CheckHost(host)
+	if err != nil {
+		// Return immediately if there's an error
+		return nil, errorx.Decorate(err, "dnsfilter failed to check host '%s'", host)
+	} else if res.IsFiltered {
+		// log.Tracef("Host %s is filtered, reason - '%s', matched rule: '%s'", host, res.Reason, res.Rule)
+		d.Res = s.genDNSFilterMessage(d, &res)
+	}
+
+	return &res, err
+}
+
+// genDNSFilterMessage generates a DNS message corresponding to the filtering result
+func (s *Server) genDNSFilterMessage(d *proxy.DNSContext, result *dnsfilter.Result) *dns.Msg {
+	m := d.Req
+
+	if m.Question[0].Qtype != dns.TypeA {
+		return s.genNXDomain(m)
+	}
+
+	switch result.Reason {
+	case dnsfilter.FilteredSafeBrowsing:
+		return s.genBlockedHost(m, safeBrowsingBlockHost, d.Upstream)
+	case dnsfilter.FilteredParental:
+		return s.genBlockedHost(m, parentalBlockHost, d.Upstream)
+	default:
+		if result.Ip != nil {
+			return s.genARecord(m, result.Ip)
+		}
+
+		return s.genNXDomain(m)
+	}
+}
+
+func (s *Server) genServerFailure(request *dns.Msg) *dns.Msg {
+	resp := dns.Msg{}
+	resp.SetRcode(request, dns.RcodeServerFailure)
+	resp.RecursionAvailable = true
+	return &resp
+}
+
+func (s *Server) genARecord(request *dns.Msg, ip net.IP) *dns.Msg {
+	resp := dns.Msg{}
+	resp.SetReply(request)
+	answer, err := dns.NewRR(fmt.Sprintf("%s %d A %s", request.Question[0].Name, s.BlockedResponseTTL, ip.String()))
+	if err != nil {
+		log.Printf("Couldn't generate A record for replacement host '%s': %s", ip.String(), err)
+		return s.genServerFailure(request)
+	}
+	resp.Answer = append(resp.Answer, answer)
+	return &resp
+}
+
+func (s *Server) genBlockedHost(request *dns.Msg, newAddr string, upstream upstream.Upstream) *dns.Msg {
+	// look up the hostname, TODO: cache
+	replReq := dns.Msg{}
+	replReq.SetQuestion(dns.Fqdn(newAddr), request.Question[0].Qtype)
+	replReq.RecursionDesired = true
+	reply, err := upstream.Exchange(&replReq)
+	if err != nil {
+		log.Printf("Couldn't look up replacement host '%s' on upstream %s: %s", newAddr, upstream.Address(), err)
+		return s.genServerFailure(request)
+	}
+
+	resp := dns.Msg{}
+	resp.SetReply(request)
+	resp.Authoritative, resp.RecursionAvailable = true, true
+	if reply != nil {
+		for _, answer := range reply.Answer {
+			answer.Header().Name = request.Question[0].Name
+			resp.Answer = append(resp.Answer, answer)
+		}
+	}
+
+	return &resp
+}
+
+func (s *Server) genNXDomain(request *dns.Msg) *dns.Msg {
+	resp := dns.Msg{}
+	resp.SetRcode(request, dns.RcodeNameError)
+	resp.RecursionAvailable = true
+	resp.Ns = s.genSOA(request)
+	return &resp
+}
+
+func (s *Server) genSOA(request *dns.Msg) []dns.RR {
+	zone := ""
+	if len(request.Question) > 0 {
+		zone = request.Question[0].Name
+	}
+
+	soa := dns.SOA{
+		// values copied from verisign's nonexistent .com domain
+		// their exact values are not important in our use case because they are used for domain transfers between primary/secondary DNS servers
+		Refresh: 1800,
+		Retry:   900,
+		Expire:  604800,
+		Minttl:  86400,
+		// copied from AdGuard DNS
+		Ns:     "fake-for-negative-caching.adguard.com.",
+		Serial: 100500,
+		// rest is request-specific
+		Hdr: dns.RR_Header{
+			Name:   zone,
+			Rrtype: dns.TypeSOA,
+			Ttl:    s.BlockedResponseTTL,
+			Class:  dns.ClassINET,
+		},
+		Mbox: "hostmaster.", // zone will be appended later if it's not empty or "."
+	}
+	if soa.Hdr.Ttl == 0 {
+		soa.Hdr.Ttl = defaultValues.BlockedResponseTTL
+	}
+	if len(zone) > 0 && zone[0] != '.' {
+		soa.Mbox += zone
+	}
+	return []dns.RR{&soa}
+}
+
+var once sync.Once
--- a/dnsforward/dnsforward_test.go
+++ b/dnsforward/dnsforward_test.go
@@ -0,0 +1,236 @@
+package dnsforward
+
+import (
+	"net"
+	"testing"
+	"time"
+
+	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
+
+	"github.com/miekg/dns"
+)
+
+func TestServer(t *testing.T) {
+	s := Server{}
+	s.UDPListenAddr = &net.UDPAddr{Port: 0}
+	s.TCPListenAddr = &net.TCPAddr{Port: 0}
+	err := s.Start(nil)
+	if err != nil {
+		t.Fatalf("Failed to start server: %s", err)
+	}
+
+	// message over UDP
+	req := createTestMessage()
+	addr := s.dnsProxy.Addr("udp")
+	client := dns.Client{Net: "udp"}
+	reply, _, err := client.Exchange(req, addr.String())
+	if err != nil {
+		t.Fatalf("Couldn't talk to server %s: %s", addr, err)
+	}
+	assertResponse(t, reply)
+
+	// message over TCP
+	req = createTestMessage()
+	addr = s.dnsProxy.Addr("tcp")
+	client = dns.Client{Net: "tcp"}
+	reply, _, err = client.Exchange(req, addr.String())
+	if err != nil {
+		t.Fatalf("Couldn't talk to server %s: %s", addr, err)
+	}
+	assertResponse(t, reply)
+
+	err = s.Stop()
+	if err != nil {
+		t.Fatalf("DNS server failed to stop: %s", err)
+	}
+}
+
+func TestInvalidRequest(t *testing.T) {
+	s := Server{}
+	s.UDPListenAddr = &net.UDPAddr{Port: 0}
+	s.TCPListenAddr = &net.TCPAddr{Port: 0}
+	err := s.Start(nil)
+	if err != nil {
+		t.Fatalf("Failed to start server: %s", err)
+	}
+
+	// server is running, send a message
+	addr := s.dnsProxy.Addr("udp")
+	req := dns.Msg{}
+	req.Id = dns.Id()
+	req.RecursionDesired = true
+
+	// send a DNS request without question
+	client := dns.Client{Net: "udp", Timeout: 500 * time.Millisecond}
+	_, _, err = client.Exchange(&req, addr.String())
+	if err != nil {
+		t.Fatalf("got a response to an invalid query")
+	}
+
+	err = s.Stop()
+	if err != nil {
+		t.Fatalf("DNS server failed to stop: %s", err)
+	}
+}
+
+func TestBlockedRequest(t *testing.T) {
+	s := createTestServer()
+	err := s.Start(nil)
+	if err != nil {
+		t.Fatalf("Failed to start server: %s", err)
+	}
+	addr := s.dnsProxy.Addr("udp")
+
+	//
+	// NXDomain blocking
+	//
+	req := dns.Msg{}
+	req.Id = dns.Id()
+	req.RecursionDesired = true
+	req.Question = []dns.Question{
+		{Name: "nxdomain.example.org.", Qtype: dns.TypeA, Qclass: dns.ClassINET},
+	}
+
+	reply, err := dns.Exchange(&req, addr.String())
+	if err != nil {
+		t.Fatalf("Couldn't talk to server %s: %s", addr, err)
+	}
+	if reply.Rcode != dns.RcodeNameError {
+		t.Fatalf("Wrong response: %s", reply.String())
+	}
+
+	err = s.Stop()
+	if err != nil {
+		t.Fatalf("DNS server failed to stop: %s", err)
+	}
+}
+
+func TestBlockedByHosts(t *testing.T) {
+	s := createTestServer()
+	err := s.Start(nil)
+	if err != nil {
+		t.Fatalf("Failed to start server: %s", err)
+	}
+	addr := s.dnsProxy.Addr("udp")
+
+	//
+	// Hosts blocking
+	//
+	req := dns.Msg{}
+	req.Id = dns.Id()
+	req.RecursionDesired = true
+	req.Question = []dns.Question{
+		{Name: "host.example.org.", Qtype: dns.TypeA, Qclass: dns.ClassINET},
+	}
+
+	reply, err := dns.Exchange(&req, addr.String())
+	if err != nil {
+		t.Fatalf("Couldn't talk to server %s: %s", addr, err)
+	}
+	if len(reply.Answer) != 1 {
+		t.Fatalf("DNS server %s returned reply with wrong number of answers - %d", addr, len(reply.Answer))
+	}
+	if a, ok := reply.Answer[0].(*dns.A); ok {
+		if !net.IPv4(127, 0, 0, 1).Equal(a.A) {
+			t.Fatalf("DNS server %s returned wrong answer instead of 8.8.8.8: %v", addr, a.A)
+		}
+	} else {
+		t.Fatalf("DNS server %s returned wrong answer type instead of A: %v", addr, reply.Answer[0])
+	}
+
+	err = s.Stop()
+	if err != nil {
+		t.Fatalf("DNS server failed to stop: %s", err)
+	}
+}
+
+func TestBlockedBySafeBrowsing(t *testing.T) {
+	s := createTestServer()
+	err := s.Start(nil)
+	if err != nil {
+		t.Fatalf("Failed to start server: %s", err)
+	}
+	addr := s.dnsProxy.Addr("udp")
+
+	//
+	// Safebrowsing blocking
+	//
+	req := dns.Msg{}
+	req.Id = dns.Id()
+	req.RecursionDesired = true
+	req.Question = []dns.Question{
+		{Name: "wmconvirus.narod.ru.", Qtype: dns.TypeA, Qclass: dns.ClassINET},
+	}
+	reply, err := dns.Exchange(&req, addr.String())
+	if err != nil {
+		t.Fatalf("Couldn't talk to server %s: %s", addr, err)
+	}
+	if len(reply.Answer) != 1 {
+		t.Fatalf("DNS server %s returned reply with wrong number of answers - %d", addr, len(reply.Answer))
+	}
+	if a, ok := reply.Answer[0].(*dns.A); ok {
+		addrs, lookupErr := net.LookupHost(safeBrowsingBlockHost)
+		if lookupErr != nil {
+			t.Fatalf("cannot resolve %s due to %s", safeBrowsingBlockHost, lookupErr)
+		}
+
+		found := false
+		for _, blockAddr := range addrs {
+			if blockAddr == a.A.String() {
+				found = true
+			}
+		}
+
+		if !found {
+			t.Fatalf("DNS server %s returned wrong answer: %v", addr, a.A)
+		}
+	} else {
+		t.Fatalf("DNS server %s returned wrong answer type instead of A: %v", addr, reply.Answer[0])
+	}
+
+	err = s.Stop()
+	if err != nil {
+		t.Fatalf("DNS server failed to stop: %s", err)
+	}
+}
+
+func createTestServer() *Server {
+	s := Server{}
+	s.UDPListenAddr = &net.UDPAddr{Port: 0}
+	s.TCPListenAddr = &net.TCPAddr{Port: 0}
+	s.FilteringConfig.FilteringEnabled = true
+	s.FilteringConfig.ProtectionEnabled = true
+	s.FilteringConfig.SafeBrowsingEnabled = true
+	s.Filters = make([]dnsfilter.Filter, 0)
+
+	rules := []string{
+		"||nxdomain.example.org^",
+		"127.0.0.1	host.example.org",
+	}
+	filter := dnsfilter.Filter{ID: 1, Rules: rules}
+	s.Filters = append(s.Filters, filter)
+	return &s
+}
+
+func createTestMessage() *dns.Msg {
+	req := dns.Msg{}
+	req.Id = dns.Id()
+	req.RecursionDesired = true
+	req.Question = []dns.Question{
+		{Name: "google-public-dns-a.google.com.", Qtype: dns.TypeA, Qclass: dns.ClassINET},
+	}
+	return &req
+}
+
+func assertResponse(t *testing.T, reply *dns.Msg) {
+	if len(reply.Answer) != 1 {
+		t.Fatalf("DNS server returned reply with wrong number of answers - %d", len(reply.Answer))
+	}
+	if a, ok := reply.Answer[0].(*dns.A); ok {
+		if !net.IPv4(8, 8, 8, 8).Equal(a.A) {
+			t.Fatalf("DNS server returned wrong answer instead of 8.8.8.8: %v", a.A)
+		}
+	} else {
+		t.Fatalf("DNS server returned wrong answer type instead of A: %v", reply.Answer[0])
+	}
+}
--- a/coredns_plugin/querylog.go
+++ b/coredns_plugin/querylog.go
@@ -1,21 +1,17 @@
-package dnsfilter
+package dnsforward

 import (
 	"encoding/json"
 	"fmt"
-	"log"
 	"net"
 	"net/http"
-	"os"
-	"path"
-	"runtime"
 	"strconv"
 	"strings"
 	"sync"
 	"time"

 	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
-	"github.com/coredns/coredns/plugin/pkg/response"
+	"github.com/hmage/golibs/log"
 	"github.com/miekg/dns"
 )

@@ -26,7 +22,6 @@ const (
 	queryLogFileName       = "querylog.json" // .gz added during compression
 	queryLogSize           = 5000            // maximum API response for /querylog
 	queryLogTopSize        = 500             // Keep in memory only top N values
-	queryLogAPIPort        = "8618"          // 8618 is sha512sum of "querylog" then each byte summed
 )

 var (
@@ -35,7 +30,6 @@ var (

 	queryLogCache []*logEntry
 	queryLogLock  sync.RWMutex
-	queryLogTime  time.Time
 )

 type logEntry struct {
@@ -45,12 +39,14 @@ type logEntry struct {
 	Time     time.Time
 	Elapsed  time.Duration
 	IP       string
+	Upstream string `json:",omitempty"` // if empty, means it was cached
 }

-func logRequest(question *dns.Msg, answer *dns.Msg, result dnsfilter.Result, elapsed time.Duration, ip string) {
+func logRequest(question *dns.Msg, answer *dns.Msg, result *dnsfilter.Result, elapsed time.Duration, addr net.Addr, upstream string) {
 	var q []byte
 	var a []byte
 	var err error
+	ip := getIPString(addr)

 	if question != nil {
 		q, err = question.Pack()
@@ -59,6 +55,7 @@ func logRequest(question *dns.Msg, answer *dns.Msg, result dnsfilter.Result, ela
 			return
 		}
 	}
+
 	if answer != nil {
 		a, err = answer.Pack()
 		if err != nil {
@@ -67,14 +64,19 @@ func logRequest(question *dns.Msg, answer *dns.Msg, result dnsfilter.Result, ela
 		}
 	}

+	if result == nil {
+		result = &dnsfilter.Result{}
+	}
+
 	now := time.Now()
 	entry := logEntry{
 		Question: q,
 		Answer:   a,
-		Result:   result,
+		Result:   *result,
 		Time:     now,
 		Elapsed:  elapsed,
 		IP:       ip,
+		Upstream: upstream,
 	}
 	var flushBuffer []*logEntry

@@ -100,6 +102,8 @@ func logRequest(question *dns.Msg, answer *dns.Msg, result dnsfilter.Result, ela
 		// don't do failure, just log
 	}

+	incrementCounters(&entry)
+
 	// if buffer needs to be flushed to disk, do it now
 	if len(flushBuffer) > 0 {
 		// write to file
@@ -108,7 +112,7 @@ func logRequest(question *dns.Msg, answer *dns.Msg, result dnsfilter.Result, ela
 	}
 }

-func handleQueryLog(w http.ResponseWriter, r *http.Request) {
+func HandleQueryLog(w http.ResponseWriter, r *http.Request) {
 	queryLogLock.RLock()
 	values := make([]*logEntry, len(queryLogCache))
 	copy(values, queryLogCache)
@@ -141,14 +145,14 @@ func handleQueryLog(w http.ResponseWriter, r *http.Request) {
 			}
 		}

-		jsonentry := map[string]interface{}{
-			"reason":     entry.Result.Reason.String(),
-			"elapsed_ms": strconv.FormatFloat(entry.Elapsed.Seconds()*1000, 'f', -1, 64),
-			"time":       entry.Time.Format(time.RFC3339),
-			"client":     entry.IP,
+		jsonEntry := map[string]interface{}{
+			"reason":    entry.Result.Reason.String(),
+			"elapsedMs": strconv.FormatFloat(entry.Elapsed.Seconds()*1000, 'f', -1, 64),
+			"time":      entry.Time.Format(time.RFC3339),
+			"client":    entry.IP,
 		}
 		if q != nil {
-			jsonentry["question"] = map[string]interface{}{
+			jsonEntry["question"] = map[string]interface{}{
 				"host":  strings.ToLower(strings.TrimSuffix(q.Question[0].Name, ".")),
 				"type":  dns.Type(q.Question[0].Qtype).String(),
 				"class": dns.Class(q.Question[0].Qclass).String(),
@@ -156,11 +160,11 @@ func handleQueryLog(w http.ResponseWriter, r *http.Request) {
 		}

 		if a != nil {
-			status, _ := response.Typify(a, time.Now().UTC())
-			jsonentry["status"] = status.String()
+			jsonEntry["status"] = dns.RcodeToString[a.Rcode]
 		}
 		if len(entry.Result.Rule) > 0 {
-			jsonentry["rule"] = entry.Result.Rule
+			jsonEntry["rule"] = entry.Result.Rule
+			jsonEntry["filterId"] = entry.Result.FilterID
 		}

 		if a != nil && len(a.Answer) > 0 {
@@ -203,55 +207,36 @@ func handleQueryLog(w http.ResponseWriter, r *http.Request) {
 				}
 				answers = append(answers, answer)
 			}
-			jsonentry["answer"] = answers
+			jsonEntry["answer"] = answers
 		}

-		data = append(data, jsonentry)
+		data = append(data, jsonEntry)
 	}

-	json, err := json.Marshal(data)
+	jsonVal, err := json.Marshal(data)
 	if err != nil {
-		errortext := fmt.Sprintf("Couldn't marshal data into json: %s", err)
-		log.Println(errortext)
-		http.Error(w, errortext, http.StatusInternalServerError)
+		errorText := fmt.Sprintf("Couldn't marshal data into json: %s", err)
+		log.Println(errorText)
+		http.Error(w, errorText, http.StatusInternalServerError)
 		return
 	}

 	w.Header().Set("Content-Type", "application/json")
-	_, err = w.Write(json)
+	_, err = w.Write(jsonVal)
 	if err != nil {
-		errortext := fmt.Sprintf("Unable to write response json: %s", err)
-		log.Println(errortext)
-		http.Error(w, errortext, http.StatusInternalServerError)
+		errorText := fmt.Sprintf("Unable to write response json: %s", err)
+		log.Println(errorText)
+		http.Error(w, errorText, http.StatusInternalServerError)
 	}
 }

-func startQueryLogServer() {
-	listenAddr := net.JoinHostPort("127.0.0.1", queryLogAPIPort)
-
-	go periodicQueryLogRotate()
-	go periodicHourlyTopRotate()
-	go statsRotator()
-
-	http.HandleFunc("/querylog", handleQueryLog)
-	http.HandleFunc("/stats", handleStats)
-	http.HandleFunc("/stats_top", handleStatsTop)
-	http.HandleFunc("/stats_history", handleStatsHistory)
-	if err := http.ListenAndServe(listenAddr, nil); err != nil {
-		log.Fatalf("error in ListenAndServe: %s", err)
+// getIPString is a helper function that extracts IP address from net.Addr
+func getIPString(addr net.Addr) string {
+	switch addr := addr.(type) {
+	case *net.UDPAddr:
+		return addr.IP.String()
+	case *net.TCPAddr:
+		return addr.IP.String()
 	}
-}
-
-func trace(format string, args ...interface{}) {
-	pc := make([]uintptr, 10) // at least 1 entry needed
-	runtime.Callers(2, pc)
-	f := runtime.FuncForPC(pc[0])
-	var buf strings.Builder
-	buf.WriteString(fmt.Sprintf("%s(): ", path.Base(f.Name())))
-	text := fmt.Sprintf(format, args...)
-	buf.WriteString(text)
-	if len(text) == 0 || text[len(text)-1] != '\n' {
-		buf.WriteRune('\n')
-	}
-	fmt.Fprint(os.Stderr, buf.String())
+	return ""
 }
--- a/coredns_plugin/querylog_file.go
+++ b/coredns_plugin/querylog_file.go
@@ -1,16 +1,16 @@
-package dnsfilter
+package dnsforward

 import (
 	"bytes"
 	"compress/gzip"
 	"encoding/json"
 	"fmt"
-	"log"
 	"os"
 	"sync"
 	"time"

 	"github.com/go-test/deep"
+	"github.com/hmage/golibs/log"
 )

 var (
@@ -191,15 +191,12 @@ func genericLoader(onEntry func(entry *logEntry) error, needMore func() bool, ti
 		var d *json.Decoder

 		if enableGzip {
-			trace("Creating gzip reader")
 			zr, err := gzip.NewReader(f)
 			if err != nil {
 				log.Printf("Failed to create gzip reader: %s", err)
 				continue
 			}
 			defer zr.Close()
-
-			trace("Creating json decoder")
 			d = json.NewDecoder(zr)
 		} else {
 			d = json.NewDecoder(f)
@@ -224,7 +221,7 @@ func genericLoader(onEntry func(entry *logEntry) error, needMore func() bool, ti
 			}

 			if now.Sub(entry.Time) > timeWindow {
-				// trace("skipping entry") // debug logging
+				// log.Tracef("skipping entry") // debug logging
 				continue
 			}

@@ -251,41 +248,3 @@ func genericLoader(onEntry func(entry *logEntry) error, needMore func() bool, ti
 	}
 	return nil
 }
-
-func appendFromLogFile(values []*logEntry, maxLen int, timeWindow time.Duration) []*logEntry {
-	a := []*logEntry{}
-
-	onEntry := func(entry *logEntry) error {
-		a = append(a, entry)
-		if len(a) > maxLen {
-			toskip := len(a) - maxLen
-			a = a[toskip:]
-		}
-		return nil
-	}
-
-	needMore := func() bool {
-		return true
-	}
-
-	err := genericLoader(onEntry, needMore, timeWindow)
-	if err != nil {
-		log.Printf("Failed to load entries from querylog: %s", err)
-		return values
-	}
-
-	// now that we've read all eligible entries, reverse the slice to make it go from newest->oldest
-	for left, right := 0, len(a)-1; left < right; left, right = left+1, right-1 {
-		a[left], a[right] = a[right], a[left]
-	}
-
-	// append it to values
-	values = append(values, a...)
-
-	// then cut off of it is bigger than maxLen
-	if len(values) > maxLen {
-		values = values[:maxLen]
-	}
-
-	return values
-}
--- a/coredns_plugin/querylog_top.go
+++ b/coredns_plugin/querylog_top.go
@@ -1,9 +1,8 @@
-package dnsfilter
+package dnsforward

 import (
 	"bytes"
 	"fmt"
-	"log"
 	"net/http"
 	"os"
 	"path"
@@ -14,8 +13,8 @@ import (
 	"sync"
 	"time"

-	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
 	"github.com/bluele/gcache"
+	"github.com/hmage/golibs/log"
 	"github.com/miekg/dns"
 )

@@ -158,6 +157,11 @@ func (r *dayTop) addEntry(entry *logEntry, q *dns.Msg, now time.Time) error {
 		return nil
 	}

+	// if a DNS query doesn't have questions, do nothing
+	if len(q.Question) == 0 {
+		return nil
+	}
+
 	hostname := strings.ToLower(strings.TrimSuffix(q.Question[0].Name, "."))

 	// get value, if not set, crate one
@@ -231,27 +235,7 @@ func fillStatsFromQueryLog() error {
 		}
 		queryLogLock.Unlock()

-		requests.IncWithTime(entry.Time)
-		if entry.Result.IsFiltered {
-			filtered.IncWithTime(entry.Time)
-		}
-		switch entry.Result.Reason {
-		case dnsfilter.NotFilteredWhiteList:
-			whitelisted.IncWithTime(entry.Time)
-		case dnsfilter.NotFilteredError:
-			errorsTotal.IncWithTime(entry.Time)
-		case dnsfilter.FilteredBlackList:
-			filteredLists.IncWithTime(entry.Time)
-		case dnsfilter.FilteredSafeBrowsing:
-			filteredSafebrowsing.IncWithTime(entry.Time)
-		case dnsfilter.FilteredParental:
-			filteredParental.IncWithTime(entry.Time)
-		case dnsfilter.FilteredInvalid:
-			// do nothing
-		case dnsfilter.FilteredSafeSearch:
-			safesearch.IncWithTime(entry.Time)
-		}
-		elapsedTime.ObserveWithTime(entry.Elapsed.Seconds(), entry.Time)
+		incrementCounters(entry)

 		return nil
 	}
@@ -268,7 +252,7 @@ func fillStatsFromQueryLog() error {
 	return nil
 }

-func handleStatsTop(w http.ResponseWriter, r *http.Request) {
+func HandleStatsTop(w http.ResponseWriter, r *http.Request) {
 	domains := map[string]int{}
 	blocked := map[string]int{}
 	clients := map[string]int{}
--- a/coredns_plugin/coredns_stats.go
+++ b/coredns_plugin/coredns_stats.go
@@ -1,28 +1,27 @@
-package dnsfilter
+package dnsforward

 import (
 	"encoding/json"
 	"fmt"
-	"log"
 	"net/http"
 	"sync"
 	"time"

-	"github.com/coredns/coredns/plugin"
-	"github.com/prometheus/client_golang/prometheus"
+	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
+	"github.com/hmage/golibs/log"
 )

 var (
-	requests             = newDNSCounter("requests_total", "Count of requests seen by dnsfilter.")
-	filtered             = newDNSCounter("filtered_total", "Count of requests filtered by dnsfilter.")
-	filteredLists        = newDNSCounter("filtered_lists_total", "Count of requests filtered by dnsfilter using lists.")
-	filteredSafebrowsing = newDNSCounter("filtered_safebrowsing_total", "Count of requests filtered by dnsfilter using safebrowsing.")
-	filteredParental     = newDNSCounter("filtered_parental_total", "Count of requests filtered by dnsfilter using parental.")
-	filteredInvalid      = newDNSCounter("filtered_invalid_total", "Count of requests filtered by dnsfilter because they were invalid.")
-	whitelisted          = newDNSCounter("whitelisted_total", "Count of requests not filtered by dnsfilter because they are whitelisted.")
-	safesearch           = newDNSCounter("safesearch_total", "Count of requests replaced by dnsfilter safesearch.")
-	errorsTotal          = newDNSCounter("errors_total", "Count of requests that dnsfilter couldn't process because of transitive errors.")
-	elapsedTime          = newDNSHistogram("request_duration", "Histogram of the time (in seconds) each request took.")
+	requests             = newDNSCounter("requests_total")
+	filtered             = newDNSCounter("filtered_total")
+	filteredLists        = newDNSCounter("filtered_lists_total")
+	filteredSafebrowsing = newDNSCounter("filtered_safebrowsing_total")
+	filteredParental     = newDNSCounter("filtered_parental_total")
+	filteredInvalid      = newDNSCounter("filtered_invalid_total")
+	whitelisted          = newDNSCounter("whitelisted_total")
+	safesearch           = newDNSCounter("safesearch_total")
+	errorsTotal          = newDNSCounter("errors_total")
+	elapsedTime          = newDNSHistogram("request_duration")
 )

 // entries for single time period (for example all per-second entries)
@@ -70,7 +69,7 @@ func purgeStats() {
 func (p *periodicStats) Inc(name string, when time.Time) {
 	// calculate how many periods ago this happened
 	elapsed := int64(time.Since(when) / p.period)
-	// trace("%s: %v as %v -> [%v]", name, time.Since(when), p.period, elapsed)
+	// log.Tracef("%s: %v as %v -> [%v]", name, time.Since(when), p.period, elapsed)
 	if elapsed >= statsHistoryElements {
 		return // outside of our timeframe
 	}
@@ -84,7 +83,7 @@ func (p *periodicStats) Inc(name string, when time.Time) {
 func (p *periodicStats) Observe(name string, when time.Time, value float64) {
 	// calculate how many periods ago this happened
 	elapsed := int64(time.Since(when) / p.period)
-	// trace("%s: %v as %v -> [%v]", name, time.Since(when), p.period, elapsed)
+	// log.Tracef("%s: %v as %v -> [%v]", name, time.Since(when), p.period, elapsed)
 	if elapsed >= statsHistoryElements {
 		return // outside of our timeframe
 	}
@@ -93,7 +92,7 @@ func (p *periodicStats) Observe(name string, when time.Time, value float64) {
 		countname := name + "_count"
 		currentValues := p.Entries[countname]
 		value := currentValues[elapsed]
-		// trace("Will change p.Entries[%s][%d] from %v to %v", countname, elapsed, value, value+1)
+		// log.Tracef("Will change p.Entries[%s][%d] from %v to %v", countname, elapsed, value, value+1)
 		value += 1
 		currentValues[elapsed] = value
 		p.Entries[countname] = currentValues
@@ -143,21 +142,15 @@ func statsRotator() {
 type counter struct {
 	name  string // used as key in periodic stats
 	value int64
-	prom  prometheus.Counter
+
+	sync.Mutex
 }

-func newDNSCounter(name string, help string) *counter {
-	// trace("called")
-	c := &counter{}
-	c.prom = prometheus.NewCounter(prometheus.CounterOpts{
-		Namespace: plugin.Namespace,
-		Subsystem: "dnsfilter",
-		Name:      name,
-		Help:      help,
-	})
-	c.name = name
-
-	return c
+func newDNSCounter(name string) *counter {
+	// log.Tracef("called")
+	return &counter{
+		name: name,
+	}
 }

 func (c *counter) IncWithTime(when time.Time) {
@@ -165,41 +158,27 @@ func (c *counter) IncWithTime(when time.Time) {
 	statistics.PerMinute.Inc(c.name, when)
 	statistics.PerHour.Inc(c.name, when)
 	statistics.PerDay.Inc(c.name, when)
+	c.Lock()
 	c.value++
-	c.prom.Inc()
+	c.Unlock()
 }

 func (c *counter) Inc() {
 	c.IncWithTime(time.Now())
 }

-func (c *counter) Describe(ch chan<- *prometheus.Desc) {
-	c.prom.Describe(ch)
-}
-
-func (c *counter) Collect(ch chan<- prometheus.Metric) {
-	c.prom.Collect(ch)
-}
-
 type histogram struct {
 	name  string // used as key in periodic stats
 	count int64
 	total float64
-	prom  prometheus.Histogram
+
+	sync.Mutex
 }

-func newDNSHistogram(name string, help string) *histogram {
-	// trace("called")
-	h := &histogram{}
-	h.prom = prometheus.NewHistogram(prometheus.HistogramOpts{
-		Namespace: plugin.Namespace,
-		Subsystem: "dnsfilter",
-		Name:      name,
-		Help:      help,
-	})
-	h.name = name
-
-	return h
+func newDNSHistogram(name string) *histogram {
+	return &histogram{
+		name: name,
+	}
 }

 func (h *histogram) ObserveWithTime(value float64, when time.Time) {
@@ -207,27 +186,45 @@ func (h *histogram) ObserveWithTime(value float64, when time.Time) {
 	statistics.PerMinute.Observe(h.name, when, value)
 	statistics.PerHour.Observe(h.name, when, value)
 	statistics.PerDay.Observe(h.name, when, value)
+	h.Lock()
 	h.count++
 	h.total += value
-	h.prom.Observe(value)
+	h.Unlock()
 }

 func (h *histogram) Observe(value float64) {
 	h.ObserveWithTime(value, time.Now())
 }

-func (h *histogram) Describe(ch chan<- *prometheus.Desc) {
-	h.prom.Describe(ch)
-}
-
-func (h *histogram) Collect(ch chan<- prometheus.Metric) {
-	h.prom.Collect(ch)
-}
-
 // -----
 // stats
 // -----
-func handleStats(w http.ResponseWriter, r *http.Request) {
+func incrementCounters(entry *logEntry) {
+	requests.IncWithTime(entry.Time)
+	if entry.Result.IsFiltered {
+		filtered.IncWithTime(entry.Time)
+	}
+
+	switch entry.Result.Reason {
+	case dnsfilter.NotFilteredWhiteList:
+		whitelisted.IncWithTime(entry.Time)
+	case dnsfilter.NotFilteredError:
+		errorsTotal.IncWithTime(entry.Time)
+	case dnsfilter.FilteredBlackList:
+		filteredLists.IncWithTime(entry.Time)
+	case dnsfilter.FilteredSafeBrowsing:
+		filteredSafebrowsing.IncWithTime(entry.Time)
+	case dnsfilter.FilteredParental:
+		filteredParental.IncWithTime(entry.Time)
+	case dnsfilter.FilteredInvalid:
+		// do nothing
+	case dnsfilter.FilteredSafeSearch:
+		safesearch.IncWithTime(entry.Time)
+	}
+	elapsedTime.ObserveWithTime(entry.Elapsed.Seconds(), entry.Time)
+}
+
+func HandleStats(w http.ResponseWriter, r *http.Request) {
 	const numHours = 24
 	histrical := generateMapFromStats(&statistics.PerHour, 0, numHours)
 	// sum them up
@@ -299,7 +296,7 @@ func generateMapFromStats(stats *periodicStats, start int, end int) map[string]i
 	return result
 }

-func handleStatsHistory(w http.ResponseWriter, r *http.Request) {
+func HandleStatsHistory(w http.ResponseWriter, r *http.Request) {
 	// handle time unit and prepare our time window size
 	now := time.Now()
 	timeUnitString := r.URL.Query().Get("time_unit")
@@ -378,6 +375,16 @@ func handleStatsHistory(w http.ResponseWriter, r *http.Request) {
 	}
 }

+func HandleStatsReset(w http.ResponseWriter, r *http.Request) {
+	purgeStats()
+	_, err := fmt.Fprintf(w, "OK\n")
+	if err != nil {
+		errortext := fmt.Sprintf("Couldn't write body: %s", err)
+		log.Println(errortext)
+		http.Error(w, errortext, http.StatusInternalServerError)
+	}
+}
+
 func clamp(value, low, high int) int {
 	if value < low {
 		return low
--- a/filter.go
+++ b/filter.go
@@ -0,0 +1,251 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"regexp"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/AdguardTeam/AdGuardHome/dnsfilter"
+	"github.com/hmage/golibs/log"
+)
+
+var (
+	nextFilterID      = time.Now().Unix() // semi-stable way to generate an unique ID
+	filterTitleRegexp = regexp.MustCompile(`^! Title: +(.*)$`)
+)
+
+// field ordering is important -- yaml fields will mirror ordering from here
+type filter struct {
+	Enabled     bool      `json:"enabled"`
+	URL         string    `json:"url"`
+	Name        string    `json:"name" yaml:"name"`
+	RulesCount  int       `json:"rulesCount" yaml:"-"`
+	LastUpdated time.Time `json:"lastUpdated,omitempty" yaml:"last_updated,omitempty"`
+
+	dnsfilter.Filter `yaml:",inline"`
+}
+
+// Creates a helper object for working with the user rules
+func userFilter() filter {
+	return filter{
+		// User filter always has constant ID=0
+		Enabled: true,
+		Filter: dnsfilter.Filter{
+			Rules: config.UserRules,
+		},
+	}
+}
+
+func deduplicateFilters() {
+	// Deduplicate filters
+	i := 0 // output index, used for deletion later
+	urls := map[string]bool{}
+	for _, filter := range config.Filters {
+		if _, ok := urls[filter.URL]; !ok {
+			// we didn't see it before, keep it
+			urls[filter.URL] = true // remember the URL
+			config.Filters[i] = filter
+			i++
+		}
+	}
+
+	// all entries we want to keep are at front, delete the rest
+	config.Filters = config.Filters[:i]
+}
+
+// Set the next filter ID to max(filter.ID) + 1
+func updateUniqueFilterID(filters []filter) {
+	for _, filter := range filters {
+		if nextFilterID < filter.ID {
+			nextFilterID = filter.ID + 1
+		}
+	}
+}
+
+func assignUniqueFilterID() int64 {
+	value := nextFilterID
+	nextFilterID += 1
+	return value
+}
+
+// Sets up a timer that will be checking for filters updates periodically
+func periodicallyRefreshFilters() {
+	for range time.Tick(time.Minute) {
+		refreshFiltersIfNeccessary(false)
+	}
+}
+
+// Checks filters updates if necessary
+// If force is true, it ignores the filter.LastUpdated field value
+func refreshFiltersIfNeccessary(force bool) int {
+	config.Lock()
+
+	// fetch URLs
+	updateCount := 0
+	for i := range config.Filters {
+		filter := &config.Filters[i] // otherwise we will be operating on a copy
+
+		if filter.ID == 0 { // protect against users modifying the yaml and removing the ID
+			filter.ID = assignUniqueFilterID()
+		}
+
+		updated, err := filter.update(force)
+		if err != nil {
+			log.Printf("Failed to update filter %s: %s\n", filter.URL, err)
+			continue
+		}
+		if updated {
+			// Saving it to the filters dir now
+			err = filter.save()
+			if err != nil {
+				log.Printf("Failed to save the updated filter %d: %s", filter.ID, err)
+				continue
+			}
+
+			updateCount++
+		}
+	}
+	config.Unlock()
+
+	if updateCount > 0 {
+		reconfigureDNSServer()
+	}
+	return updateCount
+}
+
+// A helper function that parses filter contents and returns a number of rules and a filter name (if there's any)
+func parseFilterContents(contents []byte) (int, string, []string) {
+	lines := strings.Split(string(contents), "\n")
+	rulesCount := 0
+	name := ""
+	seenTitle := false
+
+	// Count lines in the filter
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+		if len(line) > 0 && line[0] == '!' {
+			if m := filterTitleRegexp.FindAllStringSubmatch(line, -1); len(m) > 0 && len(m[0]) >= 2 && !seenTitle {
+				name = m[0][1]
+				seenTitle = true
+			}
+		} else if len(line) != 0 {
+			rulesCount++
+		}
+	}
+
+	return rulesCount, name, lines
+}
+
+// Checks for filters updates
+// If "force" is true -- does not check the filter's LastUpdated field
+// Call "save" to persist the filter contents
+func (filter *filter) update(force bool) (bool, error) {
+	if filter.ID == 0 { // protect against users deleting the ID
+		filter.ID = assignUniqueFilterID()
+	}
+	if !filter.Enabled {
+		return false, nil
+	}
+	if !force && time.Since(filter.LastUpdated) <= updatePeriod {
+		return false, nil
+	}
+
+	log.Printf("Downloading update for filter %d from %s", filter.ID, filter.URL)
+
+	// use the same update period for failed filter downloads to avoid flooding with requests
+	filter.LastUpdated = time.Now()
+
+	resp, err := client.Get(filter.URL)
+	if resp != nil && resp.Body != nil {
+		defer resp.Body.Close()
+	}
+	if err != nil {
+		log.Printf("Couldn't request filter from URL %s, skipping: %s", filter.URL, err)
+		return false, err
+	}
+
+	if resp.StatusCode != 200 {
+		log.Printf("Got status code %d from URL %s, skipping", resp.StatusCode, filter.URL)
+		return false, fmt.Errorf("got status code != 200: %d", resp.StatusCode)
+	}
+
+	contentType := strings.ToLower(resp.Header.Get("content-type"))
+	if !strings.HasPrefix(contentType, "text/plain") {
+		log.Printf("Non-text response %s from %s, skipping", contentType, filter.URL)
+		return false, fmt.Errorf("non-text response %s", contentType)
+	}
+
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		log.Printf("Couldn't fetch filter contents from URL %s, skipping: %s", filter.URL, err)
+		return false, err
+	}
+
+	// Extract filter name and count number of rules
+	rulesCount, filterName, rules := parseFilterContents(body)
+
+	if filterName != "" {
+		filter.Name = filterName
+	}
+
+	// Check if the filter has been really changed
+	if reflect.DeepEqual(filter.Rules, rules) {
+		log.Printf("Filter #%d at URL %s hasn't changed, not updating it", filter.ID, filter.URL)
+		return false, nil
+	}
+
+	log.Printf("Filter %d has been updated: %d bytes, %d rules", filter.ID, len(body), rulesCount)
+	filter.RulesCount = rulesCount
+	filter.Rules = rules
+
+	return true, nil
+}
+
+// saves filter contents to the file in dataDir
+func (filter *filter) save() error {
+	filterFilePath := filter.Path()
+	log.Printf("Saving filter %d contents to: %s", filter.ID, filterFilePath)
+	body := []byte(strings.Join(filter.Rules, "\n"))
+
+	return safeWriteFile(filterFilePath, body)
+}
+
+// loads filter contents from the file in dataDir
+func (filter *filter) load() error {
+	if !filter.Enabled {
+		// No need to load a filter that is not enabled
+		return nil
+	}
+
+	filterFilePath := filter.Path()
+	log.Printf("Loading filter %d contents to: %s", filter.ID, filterFilePath)
+
+	if _, err := os.Stat(filterFilePath); os.IsNotExist(err) {
+		// do nothing, file doesn't exist
+		return err
+	}
+
+	filterFileContents, err := ioutil.ReadFile(filterFilePath)
+	if err != nil {
+		return err
+	}
+
+	log.Printf("File %s, id %d, length %d", filterFilePath, filter.ID, len(filterFileContents))
+	rulesCount, _, rules := parseFilterContents(filterFileContents)
+
+	filter.RulesCount = rulesCount
+	filter.Rules = rules
+
+	return nil
+}
+
+// Path to the filter contents
+func (filter *filter) Path() string {
+	return filepath.Join(config.ourBinaryDir, dataDir, filterDir, strconv.FormatInt(filter.ID, 10)+".txt")
+}
--- a/go.mod
+++ b/go.mod
@@ -0,0 +1,21 @@
+module github.com/AdguardTeam/AdGuardHome
+
+require (
+	github.com/AdguardTeam/dnsproxy v0.9.10
+	github.com/StackExchange/wmi v0.0.0-20180725035823-b12b22c5341f // indirect
+	github.com/bluele/gcache v0.0.0-20171010155617-472614239ac7
+	github.com/go-ole/go-ole v1.2.1 // indirect
+	github.com/go-test/deep v1.0.1
+	github.com/gobuffalo/packr v1.19.0
+	github.com/hmage/golibs v0.0.0-20181229160906-c8491df0bfc4
+	github.com/joomcode/errorx v0.1.0
+	github.com/krolaw/dhcp4 v0.0.0-20180925202202-7cead472c414
+	github.com/miekg/dns v1.1.1
+	github.com/shirou/gopsutil v2.18.10+incompatible
+	github.com/shirou/w32 v0.0.0-20160930032740-bb4de0191aa4 // indirect
+	go.uber.org/goleak v0.10.0
+	golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9
+	golang.org/x/net v0.0.0-20181220203305-927f97764cc3
+	gopkg.in/asaskevich/govalidator.v4 v4.0.0-20160518190739-766470278477
+	gopkg.in/yaml.v2 v2.2.1
+)
--- a/go.sum
+++ b/go.sum
@@ -0,0 +1,86 @@
+github.com/AdguardTeam/dnsproxy v0.9.10 h1:q364WlTvC+CS8kJbMy7TCyt4Niqixxw584MQJtCGhJU=
+github.com/AdguardTeam/dnsproxy v0.9.10/go.mod h1:IqBhopgNpzB168kMurbjXf86dn50geasBIuGVxY63j0=
+github.com/StackExchange/wmi v0.0.0-20180725035823-b12b22c5341f h1:5ZfJxyXo8KyX8DgGXC5B7ILL8y51fci/qYz2B4j8iLY=
+github.com/StackExchange/wmi v0.0.0-20180725035823-b12b22c5341f/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg=
+github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY=
+github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
+github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 h1:52m0LGchQBBVqJRyYYufQuIbVqRawmubW3OFGqK1ekw=
+github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635/go.mod h1:lmLxL+FV291OopO93Bwf9fQLQeLyt33VJRUg5VJ30us=
+github.com/ameshkov/dnscrypt v1.0.4 h1:vtwHm5m4R2dhcCx23wiI+gNBoy7qm4h7+kZ4Pucw/vE=
+github.com/ameshkov/dnscrypt v1.0.4/go.mod h1:hVW52S6r0QvUpIwsyfZ1ifYYpfGu5pewD3pl7afMJcQ=
+github.com/ameshkov/dnsstamps v1.0.1 h1:LhGvgWDzhNJh+kBQd/AfUlq1vfVe109huiXw4JhnPug=
+github.com/ameshkov/dnsstamps v1.0.1/go.mod h1:Ii3eUu73dx4Vw5O4wjzmT5+lkCwovjzaEZZ4gKyIH5A=
+github.com/beefsack/go-rate v0.0.0-20180408011153-efa7637bb9b6 h1:KXlsf+qt/X5ttPGEjR0tPH1xaWWoKBEg9Q1THAj2h3I=
+github.com/beefsack/go-rate v0.0.0-20180408011153-efa7637bb9b6/go.mod h1:6YNgTHLutezwnBvyneBbwvB8C82y3dcoOj5EQJIdGXA=
+github.com/bluele/gcache v0.0.0-20171010155617-472614239ac7 h1:NpQ+gkFOH27AyDypSCJ/LdsIi/b4rdnEb1N5+IpFfYs=
+github.com/bluele/gcache v0.0.0-20171010155617-472614239ac7/go.mod h1:8c4/i2VlovMO2gBnHGQPN5EJw+H0lx1u/5p+cgsXtCk=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/go-ole/go-ole v1.2.1 h1:2lOsA72HgjxAuMlKpFiCbHTvu44PIVkZ5hqm3RSdI/E=
+github.com/go-ole/go-ole v1.2.1/go.mod h1:7FAglXiTm7HKlQRDeOQ6ZNUHidzCWXuZWq/1dTyBNF8=
+github.com/go-test/deep v1.0.1 h1:UQhStjbkDClarlmv0am7OXXO4/GaPdCGiUiMTvi28sg=
+github.com/go-test/deep v1.0.1/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
+github.com/gobuffalo/envy v1.6.7 h1:XMZGuFqTupAXhZTriQ+qO38QvNOSU/0rl3hEPCFci/4=
+github.com/gobuffalo/envy v1.6.7/go.mod h1:N+GkhhZ/93bGZc6ZKhJLP6+m+tCNPKwgSpH9kaifseQ=
+github.com/gobuffalo/packd v0.0.0-20181031195726-c82734870264 h1:roWyi0eEdiFreSqW9V1wT9pNOVzrpo2NWsxja53slX0=
+github.com/gobuffalo/packd v0.0.0-20181031195726-c82734870264/go.mod h1:Yf2toFaISlyQrr5TfO3h6DB9pl9mZRmyvBGQb/aQ/pI=
+github.com/gobuffalo/packr v1.19.0 h1:3UDmBDxesCOPF8iZdMDBBWKfkBoYujIMIZePnobqIUI=
+github.com/gobuffalo/packr v1.19.0/go.mod h1:MstrNkfCQhd5o+Ct4IJ0skWlxN8emOq8DsoT1G98VIU=
+github.com/hmage/golibs v0.0.0-20181229160906-c8491df0bfc4 h1:FMAReGTEDNr4AdbScv/PqzjMQUpkkVHiF/t8sDHQQVQ=
+github.com/hmage/golibs v0.0.0-20181229160906-c8491df0bfc4/go.mod h1:H6Ev6svFxUVPFThxLtdnFfcE9e3GWufpfmcVFpqV6HM=
+github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
+github.com/jessevdk/go-flags v1.4.0 h1:4IU2WS7AumrZ/40jfhf4QVDMsQwqA7VEHozFRrGARJA=
+github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
+github.com/jmcvetta/randutil v0.0.0-20150817122601-2bb1b664bcff h1:6NvhExg4omUC9NfA+l4Oq3ibNNeJUdiAF3iBVB0PlDk=
+github.com/jmcvetta/randutil v0.0.0-20150817122601-2bb1b664bcff/go.mod h1:ddfPX8Z28YMjiqoaJhNBzWHapTHXejnB5cDCUWDwriw=
+github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
+github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
+github.com/joomcode/errorx v0.1.0 h1:QmJMiI1DE1UFje2aI1ZWO/VMT5a32qBoXUclGOt8vsc=
+github.com/joomcode/errorx v0.1.0/go.mod h1:kgco15ekB6cs+4Xjzo7SPeXzx38PbJzBwbnu9qfVNHQ=
+github.com/krolaw/dhcp4 v0.0.0-20180925202202-7cead472c414 h1:6wnYc2S/lVM7BvR32BM74ph7bPgqMztWopMYKgVyEho=
+github.com/krolaw/dhcp4 v0.0.0-20180925202202-7cead472c414/go.mod h1:0AqAH3ZogsCrvrtUpvc6EtVKbc3w6xwZhkvGLuqyi3o=
+github.com/markbates/oncer v0.0.0-20181014194634-05fccaae8fc4 h1:Mlji5gkcpzkqTROyE4ZxZ8hN7osunMb2RuGVrbvMvCc=
+github.com/markbates/oncer v0.0.0-20181014194634-05fccaae8fc4/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE=
+github.com/miekg/dns v1.1.1 h1:DVkblRdiScEnEr0LR9nTnEQqHYycjkXW9bOjd+2EL2o=
+github.com/miekg/dns v1.1.1/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
+github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
+github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
+github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw=
+github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/shirou/gopsutil v2.18.10+incompatible h1:cy84jW6EVRPa5g9HAHrlbxMSIjBhDSX0OFYyMYminYs=
+github.com/shirou/gopsutil v2.18.10+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
+github.com/shirou/w32 v0.0.0-20160930032740-bb4de0191aa4 h1:udFKJ0aHUL60LboW/A+DfgoHVedieIzIXE8uylPue0U=
+github.com/shirou/w32 v0.0.0-20160930032740-bb4de0191aa4/go.mod h1:qsXQc7+bwAM3Q1u/4XEfrquwF8Lw7D7y5cD8CuHnfIc=
+github.com/spf13/cobra v0.0.3 h1:ZlrZ4XsMRm04Fr5pSFxBgfND2EBVa1nLpiy1stUsX/8=
+github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
+github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=
+github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+go.uber.org/goleak v0.10.0 h1:G3eWbSNIskeRqtsN/1uI5B+eP73y3JUuBsv9AZjehb4=
+go.uber.org/goleak v0.10.0/go.mod h1:VCZuO8V8mFPlL0F5J5GK1rtHV3DrFcQ1R8ryq7FK0aI=
+golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9 h1:mKdxBk7AujPs8kU4m80U72y/zjbZ3UcXC7dClwKbUI0=
+golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/net v0.0.0-20181102091132-c10e9556a7bc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181213202711-891ebc4b82d6 h1:gT0Y6H7hbVPUtvtk0YGxMXPgN+p8fYlqWkgJeUCZcaQ=
+golang.org/x/net v0.0.0-20181213202711-891ebc4b82d6/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181220203305-927f97764cc3 h1:eH6Eip3UpmR+yM/qI9Ijluzb1bNv/cAU/n+6l8tRSis=
+golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f h1:wMNYb4v58l5UBM7MYRLPG6ZhfOqbKu7X5eyFl8ZhKvA=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f h1:Bl/8QSvNqXvPGPGXa2z5xUTmV7VDcZyvRZ+QQXkXTZQ=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw=
+golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20181213200352-4d1cda033e06 h1:0oC8rFnE+74kEmuHZ46F6KHsMr5Gx2gUQPuNz28iQZM=
+golang.org/x/sys v0.0.0-20181213200352-4d1cda033e06/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181228144115-9a3f9b0469bb h1:pf3XwC90UUdNPYWZdFjhGBE7DUFuK3Ct1zWmZ65QN30=
+golang.org/x/sys v0.0.0-20181228144115-9a3f9b0469bb/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+gopkg.in/asaskevich/govalidator.v4 v4.0.0-20160518190739-766470278477 h1:5xUJw+lg4zao9W4HIDzlFbMYgSgtvNVHh00MEHvbGpQ=
+gopkg.in/asaskevich/govalidator.v4 v4.0.0-20160518190739-766470278477/go.mod h1:QDV1vrFSrowdoOba0UM8VJPUZONT7dnfdLsM+GG53Z8=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE=
+gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="#9aa0ac" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-down"><polyline points="6 9 12 15 18 9"></polyline></svg>`