223 lines
5.4 KiB
C
223 lines
5.4 KiB
C
#ifndef _DNS_CONF
|
|
#define _DNS_CONF
|
|
|
|
#include "art.h"
|
|
#include "conf.h"
|
|
#include "dns.h"
|
|
#include "dns_client.h"
|
|
#include "hash.h"
|
|
#include "hashtable.h"
|
|
#include "list.h"
|
|
#include "radix.h"
|
|
|
|
#define DNS_MAX_BIND_IP 16
|
|
#define DNS_MAX_SERVERS 64
|
|
#define DNS_MAX_SERVER_NAME_LEN 128
|
|
#define DNS_MAX_IPSET_NAMELEN 32
|
|
#define DNS_GROUP_NAME_LEN 32
|
|
#define DNS_NAX_GROUP_NUMBER 16
|
|
#define DNS_MAX_IPLEN 64
|
|
#define DNS_MAX_SPKI_LEN 64
|
|
#define DNS_MAX_URL_LEN 256
|
|
#define DNS_MAX_PATH 1024
|
|
#define DEFAULT_DNS_PORT 53
|
|
#define DEFAULT_DNS_TLS_PORT 853
|
|
#define DEFAULT_DNS_HTTPS_PORT 443
|
|
#define DNS_MAX_CONF_CNAME_LEN 256
|
|
#define SMARTDNS_CONF_FILE "/etc/smartdns/smartdns.conf"
|
|
#define SMARTDNS_LOG_FILE "/var/log/smartdns.log"
|
|
#define SMARTDNS_AUDIT_FILE "/var/log/smartdns-audit.log"
|
|
|
|
enum domain_rule {
|
|
DOMAIN_RULE_FLAGS = 0,
|
|
DOMAIN_RULE_ADDRESS_IPV4,
|
|
DOMAIN_RULE_ADDRESS_IPV6,
|
|
DOMAIN_RULE_IPSET,
|
|
DOMAIN_RULE_NAMESERVER,
|
|
DOMAIN_RULE_MAX,
|
|
};
|
|
|
|
typedef enum {
|
|
DNS_BIND_TYPE_UDP,
|
|
DNS_BIND_TYPE_TCP,
|
|
DNS_BIND_TYPE_TLS,
|
|
} DNS_BIND_TYPE;
|
|
|
|
#define DOMAIN_CHECK_NONE 0
|
|
#define DOMAIN_CHECK_ICMP 1
|
|
#define DOMAIN_CHECK_TCP 2
|
|
#define DOMAIN_CHECK_NUM 2
|
|
|
|
#define DOMAIN_FLAG_ADDR_SOA (1 << 0)
|
|
#define DOMAIN_FLAG_ADDR_IPV4_SOA (1 << 1)
|
|
#define DOMAIN_FLAG_ADDR_IPV6_SOA (1 << 2)
|
|
#define DOMAIN_FLAG_ADDR_IGN (1 << 3)
|
|
#define DOMAIN_FLAG_ADDR_IPV4_IGN (1 << 4)
|
|
#define DOMAIN_FLAG_ADDR_IPV6_IGN (1 << 5)
|
|
#define DOMAIN_FLAG_IPSET_IGNORE (1 << 6)
|
|
#define DOMAIN_FLAG_NAMESERVER_IGNORE (1 << 7)
|
|
|
|
#define SERVER_FLAG_EXCLUDE_DEFAULT (1 << 0)
|
|
|
|
#define BIND_FLAG_NO_RULE_ADDR (1 << 0)
|
|
#define BIND_FLAG_NO_RULE_NAMESERVER (1 << 1)
|
|
#define BIND_FLAG_NO_RULE_IPSET (1 << 2)
|
|
#define BIND_FLAG_NO_RULE_SNIPROXY (1 << 3)
|
|
#define BIND_FLAG_NO_RULE_SOA (1 << 4)
|
|
#define BIND_FLAG_NO_SPEED_CHECK (1 << 5)
|
|
#define BIND_FLAG_NO_CACHE (1 << 6)
|
|
#define BIND_FLAG_NO_DUALSTACK_SELECTION (1 << 7)
|
|
|
|
struct dns_rule_flags {
|
|
unsigned int flags;
|
|
};
|
|
|
|
struct dns_address_IPV4 {
|
|
unsigned char ipv4_addr[DNS_RR_A_LEN];
|
|
};
|
|
|
|
struct dns_address_IPV6 {
|
|
unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
|
|
};
|
|
|
|
struct dns_ipset_name {
|
|
struct hlist_node node;
|
|
char ipsetname[DNS_MAX_IPSET_NAMELEN];
|
|
};
|
|
|
|
struct dns_ipset_rule {
|
|
const char *ipsetname;
|
|
};
|
|
|
|
struct dns_domain_rule {
|
|
void *rules[DOMAIN_RULE_MAX];
|
|
};
|
|
|
|
struct dns_nameserver_rule {
|
|
const char *group_name;
|
|
};
|
|
|
|
struct dns_server_groups {
|
|
struct hlist_node node;
|
|
char group_name[DNS_GROUP_NAME_LEN];
|
|
int server_num;
|
|
struct dns_servers *servers[DNS_MAX_SERVERS];
|
|
};
|
|
|
|
struct dns_domain_check_order {
|
|
char order[DOMAIN_CHECK_NUM];
|
|
unsigned short tcp_port;
|
|
};
|
|
|
|
struct dns_group_table {
|
|
DECLARE_HASHTABLE(group, 8);
|
|
};
|
|
extern struct dns_group_table dns_group_table;
|
|
|
|
struct dns_servers {
|
|
char server[DNS_MAX_IPLEN];
|
|
unsigned short port;
|
|
unsigned int result_flag;
|
|
unsigned int server_flag;
|
|
int ttl;
|
|
dns_server_type_t type;
|
|
char spki[DNS_MAX_SPKI_LEN];
|
|
char hostname[DNS_MAX_CNAME_LEN];
|
|
char httphost[DNS_MAX_CNAME_LEN];
|
|
char tls_host_check[DNS_MAX_CNAME_LEN];
|
|
char path[DNS_MAX_URL_LEN];
|
|
};
|
|
|
|
/* ip address lists of domain */
|
|
struct dns_bogus_ip_address {
|
|
struct hlist_node node;
|
|
dns_type_t addr_type;
|
|
union {
|
|
unsigned char ipv4_addr[DNS_RR_A_LEN];
|
|
unsigned char ipv6_addr[DNS_RR_AAAA_LEN];
|
|
unsigned char addr[0];
|
|
};
|
|
};
|
|
|
|
enum address_rule {
|
|
ADDRESS_RULE_BLACKLIST = 1,
|
|
ADDRESS_RULE_WHITELIST = 2,
|
|
ADDRESS_RULE_BOGUS = 3,
|
|
ADDRESS_RULE_IP_IGNORE = 4,
|
|
};
|
|
|
|
struct dns_ip_address_rule {
|
|
unsigned int blacklist : 1;
|
|
unsigned int whitelist : 1;
|
|
unsigned int bogus : 1;
|
|
unsigned int ip_ignore : 1;
|
|
};
|
|
|
|
struct dns_edns_client_subnet {
|
|
int enable;
|
|
char ip[DNS_MAX_IPLEN];
|
|
int subnet;
|
|
};
|
|
|
|
struct dns_conf_address_rule {
|
|
radix_tree_t *ipv4;
|
|
radix_tree_t *ipv6;
|
|
};
|
|
|
|
struct dns_bind_ip {
|
|
DNS_BIND_TYPE type;
|
|
uint32_t flags;
|
|
char ip[DNS_MAX_IPLEN];
|
|
const char *group;
|
|
};
|
|
|
|
extern struct dns_bind_ip dns_conf_bind_ip[DNS_MAX_BIND_IP];
|
|
extern int dns_conf_bind_ip_num;
|
|
|
|
extern int dns_conf_tcp_idle_time;
|
|
extern int dns_conf_cachesize;
|
|
extern int dns_conf_prefetch;
|
|
extern struct dns_servers dns_conf_servers[DNS_MAX_SERVERS];
|
|
extern int dns_conf_server_num;
|
|
|
|
extern int dns_conf_log_level;
|
|
extern char dns_conf_log_file[DNS_MAX_PATH];
|
|
extern size_t dns_conf_log_size;
|
|
extern int dns_conf_log_num;
|
|
|
|
extern struct dns_domain_check_order dns_conf_check_order;
|
|
|
|
extern struct dns_server_groups dns_conf_server_groups[DNS_NAX_GROUP_NUMBER];
|
|
extern int dns_conf_server_group_num;
|
|
|
|
extern int dns_conf_audit_enable;
|
|
extern char dns_conf_audit_file[DNS_MAX_PATH];
|
|
extern size_t dns_conf_audit_size;
|
|
extern int dns_conf_audit_num;
|
|
|
|
extern char dns_conf_server_name[DNS_MAX_SERVER_NAME_LEN];
|
|
extern art_tree dns_conf_domain_rule;
|
|
extern struct dns_conf_address_rule dns_conf_address_rule;
|
|
|
|
extern int dns_conf_dualstack_ip_selection;
|
|
extern int dns_conf_dualstack_ip_selection_threshold;
|
|
|
|
extern int dns_conf_rr_ttl;
|
|
extern int dns_conf_rr_ttl_min;
|
|
extern int dns_conf_rr_ttl_max;
|
|
extern int dns_conf_force_AAAA_SOA;
|
|
extern int dns_conf_ipset_timeout_enable;
|
|
|
|
extern struct dns_edns_client_subnet dns_conf_ipv4_ecs;
|
|
extern struct dns_edns_client_subnet dns_conf_ipv6_ecs;
|
|
|
|
extern char dns_conf_sni_proxy_ip[DNS_MAX_IPLEN];
|
|
|
|
void dns_server_load_exit(void);
|
|
|
|
int dns_server_load_conf(const char *file);
|
|
|
|
extern int config_addtional_file(void *data, int argc, char *argv[]);
|
|
|
|
#endif // !_DNS_CONF
|