From 4b9ab972719bee2f3051f40cef025f8bb43e69b3 Mon Sep 17 00:00:00 2001 From: Simon Zolin Date: Fri, 24 Jul 2020 13:18:05 +0300 Subject: [PATCH] - rewrites: return NOERROR without A records instead of NXDOMAIN For rule "host -> ipv6" we return "ipv6" address for AAAA request and empty answer for A request --- dnsforward/filter.go | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/dnsforward/filter.go b/dnsforward/filter.go index 1591d74f..068c5112 100644 --- a/dnsforward/filter.go +++ b/dnsforward/filter.go @@ -54,8 +54,12 @@ func (s *Server) filterDNSRequest(ctx *dnsContext) (*dnsfilter.Result, error) { // log.Tracef("Host %s is filtered, reason - '%s', matched rule: '%s'", host, res.Reason, res.Rule) d.Res = s.genDNSFilterMessage(d, &res) - } else if (res.Reason == dnsfilter.ReasonRewrite || res.Reason == dnsfilter.RewriteEtcHosts) && - len(res.IPList) != 0 { + } else if res.Reason == dnsfilter.ReasonRewrite && len(res.CanonName) != 0 && len(res.IPList) == 0 { + ctx.origQuestion = d.Req.Question[0] + // resolve canonical name, not the original host name + d.Req.Question[0].Name = dns.Fqdn(res.CanonName) + + } else if res.Reason == dnsfilter.ReasonRewrite || res.Reason == dnsfilter.RewriteEtcHosts { resp := s.makeResponse(req) name := host @@ -78,11 +82,6 @@ func (s *Server) filterDNSRequest(ctx *dnsContext) (*dnsfilter.Result, error) { d.Res = resp - } else if res.Reason == dnsfilter.ReasonRewrite && len(res.CanonName) != 0 { - ctx.origQuestion = d.Req.Question[0] - // resolve canonical name, not the original host name - d.Req.Question[0].Name = dns.Fqdn(res.CanonName) - } else if res.Reason == dnsfilter.RewriteEtcHosts && len(res.ReverseHost) != 0 { resp := s.makeResponse(req)