all: upd proxy
This commit is contained in:
parent
cdf970fcbf
commit
f151f8c313
2
go.mod
2
go.mod
|
@ -3,7 +3,7 @@ module github.com/AdguardTeam/AdGuardHome
|
||||||
go 1.22.5
|
go 1.22.5
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/AdguardTeam/dnsproxy v0.72.3-0.20240806061520-4cc9af6704ef
|
github.com/AdguardTeam/dnsproxy v0.72.4-0.20240816100403-7b95e9d45693
|
||||||
github.com/AdguardTeam/golibs v0.25.2
|
github.com/AdguardTeam/golibs v0.25.2
|
||||||
github.com/AdguardTeam/urlfilter v0.19.0
|
github.com/AdguardTeam/urlfilter v0.19.0
|
||||||
github.com/NYTimes/gziphandler v1.1.1
|
github.com/NYTimes/gziphandler v1.1.1
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -1,5 +1,5 @@
|
||||||
github.com/AdguardTeam/dnsproxy v0.72.3-0.20240806061520-4cc9af6704ef h1:j6MtYGWnMOj5TdRFeLA/YmUuS4GKsatt1z3bmIJQtZ8=
|
github.com/AdguardTeam/dnsproxy v0.72.4-0.20240816100403-7b95e9d45693 h1:C7zs6ZWYA2VwIORIdmJ868tXueR8ON/ezkGuObIbKIg=
|
||||||
github.com/AdguardTeam/dnsproxy v0.72.3-0.20240806061520-4cc9af6704ef/go.mod h1:DCHTuklaAuvCgtZzpoA0TrqCdOBZJQnKjgKxbC9/kQ8=
|
github.com/AdguardTeam/dnsproxy v0.72.4-0.20240816100403-7b95e9d45693/go.mod h1:DCHTuklaAuvCgtZzpoA0TrqCdOBZJQnKjgKxbC9/kQ8=
|
||||||
github.com/AdguardTeam/golibs v0.25.2 h1:4+c9LjAIdd9trRk71hXghJ5OL/VRosBm+/0dKH+H39U=
|
github.com/AdguardTeam/golibs v0.25.2 h1:4+c9LjAIdd9trRk71hXghJ5OL/VRosBm+/0dKH+H39U=
|
||||||
github.com/AdguardTeam/golibs v0.25.2/go.mod h1:HaTyS2wCbxFudjht9N/+/Qf1b5cMad2BAYSwe7DPCXI=
|
github.com/AdguardTeam/golibs v0.25.2/go.mod h1:HaTyS2wCbxFudjht9N/+/Qf1b5cMad2BAYSwe7DPCXI=
|
||||||
github.com/AdguardTeam/urlfilter v0.19.0 h1:q7eH13+yNETlpD/VD3u5rLQOripcUdEktqZFy+KiQLk=
|
github.com/AdguardTeam/urlfilter v0.19.0 h1:q7eH13+yNETlpD/VD3u5rLQOripcUdEktqZFy+KiQLk=
|
||||||
|
|
|
@ -427,8 +427,6 @@ func parseBogusNXDOMAIN(confBogusNXDOMAIN []string) (subnets []netip.Prefix, err
|
||||||
return subnets, nil
|
return subnets, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
const defaultBlockedResponseTTL = 3600
|
|
||||||
|
|
||||||
// initDefaultSettings initializes default settings if nothing
|
// initDefaultSettings initializes default settings if nothing
|
||||||
// is configured
|
// is configured
|
||||||
func (s *Server) initDefaultSettings() {
|
func (s *Server) initDefaultSettings() {
|
||||||
|
|
|
@ -58,7 +58,7 @@ func (s *Server) genDNSFilterMessage(
|
||||||
return s.replyCompressed(req)
|
return s.replyCompressed(req)
|
||||||
}
|
}
|
||||||
|
|
||||||
return s.newMsgNODATA(req)
|
return s.NewMsgNODATA(req)
|
||||||
}
|
}
|
||||||
|
|
||||||
switch res.Reason {
|
switch res.Reason {
|
||||||
|
@ -344,51 +344,6 @@ func (s *Server) makeResponseREFUSED(req *dns.Msg) *dns.Msg {
|
||||||
return s.reply(req, dns.RcodeRefused)
|
return s.reply(req, dns.RcodeRefused)
|
||||||
}
|
}
|
||||||
|
|
||||||
// newMsgNODATA returns a properly initialized NODATA response.
|
|
||||||
//
|
|
||||||
// See https://www.rfc-editor.org/rfc/rfc2308#section-2.2.
|
|
||||||
func (s *Server) newMsgNODATA(req *dns.Msg) (resp *dns.Msg) {
|
|
||||||
resp = s.reply(req, dns.RcodeSuccess)
|
|
||||||
resp.Ns = s.genSOA(req)
|
|
||||||
|
|
||||||
return resp
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *Server) genSOA(request *dns.Msg) []dns.RR {
|
|
||||||
zone := ""
|
|
||||||
if len(request.Question) > 0 {
|
|
||||||
zone = request.Question[0].Name
|
|
||||||
}
|
|
||||||
|
|
||||||
soa := dns.SOA{
|
|
||||||
// values copied from verisign's nonexistent .com domain
|
|
||||||
// their exact values are not important in our use case because they are used for domain transfers between primary/secondary DNS servers
|
|
||||||
Refresh: 1800,
|
|
||||||
Retry: 900,
|
|
||||||
Expire: 604800,
|
|
||||||
Minttl: 86400,
|
|
||||||
// copied from AdGuard DNS
|
|
||||||
Ns: "fake-for-negative-caching.adguard.com.",
|
|
||||||
Serial: 100500,
|
|
||||||
// rest is request-specific
|
|
||||||
Hdr: dns.RR_Header{
|
|
||||||
Name: zone,
|
|
||||||
Rrtype: dns.TypeSOA,
|
|
||||||
Ttl: s.dnsFilter.BlockedResponseTTL(),
|
|
||||||
Class: dns.ClassINET,
|
|
||||||
},
|
|
||||||
Mbox: "hostmaster.", // zone will be appended later if it's not empty or "."
|
|
||||||
}
|
|
||||||
if soa.Hdr.Ttl == 0 {
|
|
||||||
soa.Hdr.Ttl = defaultBlockedResponseTTL
|
|
||||||
}
|
|
||||||
if len(zone) > 0 && zone[0] != '.' {
|
|
||||||
soa.Mbox += zone
|
|
||||||
}
|
|
||||||
|
|
||||||
return []dns.RR{&soa}
|
|
||||||
}
|
|
||||||
|
|
||||||
// type check
|
// type check
|
||||||
var _ proxy.MessageConstructor = (*Server)(nil)
|
var _ proxy.MessageConstructor = (*Server)(nil)
|
||||||
|
|
||||||
|
@ -425,3 +380,52 @@ func (s *Server) NewMsgNOTIMPLEMENTED(req *dns.Msg) (resp *dns.Msg) {
|
||||||
|
|
||||||
return resp
|
return resp
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewMsgNODATA implements the [proxy.MessageConstructor] interface for *Server.
|
||||||
|
func (s *Server) NewMsgNODATA(req *dns.Msg) (resp *dns.Msg) {
|
||||||
|
resp = s.reply(req, dns.RcodeSuccess)
|
||||||
|
resp.Ns = s.genSOA(req)
|
||||||
|
|
||||||
|
return resp
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *Server) genSOA(req *dns.Msg) []dns.RR {
|
||||||
|
zone := ""
|
||||||
|
if len(req.Question) > 0 {
|
||||||
|
zone = req.Question[0].Name
|
||||||
|
}
|
||||||
|
|
||||||
|
const defaultBlockedResponseTTL = 3600
|
||||||
|
|
||||||
|
soa := dns.SOA{
|
||||||
|
// Values copied from verisign's nonexistent.com domain.
|
||||||
|
//
|
||||||
|
// Their exact values are not important in our use case because they are
|
||||||
|
// used for domain transfers between primary/secondary DNS servers.
|
||||||
|
Refresh: 1800,
|
||||||
|
Retry: 900,
|
||||||
|
Expire: 604800,
|
||||||
|
Minttl: 86400,
|
||||||
|
// copied from AdGuard DNS
|
||||||
|
Ns: "fake-for-negative-caching.adguard.com.",
|
||||||
|
Serial: 100500,
|
||||||
|
// rest is request-specific
|
||||||
|
Hdr: dns.RR_Header{
|
||||||
|
Name: zone,
|
||||||
|
Rrtype: dns.TypeSOA,
|
||||||
|
Ttl: s.dnsFilter.BlockedResponseTTL(),
|
||||||
|
Class: dns.ClassINET,
|
||||||
|
},
|
||||||
|
// zone will be appended later if it's not ".".
|
||||||
|
Mbox: "hostmaster.",
|
||||||
|
}
|
||||||
|
if soa.Hdr.Ttl == 0 {
|
||||||
|
soa.Hdr.Ttl = defaultBlockedResponseTTL
|
||||||
|
}
|
||||||
|
|
||||||
|
if zone != "." {
|
||||||
|
soa.Mbox += zone
|
||||||
|
}
|
||||||
|
|
||||||
|
return []dns.RR{&soa}
|
||||||
|
}
|
||||||
|
|
|
@ -159,7 +159,7 @@ func (s *Server) processInitial(dctx *dnsContext) (rc resultCode) {
|
||||||
q := pctx.Req.Question[0]
|
q := pctx.Req.Question[0]
|
||||||
qt := q.Qtype
|
qt := q.Qtype
|
||||||
if s.conf.AAAADisabled && qt == dns.TypeAAAA {
|
if s.conf.AAAADisabled && qt == dns.TypeAAAA {
|
||||||
pctx.Res = s.newMsgNODATA(pctx.Req)
|
pctx.Res = s.NewMsgNODATA(pctx.Req)
|
||||||
|
|
||||||
return resultCodeFinish
|
return resultCodeFinish
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue