24bb708b21
+ config: add certificate_path, private_key_path
...
* POST /control/tls/configure: support certificate_path and private_key_path
2019-08-30 19:18:14 +03:00
64d40bdc47
Merge: - config: global "blocked_services" settings were reset on startup
...
* commit 'b1ca7c90d3ef0e72d3535b7cf195adfe83d34e5a':
- config: global "blocked_services" settings were reset on startup
2019-08-22 15:38:24 +03:00
b1ca7c90d3
- config: global "blocked_services" settings were reset on startup
2019-08-22 15:30:48 +03:00
a370cd0bf0
- dnsforward: don't use dnsfilter object after it's closed (additional check)
2019-08-22 12:01:59 +03:00
94552a30d7
- dnsforward: don't use dnsfilter object after it's closed
2019-08-20 15:07:39 +03:00
c82e93cfc7
-(dnsforward): fixed sigsegv when protection is disabled
...
Also, fixed all golint issues
✅ Closes : #941
2019-08-20 00:55:32 +03:00
15d07a40eb
* refactor
2019-08-05 14:12:22 +03:00
e81a9c7d56
+ dnsfilter: use global and per-client BlockedServices array
2019-08-05 14:12:22 +03:00
1bb6638db7
+ dnsforward: use Rewrites table
2019-07-29 11:48:24 +03:00
fdf7ee2c08
* refactor: don't set new configuration while running DNS server
2019-07-22 12:52:27 +03:00
5a3de2a276
* refactor
2019-07-22 12:33:58 +03:00
4a05ab0057
* dnsforward: parental control server can be an IP address, not just host name
2019-07-22 12:33:45 +03:00
4134a8c30e
+ dnsforward, config: add "parental_block_host" and "safebrowsing_block_host" settings
2019-07-22 12:16:30 +03:00
2bbd262968
* dnsforward: move initialization of periodic tasks to NewServer()
2019-07-19 12:18:16 +03:00
134d9275bb
* use urlfilter v0.4.0
...
Now we pass filtering rules to urlfilter as filer file names,
rather than the list of rule strings.
(Note: user rules are still passed as the list of rule strings).
As a result, we don't store the contents of filter files in memory.
2019-07-04 14:10:01 +03:00
36ffcf7d22
+ dnsforward: add access settings for blocking DNS requests
...
Block by client IP or target domain name.
2019-05-30 18:21:36 +03:00
a12f01793f
+ clients: find DNS client's hostname by IP using rDNS
2019-05-28 19:07:57 +03:00
8bf76c331d
+ dnsfilter: use callback function for applying per-client settings
2019-05-28 18:44:27 +03:00
ac8f703407
+ dnsforward: support IPv6 (AAAA response)
...
If question type is AAAA:
Before this patch we responded with NXDOMAIN.
Now we send an empty response if host rule is IPv4;
or we send an AAAA answer if host rule is IPv6.
+ block ipv6 if rule is "0.0.0.0 blockdomain"
2019-05-24 18:08:08 +03:00
096a959987
* dnsforward: use new dnsfilter interface
2019-05-17 18:22:57 +03:00
9644f79a03
* dnsforward: use separate ServerConfig object
2019-05-17 18:22:57 +03:00
d5f6dd1a46
- dns query log: robust file flushing mechanism
...
Before this patch we could exit the process without waiting for
file writing task to complete.
As a result a file could become corrupted or a large chunk of data
could be missing.
Now the main thread either waits until file writing task completes
or it writes log buffer to file itself.
2019-05-15 13:12:03 +03:00
07ffcbec3d
* dnsforward, config: add unspecified IP blocking option
...
* dnsforward: prioritize host files over null filter
* dnsforward, config: adjust setting variable to blocking_mode
* dnsforward: use net.IPv4zero for null IP
2019-05-14 16:53:06 +03:00
c82887d3aa
* app, dnsforward: add MinVersion for TLS configs
2019-04-17 12:02:56 +03:00
9ea5c1abe1
+ control, dns, client: add ability to set DNS upstream per domain
2019-03-20 14:24:33 +03:00
acb4a98466
[change] dnsforward: Add comments for public fields
2019-02-28 13:40:40 +03:00
81e88472cb
Merge branch 'fix/542' into fix/596
2019-02-28 11:16:03 +03:00
967a1e6b87
Merge branch 'master' into fix/596
2019-02-27 18:56:36 +03:00
ffa4429818
Merge branch 'master' into fix/542
2019-02-27 18:47:01 +03:00
5cb6d97cd7
* use new logger - AdguardTeam/golibs/log
2019-02-27 15:02:11 +03:00
dc05556c5a
Fix #542 - Add Bootstrap DNS resolver settings
2019-02-27 11:15:18 +03:00
5bc6d00aa0
Fix #596 - Intelligent Optimal DNS Resolution
2019-02-26 18:19:05 +03:00
1da954fa97
Fix tests
2019-02-22 18:41:59 +03:00
ad4b58472f
Update dnsproxy to 0.11.0
2019-02-22 18:16:47 +03:00
e8898811fe
Added DOH url
2019-02-22 15:52:12 +03:00
71df659dc9
Added DNS-over-TLS unit-test and a test looking for race-conditions
2019-02-22 15:23:39 +03:00
37431735fd
Added new config fields to readme
2019-02-21 17:48:18 +03:00
229ef78085
Activate DNS-over-TLS server when certificates, keys and ports are configured.
2019-02-15 16:28:28 +03:00
a40ddb094b
Fix review comments
2019-02-11 14:22:36 +03:00
9ff420bb52
Do not store last_updated in the config file anymore
2019-02-10 21:44:16 +03:00
9a03190a62
Fix #579
...
1. Added --workdir command-line argument that lets configure the working dir.
2. Made "dnsforward" use this workdir parameter when saving/reading querylog.
3. Reworked "dnsforward" -- moved http handlers out of there to control.go
2019-02-10 20:47:43 +03:00
68c8a4d484
Demote some log.printf into log.tracef
2019-02-07 18:24:43 +03:00
d078851246
gometalinter
2019-01-25 20:13:57 +03:00
c4ba284964
fix tests
2019-01-05 22:24:07 +03:00
f3a97ed7ab
Added TCPListenAddr
2019-01-05 22:15:20 +03:00
368e2d1ebd
move log wrapper library outside into hmage/golibs/log
2018-12-29 19:12:45 +03:00
d8802a9709
Use new log wrapper and add more functions to it.
2018-12-29 17:37:18 +03:00
55a7ff7447
Get rid of logrus, it's TTY output is not friendly or human parseable if we will want users to send us logs.
2018-12-29 14:55:35 +03:00
cc96593ebf
upd to 0.9.3, removed jedist1/xsecretbox from dependencies
2018-12-25 01:59:38 +03:00
3ade62301b
upgraded dnsproxy to 0.9.2
2018-12-25 00:08:51 +03:00
62606db1af
fix client IP address
2018-12-24 23:06:36 +03:00
374a0dc2e5
Fixing review comments
2018-12-24 18:47:33 +03:00
2bc1d737cc
fix imports
2018-12-24 16:58:48 +03:00
0a977fee87
changed to logrus
2018-12-24 15:27:14 +03:00
e711f6e5fe
Start using dnsproxy
2018-12-24 15:19:52 +03:00
1c89e1df32
Resolve into a stub page when blocked by parental or safebrowsing.
...
Closes #475 .
2018-12-11 15:09:07 +03:00
5c4ec62d96
Check if protection is enabled before running the host through dnsfilter.
...
Closes #476 .
2018-12-11 14:20:14 +03:00
8411de8887
Don't log ANY requests if refuseAny is enabled.
...
Closes #472 .
2018-12-07 14:12:26 +03:00
0f5dd661f5
Add support for bootstrapping upstream DNS servers by hostname.
2018-12-06 00:22:20 +03:00
478ce03386
dnsforward -- implement ratelimit and refuseany
2018-12-05 18:49:19 +03:00
b0149972cc
dnsforward -- give only ip address to querylog, without port
2018-12-05 16:57:21 +03:00
9b43e07d7f
dnsforward -- flush querylog to file on server stop
2018-12-05 16:57:21 +03:00
052f975762
dnsforward -- Move querylog from coredns plugin, a more complex migration with proper API took too long so a simple move was used instead to save time.
2018-12-05 16:57:21 +03:00
e5d2f883ac
dnsforward -- Make Upstream interface give access to Address field.
2018-12-05 16:57:21 +03:00
8396dc2fdb
Update docs for formatting in godoc.
2018-12-05 16:57:21 +03:00
09fb539875
Simplify two lines into one line.
2018-12-05 16:57:21 +03:00
be4b65fdca
dnsforward -- use dnsfilter before cache -- changed settings or filters would require cache invalidation otherwise
2018-12-05 16:57:21 +03:00
0502ef6cc7
dnsforward -- initialize all dnsfilter settings at start and reconfigure
2018-12-05 16:57:21 +03:00
7d2e39ed52
dnsfilter -- Add a convinience function to add all rules from all filters.
2018-12-05 16:57:21 +03:00
e26837d9e8
dnsfilter -- Add parameter to New() to supply optional initial config.
2018-12-05 16:57:21 +03:00
057db71f3b
Get rid of duplicate variable definitions
2018-12-05 16:57:21 +03:00
87c54ebd4c
Move Filter definition from dnsforward to dnsfilter, it belongs there.
2018-12-05 16:57:21 +03:00
a6e0a17454
dnsforward -- trim dot in the end of hostname, dnsfilter does not expect it there
2018-12-05 16:56:11 +03:00
8316d39b42
Move filtering setting fields from main app to dnsforward.
2018-12-05 16:56:11 +03:00
7120f551c8
dnsforward -- rename BlockedTTL to BlockedResponseTTL to be in line with app's config variable.
2018-12-05 16:56:11 +03:00
e4a3564706
Fix a logical race that wasn't detectable by -race -- we were closing a connection that was already reestablished.
2018-12-05 16:56:11 +03:00
4eb122e973
Avoid duplication of fields in filter struct.
2018-12-05 16:56:11 +03:00
a904f85e61
dnsforward library -- default to plain DNS for high-performance testing.
2018-12-05 16:54:56 +03:00
584f441141
dnsforward library -- introduce IsRunning()
2018-12-05 16:54:56 +03:00
7944f23d95
dnsforward library -- consistently nullify and close listening socket when we're done with it.
2018-12-05 16:54:56 +03:00
639b34c7d1
dnsforward library -- Fix race conditions found by -race
2018-12-05 16:54:56 +03:00
5a548be16c
Add dns forwarding server library
2018-12-05 16:54:56 +03:00
Simon Zolin
Andrey Meshkov
Alexander Turcic
Aleksey Dmitrevskiy
Eugene Bujak