From e9aab3c2a5087c2165e5e5b9dd21a66b67b0183f Mon Sep 17 00:00:00 2001 From: Eugene Burkov Date: Wed, 19 Jan 2022 14:19:24 +0300 Subject: [PATCH] Pull request: 4133 empty rewrite Merge in DNS/adguard-home-wiki from 4133-empty-rewrite to master Squashed commit of the following: commit 11deec72902b9231cde12bee4a7e5d6391a0cd3f Author: Eugene Burkov Date: Tue Jan 18 22:02:28 2022 +0300 Hosts-Blocklists: imp rewrites description --- Hosts-Blocklists.md | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/Hosts-Blocklists.md b/Hosts-Blocklists.md index 0cf55e4..32c3886 100644 --- a/Hosts-Blocklists.md +++ b/Hosts-Blocklists.md @@ -345,7 +345,14 @@ $dnsrewrite=example.net $dnsrewrite=REFUSED ``` -The keywords, like `REFUSED`, MUST be in all caps. +The keywords MUST be in all caps (e.g. `NOERROR`). Keyword rewrites take +precedence over the other and will result in an empty response with an +appropriate response code. + +Before **v0.107.3** the only possible keyword is `REFUSED`. + +Since **v0.107.3** response codes `NOERROR`, `NXDOMAIN`, and `SERVFAIL` are also +supported. The full syntax is of the form `RCODE;RRTYPE;VALUE`: @@ -356,6 +363,9 @@ $dnsrewrite=NOERROR;CNAME;example.net $dnsrewrite=REFUSED;; ``` +Since **v0.107.3** a `$dnsrewrite` modifier with the `NOERROR` response code may +also has empty `RRTYPE` and `VALUE` fields. + The `CNAME` one is special because AdGuard Home will resolve the host and add its info to the response. That is, if `example.net` has IP `1.2.3.4`, and the user has this in their filter rules: @@ -382,9 +392,8 @@ Name: example.net Address: 1.2.3.4 ``` -Keyword rewrites (for example, `REFUSED`) take precedence over the other. Next, -the `CNAME` rewrite. After that, all other records's values are summed as one -response, so this: +Next, the `CNAME` rewrite. After that, all other records's values are summed as +one response, so this: ```none ||example.com^$dnsrewrite=NOERROR;A;1.2.3.4 @@ -441,6 +450,12 @@ Currently supported RR types with examples: * `||example.com^$dnsrewrite=NXDOMAIN;;` responds with an `NXDOMAIN` code. + * `$dnstype=AAAA,denyallow=example.org,dnsrewrite=NOERROR;;` responds with an + empty `NOERROR` answers for all `AAAA` requests except the ones for + `example.org`. + + **NOTE:** this is available since **v0.107.3**. + Exception rules remove one or all rules: * `@@||example.com^$dnsrewrite` removes all DNS rewrite rules.