mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2024-12-14 18:51:34 +03:00
*(dnsforward): fix safe search returning nxdomain
✅ Closes: https://github.com/AdguardTeam/AdGuardHome/issues/1387
This commit is contained in:
parent
a5c2ad1b2f
commit
6c18b71010
@ -225,7 +225,7 @@ func (d *Dnsfilter) filtersInitializer() {
|
||||
// Close - close the object
|
||||
func (d *Dnsfilter) Close() {
|
||||
if d.rulesStorage != nil {
|
||||
d.rulesStorage.Close()
|
||||
_ = d.rulesStorage.Close()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -127,8 +127,8 @@ func (d *Dnsfilter) checkSafeSearch(host string) (Result, error) {
|
||||
res := Result{IsFiltered: true, Reason: FilteredSafeSearch}
|
||||
if ip := net.ParseIP(safeHost); ip != nil {
|
||||
res.IP = ip
|
||||
len := d.setCacheResult(gctx.safeSearchCache, host, res)
|
||||
log.Debug("SafeSearch: stored in cache: %s (%d bytes)", host, len)
|
||||
valLen := d.setCacheResult(gctx.safeSearchCache, host, res)
|
||||
log.Debug("SafeSearch: stored in cache: %s (%d bytes)", host, valLen)
|
||||
return res, nil
|
||||
}
|
||||
|
||||
@ -151,8 +151,8 @@ func (d *Dnsfilter) checkSafeSearch(host string) (Result, error) {
|
||||
}
|
||||
|
||||
// Cache result
|
||||
len := d.setCacheResult(gctx.safeSearchCache, host, res)
|
||||
log.Debug("SafeSearch: stored in cache: %s (%d bytes)", host, len)
|
||||
valLen := d.setCacheResult(gctx.safeSearchCache, host, res)
|
||||
log.Debug("SafeSearch: stored in cache: %s (%d bytes)", host, valLen)
|
||||
return res, nil
|
||||
}
|
||||
|
||||
@ -243,8 +243,8 @@ func (d *Dnsfilter) checkSafeBrowsing(host string) (Result, error) {
|
||||
result.Rule = "adguard-malware-shavar"
|
||||
}
|
||||
|
||||
len := d.setCacheResult(gctx.safebrowsingCache, host, result)
|
||||
log.Debug("SafeBrowsing: stored in cache: %s (%d bytes)", host, len)
|
||||
valLen := d.setCacheResult(gctx.safebrowsingCache, host, result)
|
||||
log.Debug("SafeBrowsing: stored in cache: %s (%d bytes)", host, valLen)
|
||||
return result, nil
|
||||
}
|
||||
|
||||
@ -283,8 +283,8 @@ func (d *Dnsfilter) checkParental(host string) (Result, error) {
|
||||
result.Rule = "parental CATEGORY_BLACKLISTED"
|
||||
}
|
||||
|
||||
len := d.setCacheResult(gctx.parentalCache, host, result)
|
||||
log.Debug("Parental: stored in cache: %s (%d bytes)", host, len)
|
||||
valLen := d.setCacheResult(gctx.parentalCache, host, result)
|
||||
log.Debug("Parental: stored in cache: %s (%d bytes)", host, valLen)
|
||||
return result, err
|
||||
}
|
||||
|
||||
|
@ -883,7 +883,16 @@ func (s *Server) genDNSFilterMessage(d *proxy.DNSContext, result *dnsfilter.Resu
|
||||
case dnsfilter.FilteredParental:
|
||||
return s.genBlockedHost(m, s.conf.ParentalBlockHost, d)
|
||||
default:
|
||||
// If the query was filtered by "Safe search", dnsfilter also must return
|
||||
// the IP address that must be used in response.
|
||||
// In this case regardless of the filtering method, we should return it
|
||||
if result.Reason == dnsfilter.FilteredSafeSearch && result.IP != nil {
|
||||
return s.genResponseWithIP(m, result.IP)
|
||||
}
|
||||
|
||||
if s.conf.BlockingMode == "null_ip" {
|
||||
// it means that we should return 0.0.0.0 or :: for any blocked request
|
||||
|
||||
switch m.Question[0].Qtype {
|
||||
case dns.TypeA:
|
||||
return s.genARecord(m, []byte{0, 0, 0, 0})
|
||||
@ -892,6 +901,8 @@ func (s *Server) genDNSFilterMessage(d *proxy.DNSContext, result *dnsfilter.Resu
|
||||
}
|
||||
|
||||
} else if s.conf.BlockingMode == "custom_ip" {
|
||||
// means that we should return custom IP for any blocked request
|
||||
|
||||
switch m.Question[0].Qtype {
|
||||
case dns.TypeA:
|
||||
return s.genARecord(m, s.conf.BlockingIPAddrv4)
|
||||
@ -900,9 +911,14 @@ func (s *Server) genDNSFilterMessage(d *proxy.DNSContext, result *dnsfilter.Resu
|
||||
}
|
||||
|
||||
} else if s.conf.BlockingMode == "nxdomain" {
|
||||
// means that we should return NXDOMAIN for any blocked request
|
||||
|
||||
return s.genNXDomain(m)
|
||||
}
|
||||
|
||||
// Default blocking mode
|
||||
// If there's an IP specified in the rule, return it
|
||||
// If there is no IP, return NXDOMAIN
|
||||
if result.IP != nil {
|
||||
return s.genResponseWithIP(m, result.IP)
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user