miracle091/dnscrypt-proxy
miracle091
/
dnscrypt-proxy
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git
1
0
Fork 0
Code Issues Releases Wiki Activity

time-based access control: done, for prefixes & suffixes rules

This commit is contained in:
Frank Denis 2018-02-01 01:00:48 +01:00
parent 41a73ccb03
commit 61592776e2
1 changed files with 29 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
dnscrypt-proxy/plugin_block_name.go
View File

@ -48,6 +48,24 @@ type WeeklyRanges struct {
ranges [7][]TimeRange ranges [7][]TimeRange
} }
func (weeklyRanges *WeeklyRanges) Match() bool {
now := time.Now().Local()
day := now.Weekday()
weeklyRange := weeklyRanges.ranges[day]
if len(weeklyRange) == 0 {
return false
}
hour, min, _ := now.Clock()
nowX := (hour*60 + min) * 60
for _, timeRange := range weeklyRange {
if (timeRange.after > timeRange.before && (nowX >= timeRange.after || nowX <= timeRange.before)) ||
(nowX >= timeRange.after && nowX <= timeRange.before) {
return true
}
}
return false
}
type TimeRangeStr struct { type TimeRangeStr struct {
After string After string
Before string Before string
@ -131,7 +149,6 @@ func (plugin *PluginBlockName) Init(proxy *Proxy) error {
} else { } else {
weeklyRanges = &weeklyRangesX weeklyRanges = &weeklyRangesX
} }
_ = weeklyRanges
} }
line = strings.ToLower(line) line = strings.ToLower(line)
switch blockType { switch blockType {
@ -181,16 +198,17 @@ func (plugin *PluginBlockName) Eval(pluginsState *PluginsState, msg *dns.Msg) er
} }
revQname := StringReverse(qName) revQname := StringReverse(qName)
reject, reason := false, "" reject, reason := false, ""
var weeklyRanges *WeeklyRanges
if !reject { if !reject {
if match, _, found := plugin.blockedSuffixes.Root().LongestPrefix([]byte(revQname)); found { if match, weeklyRangesX, found := plugin.blockedSuffixes.Root().LongestPrefix([]byte(revQname)); found {
if len(match) == len(qName) || revQname[len(match)] == '.' { if len(match) == len(qName) || revQname[len(match)] == '.' {
reject, reason = true, "*."+StringReverse(string(match)) reject, reason, weeklyRanges = true, "*."+StringReverse(string(match)), weeklyRangesX.(*WeeklyRanges)
} else if len(match) < len(revQname) && len(revQname) > 0 { } else if len(match) < len(revQname) && len(revQname) > 0 {
if i := strings.LastIndex(revQname, "."); i > 0 { if i := strings.LastIndex(revQname, "."); i > 0 {
pName := revQname[:i] pName := revQname[:i]
if match, _, found := plugin.blockedSuffixes.Root().LongestPrefix([]byte(pName)); found { if match, _, found := plugin.blockedSuffixes.Root().LongestPrefix([]byte(pName)); found {
if len(match) == len(pName) || pName[len(match)] == '.' { if len(match) == len(pName) || pName[len(match)] == '.' {
reject, reason = true, "*."+StringReverse(string(match)) reject, reason, weeklyRanges = true, "*."+StringReverse(string(match)), weeklyRangesX.(*WeeklyRanges)
} }
} }
} }
@ -198,9 +216,9 @@ func (plugin *PluginBlockName) Eval(pluginsState *PluginsState, msg *dns.Msg) er
} }
} }
if !reject { if !reject {
match, _, found := plugin.blockedPrefixes.Root().LongestPrefix([]byte(qName)) match, weeklyRangesX, found := plugin.blockedPrefixes.Root().LongestPrefix([]byte(qName))
if found { if found {
reject, reason = true, string(match)+"*" reject, reason, weeklyRanges = true, string(match)+"*", weeklyRangesX.(*WeeklyRanges)
} }
} }
if !reject { if !reject {
@ -219,6 +237,11 @@ func (plugin *PluginBlockName) Eval(pluginsState *PluginsState, msg *dns.Msg) er
} }
} }
} }
if reject {
if weeklyRanges != nil && !weeklyRanges.Match() {
reject = false
}
}
if reject { if reject {
pluginsState.action = PluginsActionReject pluginsState.action = PluginsActionReject
if plugin.outFd != nil { if plugin.outFd != nil {