cef4b041d7
Don't call "bin" what is actually text
2023-06-24 22:11:47 +02:00
9b2c674744
Base on clientProto value explicitly to dereference clientAddr ( #2393 )
...
There are variants local_doh and trampoline for internal flow.
2023-05-13 11:22:52 +02:00
acc25fcefb
Format with gofumpt
2023-02-11 14:27:12 +01:00
4c29840040
Revert "Print an error if a block/allow rule contains more than a pattern"
...
This reverts commit 6e8628f796
2021-09-27 12:29:41 +02:00
6e8628f796
Print an error if a block/allow rule contains more than a pattern
...
... and it is not a time range.
2021-05-12 17:43:13 +02:00
eda8dd5181
replace TrimFunc(s, IsSpace) with TrimSpace for ASCII optimization ( #1663 )
2021-04-05 11:46:57 +02:00
1239e64cd9
Correctly check for HTTPS type
2020-12-01 16:08:33 +01:00
b7dfdb1372
Factorize
2020-12-01 16:08:10 +01:00
24a9539d08
Filter names on SVCB and HTTPS records in addition to CNAME
2020-12-01 16:00:18 +01:00
8dd4612ea7
Don't use Lumberjack for non-regular files
...
Fixes #1407
2020-07-08 13:48:04 +02:00
10710def50
Make loggers io.Writer implementations, not directly lumberjack objects
2020-07-08 11:36:58 +02:00
4fe5929720
Typo
...
Fixes #1248
2020-03-25 09:11:10 +01:00
19647e03a6
Overwrite the server name only when we need to send an upstream query
2020-03-13 17:52:09 +01:00
c17637c026
Don't log a server for blocked names by pattern ( #1218 )
...
* Update plugins.go
* reason update moved after reject confirmed
added boolean for direct rejects
* remove server with direct rejects
name pattern blocked cases
2020-03-13 17:50:38 +01:00
349320f291
Add support for inline comments in patterns lists
...
Fixes #1162
2020-01-25 15:45:23 +01:00
4fd54a4919
Store the normalized qName in the plugin state
...
We now enforce the fact that a query always include a question.
It holds true for all practical use cases of dnscrypt-proxy.
This avoids quite a lot of redundant code in plugins, and is faster.
2019-12-17 10:11:41 +01:00
aa5350c7fd
Missed blockedName->xBlockedName renaming
...
Fixes #1116
2019-12-16 12:13:23 +01:00
bfd74185f5
Don't prevent DNS queries from being answered if the partition is full
2019-12-09 12:55:26 +01:00
ba8565a59e
Shorten conditions
2019-12-09 10:07:05 +01:00
96d15771e2
add multiple error checks
2019-12-09 09:56:47 +01:00
db33c69fe5
Log the original qName when a CNAME pointer is blocked
2019-12-05 17:50:04 +01:00
57a88eda56
Add (indirect) to the logged pattern for indirect blocks
2019-12-05 16:49:08 +01:00
67c7254dc5
block_name plugin: also check names found in CNAME records
2019-11-24 10:18:46 +01:00
6e3916556f
Downcase the query name in BlockedNames.check()
2019-11-20 19:16:37 +01:00
925c12d334
Set the list of blocked names even if logging was not enabled
...
Fixes #1050
2019-11-18 01:42:51 +01:00
0790328424
Revert "Revert "plugin_block_name: make the blocking code reusable""
...
This reverts commit 2d00c24f85
2019-11-18 01:32:17 +01:00
2d00c24f85
Revert "plugin_block_name: make the blocking code reusable"
...
This reverts commit f76e0fd8cf
2019-11-18 01:29:06 +01:00
f76e0fd8cf
plugin_block_name: make the blocking code reusable
2019-11-15 19:48:15 -05:00
36808cdec7
remove unused patternType return
2019-11-01 17:13:14 +01:00
99133f53ef
Skip BOMs in configuration files
...
Fixes #613
2018-10-15 17:56:31 +02:00
977dcad826
Improved return codes
2018-06-04 23:18:28 +02:00
3bbdf93095
Log return codes in LTSV qeruylog files
...
DNS return codes are not enough; we need to change this to something
more expressive.
In particular, we can't use them to distinguish between a server block,
a blacklist block, and a plugin block such as the IPv6 blocker.
2018-06-04 21:35:07 +02:00
65e6b8569e
Implement whitelists
...
Fixes #293
2018-04-07 23:02:40 +02:00
ceb2d55afd
Move time range things to their own file
2018-04-07 22:36:30 +02:00
58c7ff3d2f
We may not have a schedule for every rule
2018-04-06 20:18:15 +02:00
105cb2c525
Make the pattern-matching code reusable
2018-04-06 20:14:19 +02:00
b643a816cc
Add automatic log files rotation
...
Fixes #172
2018-03-02 10:34:00 +01:00
107fc35d2a
Support time access restrictions in substrings & glob patterns
...
Improve example
2018-02-01 09:47:37 +01:00
aa34dae308
Move the time check function down, make it more readable
2018-02-01 01:05:23 +01:00
61592776e2
time-based access control: done, for prefixes & suffixes rules
2018-02-01 01:00:48 +01:00
41a73ccb03
Time access restrictions [WIP]
...
Because my daughter spends way too much time on Youtube
Because people have been asking OpenDNS to implement this for the past 10 years
Because existing tools suck
Because I want something flexible, where every rule can be assigned a schedule
2018-01-31 23:08:38 +01:00
ba2293149e
phew
2018-01-31 22:49:40 +01:00
d575ec8beb
bleh
2018-01-31 22:18:11 +01:00
29fee1585f
abc.ex.com should be rejected if both ex.com and bc.ex.com are listed in a blacklist
...
With the following ruleset:
ex.com
bc.ex.com
"abc.ex.com" finds "bc.ex.com" as the longest suffix. However, since it's
not at a label boundary, it is not rejected.
However, there is a more general rule that should be considered, ex.com.
So we need to perform at least two lookups in that case.
2018-01-21 19:47:19 +01:00
d9b5625226
IP blocking
2018-01-21 16:07:44 +01:00
4f0c36ac27
Don't log blocked suffixes in reverse
2018-01-20 17:25:16 +01:00
5dd08fe56b
Fix swapped out arguments in substring check
...
*example.com* was matching ample.com, not xxxexample.comxxx
Fixes #14
2018-01-20 17:11:46 +01:00
0fe21b2d57
Shortcut filters for the root zone
2018-01-20 13:30:19 +01:00
475d7edb2a
Fix suffix matching so that www.example is rejected if example is filtered
2018-01-20 13:18:54 +01:00
c46498c1d3
Nits
2018-01-17 17:25:43 +01:00
Frank Denis
lifenjoiner
Alison Winters
Frank Denis
Dragonfir3
milgradesec