From 75d680ff30001e846edcbbc6c102fb36ce52bcba Mon Sep 17 00:00:00 2001
From: Andrey Meshkov <am@adguard.com>
Date: Thu, 10 Sep 2020 12:32:36 +0300
Subject: [PATCH] * (dnsforward): added some hosts to disallowed by default

---
 dnsforward/config.go     | 3 +++
 dnsforward/dnsforward.go | 3 +++
 go.mod                   | 2 +-
 go.sum                   | 4 ++--
 4 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/dnsforward/config.go b/dnsforward/config.go
index 5e4fe170..8d27d1ff 100644
--- a/dnsforward/config.go
+++ b/dnsforward/config.go
@@ -214,6 +214,9 @@ func (s *Server) initDefaultSettings() {
 	if s.conf.TCPListenAddr == nil {
 		s.conf.TCPListenAddr = defaultValues.TCPListenAddr
 	}
+	if len(s.conf.BlockedHosts) == 0 {
+		s.conf.BlockedHosts = defaultBlockedHosts
+	}
 }
 
 // prepareUpstreamSettings - prepares upstream DNS server settings
diff --git a/dnsforward/dnsforward.go b/dnsforward/dnsforward.go
index 39d09a39..0cb645dd 100644
--- a/dnsforward/dnsforward.go
+++ b/dnsforward/dnsforward.go
@@ -31,6 +31,9 @@ var defaultDNS = []string{
 }
 var defaultBootstrap = []string{"9.9.9.10", "149.112.112.10", "2620:fe::10", "2620:fe::fe:10"}
 
+// Often requested by all kinds of DNS probes
+var defaultBlockedHosts = []string{"version.bind", "id.server", "hostname.bind"}
+
 var webRegistered bool
 
 // Server is the main way to start a DNS server.
diff --git a/go.mod b/go.mod
index e1d1dfb7..4638e6da 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module github.com/AdguardTeam/AdGuardHome
 go 1.14
 
 require (
-	github.com/AdguardTeam/dnsproxy v0.32.1
+	github.com/AdguardTeam/dnsproxy v0.32.2
 	github.com/AdguardTeam/golibs v0.4.2
 	github.com/AdguardTeam/urlfilter v0.12.2
 	github.com/NYTimes/gziphandler v1.1.1
diff --git a/go.sum b/go.sum
index 10b294c7..3f4250a7 100644
--- a/go.sum
+++ b/go.sum
@@ -7,8 +7,8 @@ dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBr
 dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4=
 dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU=
 git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
-github.com/AdguardTeam/dnsproxy v0.32.1 h1:UoiFt/aT8YCBFUGe7hG8ehLRXyvoIf22mOQqeIQxhWI=
-github.com/AdguardTeam/dnsproxy v0.32.1/go.mod h1:ZLDrKIypYxBDz2N9FQHgeehuHrwTbuhZXdGwNySshbw=
+github.com/AdguardTeam/dnsproxy v0.32.2 h1:gD2VojnQEIzWp3fkT20RS9ehyF0MBGGZQdcX/eKM7fQ=
+github.com/AdguardTeam/dnsproxy v0.32.2/go.mod h1:ZLDrKIypYxBDz2N9FQHgeehuHrwTbuhZXdGwNySshbw=
 github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
 github.com/AdguardTeam/golibs v0.4.2 h1:7M28oTZFoFwNmp8eGPb3ImmYbxGaJLyQXeIFVHjME0o=
 github.com/AdguardTeam/golibs v0.4.2/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=