mirrors/AdGuardHome
1
0
Fork 0
mirror of https://github.com/AdguardTeam/AdGuardHome.git synced 2024-11-25 06:25:44 +03:00
Code Issues Projects Releases Packages Wiki Activity

Pull request: 4686-ipset-file

Browse source 
Updates #4686.

* commit '10a8f7964482fd07502ac041ef92b4ea8adb3c3a':
  all: imp chlog
  all: imp docs
  feat: add dns.ipset_file setting
This commit is contained in:
Ainar Garipov 2022-09-12 16:51:26 +03:00
commit 88812f05f5
3 changed files with 35 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
CHANGELOG.md
View file

@ -15,6 +15,12 @@ and this project adheres to
## [v0.108.0] - 2022-12-01 (APPROX.) ## [v0.108.0] - 2022-12-01 (APPROX.)
--> -->
### Added
- The new optional `dns.ipset_file` property in the configuration file. It
allows loading the `ipset` list from a file, just like `dns.upstream_dns_file`
does for upstream servers ([#4686]).
### Changed ### Changed
- The minimum DHCP message size is reassigned back to BOOTP's constraint of 300 - The minimum DHCP message size is reassigned back to BOOTP's constraint of 300
@ -26,6 +32,7 @@ and this project adheres to
operation have been disabled ([#2993]). operation have been disabled ([#2993]).
[#2993]: https://github.com/AdguardTeam/AdGuardHome/issues/2993 [#2993]: https://github.com/AdguardTeam/AdGuardHome/issues/2993
[#4686]: https://github.com/AdguardTeam/AdGuardHome/issues/4686
[#4904]: https://github.com/AdguardTeam/AdGuardHome/issues/4904 [#4904]: https://github.com/AdguardTeam/AdGuardHome/issues/4904

27
internal/dnsforward/config.go
View file

@ -128,9 +128,14 @@ type FilteringConfig struct {
// IpsetList is the ipset configuration that allows AdGuard Home to add // IpsetList is the ipset configuration that allows AdGuard Home to add
// IP addresses of the specified domain names to an ipset list. Syntax: // IP addresses of the specified domain names to an ipset list. Syntax:
// //
// DOMAIN[,DOMAIN].../IPSET_NAME // DOMAIN[,DOMAIN].../IPSET_NAME
// //
// This field is ignored if [IpsetListFileName] is set.
IpsetList []string `yaml:"ipset"` IpsetList []string `yaml:"ipset"`
// IpsetListFileName, if set, points to the file with ipset configuration.
// The format is the same as in [IpsetList].
IpsetListFileName string `yaml:"ipset_file"`
} }
// TLSConfig is the TLS configuration for HTTPS, DNS-over-HTTPS, and DNS-over-TLS // TLSConfig is the TLS configuration for HTTPS, DNS-over-HTTPS, and DNS-over-TLS
@ -400,6 +405,26 @@ func setProxyUpstreamMode(
} }
} }
// prepareIpsetListSettings reads and prepares the ipset configuration either
// from a file or from the data in the configuration file.
func (s *Server) prepareIpsetListSettings() (err error) {
fn := s.conf.IpsetListFileName
if fn == "" {
return s.ipset.init(s.conf.IpsetList)
}
data, err := os.ReadFile(fn)
if err != nil {
return err
}
ipsets := stringutil.SplitTrimmed(string(data), "\n")
log.Debug("dns: using %d ipset rules from file %q", len(ipsets), fn)
return s.ipset.init(ipsets)
}
// prepareTLS - prepares TLS configuration for the DNS proxy // prepareTLS - prepares TLS configuration for the DNS proxy
func (s *Server) prepareTLS(proxyConfig *proxy.Config) error { func (s *Server) prepareTLS(proxyConfig *proxy.Config) error {
if len(s.conf.CertificateChainData) == 0 || len(s.conf.PrivateKeyData) == 0 { if len(s.conf.CertificateChainData) == 0 || len(s.conf.PrivateKeyData) == 0 {

4
internal/dnsforward/dnsforward.go
View file

@ -446,10 +446,10 @@ func (s *Server) Prepare(conf *ServerConfig) (err error) {
s.initDefaultSettings() s.initDefaultSettings()
err = s.ipset.init(s.conf.IpsetList) err = s.prepareIpsetListSettings()
if err != nil { if err != nil {
// Don't wrap the error, because it's informative enough as is. // Don't wrap the error, because it's informative enough as is.
return err return fmt.Errorf("preparing ipset settings: %w", err)
} }
err = s.prepareUpstreamSettings() err = s.prepareUpstreamSettings()