Merge branch 'master' into websvc-confin-manager

2025-03-31 14:33:32 +03:00 · 2022-09-30 15:27:54 +03:00 · 2022-09-30 15:27:54 +03:00 · b448a3b5dc
commit b448a3b5dc
parent c20ca9b85e 4d404b887f
162 changed files with 2095 additions and 1755 deletions
--- a/.github/stale.yml
+++ b/.github/stale.yml
@ -13,6 +13,8 @@
  - 'needs investigation'
  - 'recurrent'
  - 'research'
 # Set to true to ignore issues in a milestone.
 'exemptMilestones': true
 # Label to use when marking an issue as stale.
 'staleLabel': 'wontfix'
 # Comment to post when marking an issue as stale. Set to `false` to disable.
@ -22,3 +24,5 @@
  for your contributions.
 # Comment to post when closing a stale issue. Set to `false` to disable.
 'closeComment': false
 # Limit the number of actions per hour.
 'limitPerRun': 1
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -1,7 +1,7 @@
 'name': 'build'
 'env':
-  'GO_VERSION': '1.18'
+  'GO_VERSION': '1.18.6'
  'NODE_VERSION': '14'
 'on':
@ -31,7 +31,7 @@
      'with':
        'fetch-depth': 0
    - 'name': 'Set up Go'
-      'uses': 'actions/setup-go@v2'
+      'uses': 'actions/setup-go@v3'
      'with':
        'go-version': '${{ env.GO_VERSION }}'
    - 'name': 'Set up Node'
@ -72,7 +72,7 @@
      'with':
        'fetch-depth': 0
    - 'name': 'Set up Go'
-      'uses': 'actions/setup-go@v2'
+      'uses': 'actions/setup-go@v3'
      'with':
        'go-version': '${{ env.GO_VERSION }}'
    - 'name': 'Set up Node'
@ -112,7 +112,9 @@
    # Use always() to signal to the runner that this job must run even if the
    # previous ones failed.
    'if':
-      ${{ always() &&
+      ${{
        always() &&
        github.repository_owner == 'AdguardTeam' &&
        (
          github.event_name == 'push' ||
          github.event.pull_request.head.repo.full_name == github.repository
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@ -1,7 +1,7 @@
 'name': 'lint'
 'env':
-  'GO_VERSION': '1.18'
+  'GO_VERSION': '1.18.6'
 'on':
  'push':
@ -17,7 +17,7 @@
    'steps':
    - 'uses': 'actions/checkout@v2'
    - 'name': 'Set up Go'
-      'uses': 'actions/setup-go@v2'
+      'uses': 'actions/setup-go@v3'
      'with':
        'go-version': '${{ env.GO_VERSION }}'
    - 'name': 'run-lint'
@ -43,7 +43,9 @@
    # Use always() to signal to the runner that this job must run even if the
    # previous ones failed.
    'if':
-      ${{ always() &&
+      ${{
        always() &&
        github.repository_owner == 'AdguardTeam' &&
        (
          github.event_name == 'push' ||
          github.event.pull_request.head.repo.full_name == github.repository
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -12,26 +12,119 @@ and this project adheres to
 ## [Unreleased]
 <!--
-## [v0.108.0] - 2022-12-01 (APPROX.)
+## [v0.108.0] - TBA (APPROX.)
 -->
 ### Security
- Weaker cipher suites that use the CBC (cipher block chaining) mode of
+- As an additional CSRF protection measure, AdGuard Home now ensures that
-  operation have been disabled ([#2993]).
+  requests that change its state but have no body (such as `POST
  /control/stats_reset` requests) do not have a `Content-Type` header set on
  them ([#4970]).
-[#2993]: https://github.com/AdguardTeam/AdGuardHome/issues/2993
+### Fixed
 - `only application/json is allowed` errors in various APIs ([#4970]).
 [#4970]: https://github.com/AdguardTeam/AdGuardHome/issues/4970
 <!--
-## [v0.107.13] - 2022-10-05 (APPROX.)
+## [v0.107.15] - 2022-10-26 (APPROX.)
 See also the [v0.107.15 GitHub milestone][ms-v0.107.15].
 [ms-v0.107.15]:   https://github.com/AdguardTeam/AdGuardHome/milestone/51?closed=1
 -->
 ## [v0.107.14] - 2022-09-29
 See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
 ### Security
 A Cross-Site Request Forgery (CSRF) vulnerability has been discovered.  The CVE
 number is to be assigned.  We thank Daniel Elkabes from Mend.io for reporting
 this vulnerability to us.
 #### `SameSite` Policy
 The `SameSite` policy on the AdGuard Home session cookies is now set to `Lax`.
 Which means that the only cross-site HTTP request for which the browser is
 allowed to send the session cookie is navigating to the AdGuard Home domain.
 **Users are strongly advised to log out, clear browser cache, and log in again
 after updating.**
 #### Removal Of Plain-Text APIs (BREAKING API CHANGE)
 We have implemented several measures to prevent such vulnerabilities in the
 future, but some of these measures break backwards compatibility for the sake of
 better protection.
 The following APIs, which previously accepted or returned `text/plain` data,
 now accept or return data as JSON.  All new formats for the request and response
 bodies are documented in `openapi/openapi.yaml` and `openapi/CHANGELOG.md`.
 - `GET  /control/i18n/current_language`;
 - `POST /control/dhcp/find_active_dhcp`;
 - `POST /control/filtering/set_rules`;
 - `POST /control/i18n/change_language`.
 #### Stricter Content-Type Checks (BREAKING API CHANGE)
 All JSON APIs that expect a body now check if the request actually has
 `Content-Type` set to `application/json`.
 #### Other Security Changes
 - Weaker cipher suites that use the CBC (cipher block chaining) mode of
  operation have been disabled ([#2993]).
 ### Added
 - Support for plain (unencrypted) HTTP/2 ([#4930]).  This is useful for AdGuard
  Home installations behind a reverse proxy.
 ### Fixed
 - Incorrect path template in DDR responses ([#4927]).
 [#2993]: https://github.com/AdguardTeam/AdGuardHome/issues/2993
 [#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927
 [#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930
 [ms-v0.107.14]:   https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1
 ## [v0.107.13] - 2022-09-14
 See also the [v0.107.13 GitHub milestone][ms-v0.107.13].
 ### Added
 - The new optional `dns.ipset_file` property, which can be set in the
  configuration file.  It allows loading the `ipset` list from a file, just like
  `dns.upstream_dns_file` does for upstream servers ([#4686]).
 ### Changed
 - The minimum DHCP message size is reassigned back to BOOTP's constraint of 300
  bytes ([#4904]).
 ### Fixed
 - Panic when adding a static lease within the disabled DHCP server ([#4722]).
 [#4686]: https://github.com/AdguardTeam/AdGuardHome/issues/4686
 [#4722]: https://github.com/AdguardTeam/AdGuardHome/issues/4722
 [#4904]: https://github.com/AdguardTeam/AdGuardHome/issues/4904
 [ms-v0.107.13]:   https://github.com/AdguardTeam/AdGuardHome/milestone/49?closed=1
 -->
@ -1203,11 +1296,13 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].
 <!--
-[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...HEAD
+[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.15...HEAD
-[v0.107.13]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.11...v0.107.13
+[v0.107.15]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...v0.107.15
 -->
-[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.12...HEAD
+[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.14...HEAD
 [v0.107.14]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.13...v0.107.14
 [v0.107.13]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.12...v0.107.13
 [v0.107.12]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.11...v0.107.12
 [v0.107.11]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.10...v0.107.11
 [v0.107.10]:  https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.9...v0.107.10
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,18 @@
 #  Security Policy
 ## Reporting a Vulnerability
 Please send your vulnerability reports to <security@adguard.com>.  To make sure
 that your report reaches us, please:
 1.  Include the words “AdGuard Home” and “vulnerability” to the subject line as
    well as a short description of the vulnerability.  For example:
     >  AdGuard Home API vulnerability: possible XSS attack
 2.  Make sure that the message body contains a clear description of the
    vulnerability.
 If you have not received a reply to your email within 7 days, please make sure
 to follow up with us again at <security@adguard.com>.  Once again, make sure
 that the word “vulnerability” is in the subject line.
--- a/client/src/__locales/be.json
+++ b/client/src/__locales/be.json
@ -70,7 +70,7 @@
    "dhcp_warning": "Калі вы ўсё адно хочаце ўключыць DHCP-сервер, пераканайцеся, што ў сеціве больш няма актыўных DHCP-сервераў. Інакш гэта можа зламаць доступ у сеціва для падлучаных прылад!",
    "dhcp_error": "AdGuard Home не можа вызначыць, ці ёсць у сетцы іншы актыўны DHCP-сервер",
    "dhcp_static_ip_error": "Для таго, каб выкарыстоўваць DHCP-сервер, павінен быць усталяваны статычны IP-адрас. Мы не змаглі вызначыць, ці выкарыстоўвае гэты інтэрфейс сеціва статычны IP-адрас. Калі ласка, усталюйце яго ручна.",
-    "dhcp_dynamic_ip_found": "Ваша сістэма выкарыстоўвае дынамічны IP-адрас для інтэрфейсу <0>{{interfaceName}}</0>. Каб выкарыстоўваць DHCP-сервер трэба ўсталяваць статычны IP-адрас. Ваш бягучы IP-адрас – <0>{{ipAddress}}</0>. Мы аўтаматычна ўсталюем яго як статычны, калі вы націснеце кнопку Ўключыць DHCP.",
+    "dhcp_dynamic_ip_found": "Ваша сістэма выкарыстоўвае дынамічны IP-адрас для інтэрфейсу <0>{{interfaceName}}</0>. Каб выкарыстоўваць DHCP-сервер трэба ўсталяваць статычны IP-адрас. Ваш бягучы IP-адрас – <0>{{ipAddress}}</0>. Мы аўтаматычна ўсталюем яго як статычны, калі вы націснеце кнопку «Ўключыць DHCP».",
    "dhcp_lease_added": "Статычная арэнда «{{key}}» паспяхова дададзена",
    "dhcp_lease_deleted": "Статычная арэнда «{{key}}» паспяхова выдалена",
    "dhcp_new_static_lease": "Новая статычная арэнда",
@ -447,7 +447,7 @@
    "access_disallowed_title": "Забароненыя кліенты",
    "access_disallowed_desc": "Спіс CIDR, IP-адрасоў або <a>ClientID</a>. Калі ў гэтым спісе ёсць запісы, AdGuard Home выдаліць запыты ад гэтых кліентаў. Гэта поле ігнаруецца, калі ёсць запісы ў Дазволеныя кліенты.",
    "access_blocked_title": "Заблакаваныя дамены",
-    "access_blocked_desc": "Не блытайце гэта з фільтрамі. AdGuard Home будзе ігнараваць DNS-запыты з гэтымі даменамі.",
+    "access_blocked_desc": "Не блытаць з фільтрамі. AdGuard Home выдаляе запыты DNS, якія адпавядаюць гэтым даменам, і гэтыя запыты нават не з'яўляюцца ў журнале запытаў. Вы можаце ўказаць дакладныя даменныя імёны, падстаноўныя знакі або правілы фільтрацыі URL-адрасоў, напрыклад, «example.org», «*.example.org» ці «||example.org^» адпаведна.",
    "access_settings_saved": "Налады доступу паспяхова захаваны",
    "updates_checked": "Даступная новая версія AdGuard Home",
    "updates_version_equal": "Версія AdGuard Home актуальная",
@ -635,5 +635,6 @@
    "parental_control": "Бацькоўскі кантроль",
    "safe_browsing": "Бяспечны інтэрнэт",
    "served_from_cache": "{{value}} <i>(атрымана з кэша)</i>",
-    "form_error_password_length": "Пароль павінен быць не менш за {{value}} сімвалаў"
+    "form_error_password_length": "Пароль павінен быць не менш за {{value}} сімвалаў",
    "anonymizer_notification": "<0>Заўвага:</0> Ананімізацыя IP уключана. Вы можаце адключыць яго ў <1>Агульных наладах</1> ."
 }
--- a/client/src/__locales/cs.json
+++ b/client/src/__locales/cs.json
@ -635,5 +635,6 @@
    "parental_control": "Rodičovská ochrana",
    "safe_browsing": "Bezpečné prohlížení",
    "served_from_cache": "{{value}} <i>(převzato z mezipaměti)</i>",
-    "form_error_password_length": "Heslo musí být alespoň {{value}} znaků dlouhé"
+    "form_error_password_length": "Heslo musí být alespoň {{value}} znaků dlouhé",
    "anonymizer_notification": "<0>Poznámka:</0> Anonymizace IP je zapnuta. Můžete ji vypnout v <1>Obecných nastaveních</1>."
 }
--- a/client/src/__locales/da.json
+++ b/client/src/__locales/da.json
@ -635,5 +635,6 @@
    "parental_control": "Forældrekontrol",
    "safe_browsing": "Sikker Browsing",
    "served_from_cache": "{{value}} <i>(leveret fra cache)</i>",
-    "form_error_password_length": "Adgangskoden skal udgøre mindst {{value}} tegn."
+    "form_error_password_length": "Adgangskoden skal udgøre mindst {{value}} tegn.",
    "anonymizer_notification": "<0>Bemærk:</0> IP-anonymisering er aktiveret. Det kan deaktiveres via <1>Generelle indstillinger</1>."
 }
--- a/client/src/__locales/de.json
+++ b/client/src/__locales/de.json
@ -635,5 +635,6 @@
    "parental_control": "Kindersicherung",
    "safe_browsing": "Internetsicherheit",
    "served_from_cache": "{{value}} <i>(aus dem Cache abgerufen)</i>",
-    "form_error_password_length": "Das Passwort muss mindestens {{value}} Zeichen enthalten"
+    "form_error_password_length": "Das Passwort muss mindestens {{value}} Zeichen enthalten",
    "anonymizer_notification": "<0>Hinweis:</0> Die IP-Anonymisierung ist aktiviert. Sie können sie in den <1>Allgemeinen Einstellungen</1> deaktivieren."
 }
--- a/client/src/__locales/en.json
+++ b/client/src/__locales/en.json
@ -635,5 +635,6 @@
    "parental_control": "Parental Control",
    "safe_browsing": "Safe Browsing",
    "served_from_cache": "{{value}} <i>(served from cache)</i>",
-    "form_error_password_length": "Password must be at least {{value}} characters long"
+    "form_error_password_length": "Password must be at least {{value}} characters long",
    "anonymizer_notification": "<0>Note:</0> IP anonymization is enabled. You can disable it in <1>General settings</1>."
 }
--- a/client/src/__locales/es.json
+++ b/client/src/__locales/es.json
@ -635,5 +635,6 @@
    "parental_control": "Control parental",
    "safe_browsing": "Navegación segura",
    "served_from_cache": "{{value}} <i>(servido desde la caché)</i>",
-    "form_error_password_length": "La contraseña debe tener al menos {{value}} caracteres"
+    "form_error_password_length": "La contraseña debe tener al menos {{value}} caracteres",
    "anonymizer_notification": "<0>Nota:</0> La anonimización de IP está habilitada. Puedes deshabilitarla en <1>Configuración general</1>."
 }
--- a/client/src/__locales/fi.json
+++ b/client/src/__locales/fi.json
@ -635,5 +635,6 @@
    "parental_control": "Lapsilukko",
    "safe_browsing": "Turvallinen selaus",
    "served_from_cache": "{{value}} <i>(jaettu välimuistista)</i>",
-    "form_error_password_length": "Salasanan on oltava ainakin {{value}} merkkiä"
+    "form_error_password_length": "Salasanan on oltava ainakin {{value}} merkkiä",
    "anonymizer_notification": "<0>Huomioi:</0> IP-osoitteen anonymisointi on käytössä. Voit poistaa sen käytöstä <1>Yleisistä asetuksista</1>."
 }
--- a/client/src/__locales/fr.json
+++ b/client/src/__locales/fr.json
@ -635,5 +635,6 @@
    "parental_control": "Contrôle parental",
    "safe_browsing": "Navigation sécurisée",
    "served_from_cache": "{{value}} <i>(depuis le cache)</i>",
-    "form_error_password_length": "Le mot de passe doit comporter au moins {{value}} caractères"
+    "form_error_password_length": "Le mot de passe doit comporter au moins {{value}} caractères",
    "anonymizer_notification": "<0>Note :</0> L'anonymisation IP est activée. Vous pouvez la désactiver dans les <1>paramètres généraux</1>."
 }
--- a/client/src/__locales/hr.json
+++ b/client/src/__locales/hr.json
@ -635,5 +635,6 @@
    "parental_control": "Roditeljska zaštita",
    "safe_browsing": "Sigurno surfanje",
    "served_from_cache": "{{value}} <i>(dohvaćeno iz predmemorije)</i>",
-    "form_error_password_length": "Lozinka mora imati najmanje {{value}} znakova"
+    "form_error_password_length": "Lozinka mora imati najmanje {{value}} znakova",
    "anonymizer_notification": "<0>Napomena:</0>IP anonimizacija je omogućena. Možete ju onemogućiti u <1>općim postavkama</1>."
 }
--- a/client/src/__locales/hu.json
+++ b/client/src/__locales/hu.json
@ -635,5 +635,6 @@
    "parental_control": "Szülői felügyelet",
    "safe_browsing": "Biztonságos böngészés",
    "served_from_cache": "{{value}} <i>(gyorsítótárból kiszolgálva)</i>",
-    "form_error_password_length": "A jelszó legalább {{value}} karakter hosszú kell, hogy legyen"
+    "form_error_password_length": "A jelszó legalább {{value}} karakter hosszú kell, hogy legyen",
    "anonymizer_notification": "<0>Megjegyzés:</0> Az IP anonimizálás engedélyezve van. Az <1>Általános beállításoknál letilthatja</1> ."
 }
--- a/client/src/__locales/id.json
+++ b/client/src/__locales/id.json
@ -635,5 +635,6 @@
    "parental_control": "Kontrol Orang Tua",
    "safe_browsing": "Penjelajahan Aman",
    "served_from_cache": "{{value}} <i>(disajikan dari cache)</i>",
-    "form_error_password_length": "Kata sandi harus minimal {{value}} karakter"
+    "form_error_password_length": "Kata sandi harus minimal {{value}} karakter",
    "anonymizer_notification": "<0>Catatan:</0> Anonimisasi IP diaktifkan. Anda dapat menonaktifkannya di <1>Pengaturan umum</1> ."
 }
--- a/client/src/__locales/it.json
+++ b/client/src/__locales/it.json
@ -635,5 +635,6 @@
    "parental_control": "Controllo Parentale",
    "safe_browsing": "Navigazione Sicura",
    "served_from_cache": "{{value}} <i>(fornito dalla cache)</i>",
-    "form_error_password_length": "La password deve contenere almeno {{value}} caratteri"
+    "form_error_password_length": "La password deve contenere almeno {{value}} caratteri",
    "anonymizer_notification": "<0>Attenzione:</0> L'anonimizzazione dell'IP è abilitata. Puoi disabilitarla in <1>Impostazioni generali</1>."
 }
--- a/client/src/__locales/ja.json
+++ b/client/src/__locales/ja.json
@ -635,5 +635,6 @@
    "parental_control": "ペアレンタルコントロール",
    "safe_browsing": "セーフブラウジング",
    "served_from_cache": "{{value}} <i>(キャッシュから応答)</i>",
-    "form_error_password_length": "パスワードは{{value}}文字以上にしてください"
+    "form_error_password_length": "パスワードは{{value}}文字以上にしてください",
    "anonymizer_notification": "【<0>注意</0>】IPの匿名化が有効になっています。 <1>一般設定</1>で無効にできます。"
 }
--- a/client/src/__locales/ko.json
+++ b/client/src/__locales/ko.json
@ -635,5 +635,6 @@
    "parental_control": "자녀 보호",
    "safe_browsing": "세이프 브라우징",
    "served_from_cache": "{{value}} <i>(캐시에서 제공)</i>",
-    "form_error_password_length": "비밀번호는 {{value}}자 이상이어야 합니다"
+    "form_error_password_length": "비밀번호는 {{value}}자 이상이어야 합니다",
    "anonymizer_notification": "<0>참고:</0> IP 익명화가 활성화되었습니다. <1>일반 설정</1>에서 비활성화할 수 있습니다."
 }
--- a/client/src/__locales/nl.json
+++ b/client/src/__locales/nl.json
@ -557,7 +557,7 @@
    "fastest_addr_desc": "Alle DNS-servers bevragen en het snelste IP adres terugkoppelen. Dit zal de DNS verzoeken vertragen omdat AdGuard Home moet wachten op de antwoorden van alles DNS-servers, maar verbetert wel de connectiviteit.",
    "autofix_warning_text": "Als je op \"Repareren\" klikt, configureert AdGuard Home jouw systeem om de AdGuard Home DNS-server te gebruiken.",
    "autofix_warning_list": "De volgende taken worden uitgevoerd: <0> Deactiveren van Systeem DNSStubListener</0> <0> DNS-serveradres instellen op 127.0.0.1 </0> <0> Symbolisch koppelingsdoel van /etc/resolv.conf vervangen door /run/systemd/resolve/resolv.conf </0> <0> Stop DNSStubListener (herlaad systemd-resolved service) </0>",
-    "autofix_warning_result": "Als gevolg hiervan worden alle DNS-verzoeken van je systeem standaard door AdGuard Home verwerkt.",
+    "autofix_warning_result": "Als gevolg hiervan worden alle DNS-aanvragen van je systeem standaard door AdGuard Home verwerkt.",
    "tags_title": "Labels",
    "tags_desc": "Je kunt labels selecteren die overeenkomen met de client. Labels kunnen worden opgenomen in de filterregels om ze \n nauwkeuriger toe te passen. <0>Meer informatie</0>.",
    "form_select_tags": "Client tags selecteren",
@ -628,12 +628,13 @@
    "original_response": "Oorspronkelijke reactie",
    "click_to_view_queries": "Klik om queries te bekijken",
    "port_53_faq_link": "Poort 53 wordt vaak gebruikt door services als DNSStubListener- of de systeem DNS-resolver. Lees a.u.b. <0>deze instructie</0> hoe dit is op te lossen.",
-    "adg_will_drop_dns_queries": "AdGuard Home zal alle DNS-verzoeken van deze cliënt laten vervallen.",
+    "adg_will_drop_dns_queries": "AdGuard Home zal alle DNS-aanvragen van deze cliënt laten vervallen.",
    "filter_allowlist": "WAARSCHUWING: Deze actie zal ook de regel \"{{disallowed_rule}}\" uitsluiten van de lijst met toegestane clients.",
    "last_rule_in_allowlist": "Kan deze client niet weigeren omdat het uitsluiten van de regel \"{{disallowed_rule}}\" de lijst \"Toegestane clients\" zal UITSCHAKELEN.",
    "use_saved_key": "De eerder opgeslagen sleutel gebruiken",
    "parental_control": "Ouderlijk toezicht",
    "safe_browsing": "Veilig browsen",
    "served_from_cache": "{{value}} <i>(geleverd vanuit cache)</i>",
-    "form_error_password_length": "Wachtwoord moet minimaal {{value}} tekens lang zijn"
+    "form_error_password_length": "Wachtwoord moet minimaal {{value}} tekens lang zijn",
    "anonymizer_notification": "<0>Opmerking:</0> IP-anonimisering is ingeschakeld. Je kunt het uitschakelen in <1>Algemene instellingen</1>."
 }
--- a/client/src/__locales/pl.json
+++ b/client/src/__locales/pl.json
@ -635,5 +635,6 @@
    "parental_control": "Kontrola rodzicielska",
    "safe_browsing": "Bezpieczne przeglądanie",
    "served_from_cache": "{{value}} <i>(podawane z pamięci podręcznej)</i>",
-    "form_error_password_length": "Hasło musi mieć co najmniej {{value}} znaków"
+    "form_error_password_length": "Hasło musi mieć co najmniej {{value}} znaków",
    "anonymizer_notification": "<0>Uwaga:</0> Anonimizacja IP jest włączona. Możesz ją wyłączyć w <1>Ustawieniach ogólnych</1>."
 }
--- a/client/src/__locales/pt-br.json
+++ b/client/src/__locales/pt-br.json
@ -635,5 +635,6 @@
    "parental_control": "Controle parental",
    "safe_browsing": "Navegação segura",
    "served_from_cache": "{{value}} <i>(servido do cache)</i>",
-    "form_error_password_length": "A senha deve ter pelo menos {{value}} caracteres"
+    "form_error_password_length": "A senha deve ter pelo menos {{value}} caracteres",
    "anonymizer_notification": "<0>Observação:</0> A anonimização de IP está ativada. Você pode desativá-lo em <1>Configurações gerais</1>."
 }
--- a/client/src/__locales/pt-pt.json
+++ b/client/src/__locales/pt-pt.json
@ -635,5 +635,6 @@
    "parental_control": "Controlo parental",
    "safe_browsing": "Navegação segura",
    "served_from_cache": "{{value}} <i>(servido do cache)</i>",
-    "form_error_password_length": "A palavra-passe deve ter pelo menos {{value}} caracteres"
+    "form_error_password_length": "A palavra-passe deve ter pelo menos {{value}} caracteres",
    "anonymizer_notification": "<0>Observação:</0> A anonimização de IP está ativada. Você pode desativá-la em <1>Definições gerais</1>."
 }
--- a/client/src/__locales/ro.json
+++ b/client/src/__locales/ro.json
@ -635,5 +635,6 @@
    "parental_control": "Control Parental",
    "safe_browsing": "Navigare în siguranță",
    "served_from_cache": "{{value}} <i>(furnizat din cache)</i>",
-    "form_error_password_length": "Parola trebuie să aibă cel puțin {{value}} caractere"
+    "form_error_password_length": "Parola trebuie să aibă cel puțin {{value}} caractere",
    "anonymizer_notification": "<0>Nota:</0> Anonimizarea IP este activată. Puteți să o dezactivați în <1>Setări generale</1>."
 }
--- a/client/src/__locales/ru.json
+++ b/client/src/__locales/ru.json
@ -635,5 +635,6 @@
    "parental_control": "Родительский контроль",
    "safe_browsing": "Безопасный интернет",
    "served_from_cache": "{{value}} <i>(получено из кеша)</i>",
-    "form_error_password_length": "Пароль должен быть длиной не меньше {{value}} символов"
+    "form_error_password_length": "Пароль должен быть длиной не меньше {{value}} символов",
    "anonymizer_notification": "<0>Внимание:</0> включена анонимизация IP-адресов. Вы можете отключить её в разделе <1>Основные настройки</1>."
 }
--- a/client/src/__locales/sk.json
+++ b/client/src/__locales/sk.json
@ -635,5 +635,6 @@
    "parental_control": "Rodičovská kontrola",
    "safe_browsing": "Bezpečné prehliadanie",
    "served_from_cache": "{{value}} <i>(prevzatá z cache pamäte)</i>",
-    "form_error_password_length": "Heslo musí mať dĺžku aspoň {{value}} znakov"
+    "form_error_password_length": "Heslo musí mať dĺžku aspoň {{value}} znakov",
    "anonymizer_notification": "<0>Poznámka:</0> Anonymizácia IP je zapnutá. Môžete ju vypnúť vo <1>Všeobecných nastaveniach</1>."
 }
--- a/client/src/__locales/sl.json
+++ b/client/src/__locales/sl.json
@ -635,5 +635,6 @@
    "parental_control": "Starševski nadzor",
    "safe_browsing": "Varno brskanje",
    "served_from_cache": "{{value}} <i>(postreženo iz predpomnilnika)</i>",
-    "form_error_password_length": "Geslo mora vsebovati najmanj {{value}} znakov"
+    "form_error_password_length": "Geslo mora vsebovati najmanj {{value}} znakov",
    "anonymizer_notification": "<0>Opomba:</0> Anonimizacija IP je omogočena. Onemogočite ga lahko v <1>Splošnih nastavitvah</1>."
 }
--- a/client/src/__locales/sr-cs.json
+++ b/client/src/__locales/sr-cs.json
@ -635,5 +635,6 @@
    "parental_control": "Roditeljska kontrola",
    "safe_browsing": "Sigurno pregledanje",
    "served_from_cache": "{{value}} <i>(posluženo iz predmemorije)</i>",
-    "form_error_password_length": "Lozinka mora imati najmanje {{value}} znakova"
+    "form_error_password_length": "Lozinka mora imati najmanje {{value}} znakova",
    "anonymizer_notification": "<0>Nota:</0> IP prepoznavanje je omogućeno. Možete ga onemogućiti u opštim <1>postavkama</1>."
 }
--- a/client/src/__locales/sv.json
+++ b/client/src/__locales/sv.json
@ -635,5 +635,6 @@
    "parental_control": "Föräldrakontroll",
    "safe_browsing": "Säker surfning",
    "served_from_cache": "{{value}} <i>(levereras från cache)</i>",
-    "form_error_password_length": "Lösenordet måste vara minst {{value}} tecken långt"
+    "form_error_password_length": "Lösenordet måste vara minst {{value}} tecken långt",
    "anonymizer_notification": "<0>Observera:</0> IP-anonymisering är aktiverad. Du kan inaktivera den i <1>Allmänna inställningar</1>."
 }
--- a/client/src/__locales/tr.json
+++ b/client/src/__locales/tr.json
@ -368,7 +368,7 @@
    "encryption_server_enter": "Alan adınızı girin",
    "encryption_server_desc": "Ayarlanırsa, AdGuard Home ClientID'leri algılar, DDR sorgularına yanıt verir ve ek bağlantı doğrulamaları gerçekleştirir. Ayarlanmazsa, bu özellikler devre dışı bırakılır. Sertifikadaki DNS Adlarından biriyle eşleşmelidir.",
    "encryption_redirect": "Otomatik olarak HTTPS'e yönlendir",
-    "encryption_redirect_desc": "Etkinleştirirseniz, AdGuard Home sizi HTTP adresi yerine HTTPS adresine yönlendirir.",
+    "encryption_redirect_desc": "İşaretlenirse, AdGuard Home sizi otomatik olarak HTTP adresinden HTTPS adreslerine yönlendirecektir.",
    "encryption_https": "HTTPS bağlantı noktası",
    "encryption_https_desc": "HTTPS bağlantı noktası yapılandırılırsa, AdGuard Home yönetici arayüzüne HTTPS aracılığıyla erişilebilir olacak ve ayrıca '/dns-query' üzerinden DNS-over-HTTPS bağlantısı sağlayacaktır.",
    "encryption_dot": "DNS-over-TLS bağlantı noktası",
@ -408,7 +408,7 @@
    "fix": "Düzelt",
    "dns_providers": "Aralarından seçim yapabileceğiniz, bilinen <0>DNS sağlayıcıların listesi</0>.",
    "update_now": "Şimdi güncelle",
-    "update_failed": "Otomatik güncelleme başarısız oldu. Elle güncellemek için lütfen <a>bu adımları uygulayın</a>.",
+    "update_failed": "Otomatik güncelleme başarısız oldu. Elle güncellemek için lütfen <a>bu adımları izleyin</a>.",
    "manual_update": "Elle güncellemek için lütfen <a>bu adımları uygulayın</a>.",
    "processing_update": "Lütfen bekleyin, AdGuard Home güncelleniyor",
    "clients_title": "Kalıcı istemciler",
@ -635,5 +635,6 @@
    "parental_control": "Ebeveyn Denetimi",
    "safe_browsing": "Güvenli Gezinti",
    "served_from_cache": "{{value}} <i>(önbellekten kullanıldı)</i>",
-    "form_error_password_length": "Parola en az {{value}} karakter uzunluğunda olmalıdır"
+    "form_error_password_length": "Parola en az {{value}} karakter uzunluğunda olmalıdır",
    "anonymizer_notification": "<0>Not:</0> IP anonimleştirme etkinleştirildi. Bunu <1>Genel ayarlardan</1> devre dışı bırakabilirsiniz."
 }
--- a/client/src/__locales/uk.json
+++ b/client/src/__locales/uk.json
@ -447,7 +447,7 @@
    "access_disallowed_title": "Заборонені клієнти",
    "access_disallowed_desc": "Перелік CIDR, IP-адрес та <a>ClientIDs</a>. Якщо налаштовано, AdGuard Home буде скасовувати запити від цих клієнтів. Проте якщо налаштовано список Дозволених клієнтів, то це поле проігнорується.",
    "access_blocked_title": "Заборонені домени",
-    "access_blocked_desc": "Не плутайте з фільтрами. AdGuard Home буде ігнорувати DNS-запити з цими доменами, такі запити навіть не будуть записані до журналу. Ви можете вказати точні доменні імена, замінні знаки та правила фільтрування URL-адрес, наприклад, 'example.org', '*.example.org' або '||example.org^' відповідно.",
+    "access_blocked_desc": "Не плутайте з фільтрами. AdGuard Home буде ігнорувати DNS-запити з цими доменами, такі запити навіть не будуть записані до журналу. Ви можете вказати точні доменні імена, замінні знаки та правила фільтрування URL-адрес, наприклад, «example.org», «*.example.org» або «||example.org^» відповідно.",
    "access_settings_saved": "Налаштування доступу успішно збережено",
    "updates_checked": "Доступна нова версія AdGuard Home",
    "updates_version_equal": "AdGuard Home останньої версії",
@ -635,5 +635,6 @@
    "parental_control": "Батьківський контроль",
    "safe_browsing": "Безпечний перегляд",
    "served_from_cache": "{{value}} <i>(отримано з кешу)</i>",
-    "form_error_password_length": "Пароль мусить мати принаймні {{value}} символів"
+    "form_error_password_length": "Пароль мусить мати принаймні {{value}} символів",
    "anonymizer_notification": "<0>Примітка:</0> IP-анонімізацію ввімкнено. Ви можете вимкнути його в <1>Загальні налаштування</1> ."
 }
--- a/client/src/__locales/vi.json
+++ b/client/src/__locales/vi.json
@ -635,5 +635,6 @@
    "parental_control": "Quản lý của phụ huynh",
    "safe_browsing": "Duyệt web an toàn",
    "served_from_cache": "{{value}} <i>(được phục vụ từ bộ nhớ cache)</i>",
-    "form_error_password_length": "Mật khẩu phải có ít nhất {{value}} ký tự"
+    "form_error_password_length": "Mật khẩu phải có ít nhất {{value}} ký tự",
    "anonymizer_notification": "<0> Lưu ý:</0> Tính năng ẩn danh IP được bật. Bạn có thể tắt nó trong <1> Cài đặt chung</1>."
 }
--- a/client/src/__locales/zh-cn.json
+++ b/client/src/__locales/zh-cn.json
@ -635,5 +635,6 @@
    "parental_control": "家长控制",
    "safe_browsing": "安全浏览",
    "served_from_cache": "{{value}}<i>(由缓存提供)</i>",
-    "form_error_password_length": "密码必须至少有 {{value}} 个字符"
+    "form_error_password_length": "密码必须至少有 {{value}} 个字符",
    "anonymizer_notification": "<0>注意：</0> IP 匿名化已启用。您可以在<1>常规设置</1>中禁用它。"
 }
--- a/client/src/__locales/zh-tw.json
+++ b/client/src/__locales/zh-tw.json
@ -635,5 +635,6 @@
    "parental_control": "家長控制",
    "safe_browsing": "安全瀏覽",
    "served_from_cache": "{{value}} <i>(由快取提供)</i>",
-    "form_error_password_length": "密碼必須為至少長 {{value}} 個字元"
+    "form_error_password_length": "密碼必須為至少長 {{value}} 個字元",
    "anonymizer_notification": "<0>注意：</0>IP 匿名化被啟用。您可在<1>一般設定</1>中禁用它。"
 }
--- a/client/src/actions/filtering.js
+++ b/client/src/actions/filtering.js
@ -31,7 +31,9 @@ export const setRulesSuccess = createAction('SET_RULES_SUCCESS');
 export const setRules = (rules) => async (dispatch) => {
    dispatch(setRulesRequest());
    try {
-        const normalizedRules = normalizeRulesTextarea(rules);
+        const normalizedRules = {
            rules: normalizeRulesTextarea(rules)?.split('\n'),
        };
        await apiClient.setRules(normalizedRules);
        dispatch(addSuccessToast('updated_custom_filtering_toast'));
        dispatch(setRulesSuccess());
--- a/client/src/actions/index.js
+++ b/client/src/actions/index.js
@ -355,7 +355,7 @@ export const changeLanguageSuccess = createAction('CHANGE_LANGUAGE_SUCCESS');
 export const changeLanguage = (lang) => async (dispatch) => {
    dispatch(changeLanguageRequest());
    try {
-        await apiClient.changeLanguage(lang);
+        await apiClient.changeLanguage({ language: lang });
        dispatch(changeLanguageSuccess());
    } catch (error) {
        dispatch(addErrorToast({ error }));
@ -370,8 +370,8 @@ export const getLanguageSuccess = createAction('GET_LANGUAGE_SUCCESS');
 export const getLanguage = () => async (dispatch) => {
    dispatch(getLanguageRequest());
    try {
-        const language = await apiClient.getCurrentLanguage();
+        const langSettings = await apiClient.getCurrentLanguage();
-        dispatch(getLanguageSuccess(language));
+        dispatch(getLanguageSuccess(langSettings.language));
    } catch (error) {
        dispatch(addErrorToast({ error }));
        dispatch(getLanguageFailure());
@ -421,7 +421,10 @@ export const findActiveDhcpFailure = createAction('FIND_ACTIVE_DHCP_FAILURE');
 export const findActiveDhcp = (name) => async (dispatch, getState) => {
    dispatch(findActiveDhcpRequest());
    try {
-        const activeDhcp = await apiClient.findActiveDhcp(name);
+        const req = {
            interface: name,
        };
        const activeDhcp = await apiClient.findActiveDhcp(req);
        dispatch(findActiveDhcpSuccess(activeDhcp));
        const { check, interface_name, interfaces } = getState().dhcp;
        const selectedInterface = getState().form[FORM_NAME.DHCP_INTERFACES].values.interface_name;
--- a/client/src/api/Api.js
+++ b/client/src/api/Api.js
@ -10,11 +10,17 @@ class Api {
    async makeRequest(path, method = 'POST', config) {
        const url = `${this.baseUrl}/${path}`;
        const axiosConfig = config || {};
        if (method !== 'GET' && axiosConfig.data) {
            axiosConfig.headers = axiosConfig.headers || {};
            axiosConfig.headers['Content-Type'] = axiosConfig.headers['Content-Type'] || 'application/json';
        }
        try {
            const response = await axios({
                url,
                method,
-                ...config,
+                ...axiosConfig,
            });
            return response.data;
        } catch (error) {
@ -55,7 +61,6 @@ class Api {
        const { path, method } = this.GLOBAL_TEST_UPSTREAM_DNS;
        const config = {
            data: servers,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, config);
    }
@ -64,7 +69,6 @@ class Api {
        const { path, method } = this.GLOBAL_VERSION;
        const config = {
            data,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, config);
    }
@ -100,7 +104,6 @@ class Api {
        const { path, method } = this.FILTERING_REFRESH;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
@ -110,7 +113,6 @@ class Api {
        const { path, method } = this.FILTERING_ADD_FILTER;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
@ -120,7 +122,6 @@ class Api {
        const { path, method } = this.FILTERING_REMOVE_FILTER;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
@ -130,7 +131,6 @@ class Api {
        const { path, method } = this.FILTERING_SET_RULES;
        const parameters = {
            data: rules,
            headers: { 'Content-Type': 'text/plain' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -139,7 +139,6 @@ class Api {
        const { path, method } = this.FILTERING_CONFIG;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -148,7 +147,6 @@ class Api {
        const { path, method } = this.FILTERING_SET_URL;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -173,12 +171,7 @@ class Api {
    enableParentalControl() {
        const { path, method } = this.PARENTAL_ENABLE;
-        const parameter = 'sensitivity=TEEN'; // this parameter TEEN is hardcoded
+        return this.makeRequest(path, method);
        const config = {
            data: parameter,
            headers: { 'Content-Type': 'text/plain' },
        };
        return this.makeRequest(path, method, config);
    }
    disableParentalControl() {
@ -240,11 +233,10 @@ class Api {
        return this.makeRequest(path, method);
    }
-    changeLanguage(lang) {
+    changeLanguage(config) {
        const { path, method } = this.CHANGE_LANGUAGE;
        const parameters = {
-            data: lang,
+            data: config,
            headers: { 'Content-Type': 'text/plain' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -280,16 +272,14 @@ class Api {
        const { path, method } = this.DHCP_SET_CONFIG;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
-    findActiveDhcp(name) {
+    findActiveDhcp(req) {
        const { path, method } = this.DHCP_FIND_ACTIVE;
        const parameters = {
-            data: name,
+            data: req,
            headers: { 'Content-Type': 'text/plain' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -298,7 +288,6 @@ class Api {
        const { path, method } = this.DHCP_ADD_STATIC_LEASE;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -307,7 +296,6 @@ class Api {
        const { path, method } = this.DHCP_REMOVE_STATIC_LEASE;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -338,7 +326,6 @@ class Api {
        const { path, method } = this.INSTALL_CONFIGURE;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -347,7 +334,6 @@ class Api {
        const { path, method } = this.INSTALL_CHECK_CONFIG;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -368,7 +354,6 @@ class Api {
        const { path, method } = this.TLS_CONFIG;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -377,7 +362,6 @@ class Api {
        const { path, method } = this.TLS_VALIDATE;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -402,7 +386,6 @@ class Api {
        const { path, method } = this.ADD_CLIENT;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -411,7 +394,6 @@ class Api {
        const { path, method } = this.DELETE_CLIENT;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -420,7 +402,6 @@ class Api {
        const { path, method } = this.UPDATE_CLIENT;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -445,7 +426,6 @@ class Api {
        const { path, method } = this.ACCESS_SET;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -466,7 +446,6 @@ class Api {
        const { path, method } = this.REWRITE_ADD;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -475,7 +454,6 @@ class Api {
        const { path, method } = this.REWRITE_DELETE;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -501,7 +479,6 @@ class Api {
        const { path, method } = this.BLOCKED_SERVICES_SET;
        const parameters = {
            data: config,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, parameters);
    }
@ -529,7 +506,6 @@ class Api {
        const { path, method } = this.STATS_CONFIG;
        const config = {
            data,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, config);
    }
@ -565,7 +541,6 @@ class Api {
        const { path, method } = this.QUERY_LOG_CONFIG;
        const config = {
            data,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, config);
    }
@ -582,7 +557,6 @@ class Api {
        const { path, method } = this.LOGIN;
        const config = {
            data,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, config);
    }
@ -609,7 +583,6 @@ class Api {
        const { path, method } = this.SET_DNS_CONFIG;
        const config = {
            data,
            headers: { 'Content-Type': 'application/json' },
        };
        return this.makeRequest(path, method, config);
    }
--- a/client/src/components/Filters/Table.js
+++ b/client/src/components/Filters/Table.js
@ -41,13 +41,13 @@ class Table extends Component {
        {
            Header: <Trans>name_table_header</Trans>,
            accessor: 'name',
-            minWidth: 200,
+            minWidth: 180,
            Cell: CellWrap,
        },
        {
            Header: <Trans>list_url_table_header</Trans>,
            accessor: 'url',
-            minWidth: 200,
+            minWidth: 180,
            Cell: ({ value }) => (
                <div className="logs__row">
                    {isValidAbsolutePath(value) ? value
@ -73,7 +73,7 @@ class Table extends Component {
            Header: <Trans>last_time_updated_table_header</Trans>,
            accessor: 'lastUpdated',
            className: 'text-center',
-            minWidth: 150,
+            minWidth: 180,
            Cell: this.getDateCell,
        },
        {
--- a/client/src/components/Logs/AnonymizerNotification.js
+++ b/client/src/components/Logs/AnonymizerNotification.js
@ -0,0 +1,16 @@
 import React from 'react';
 import { Trans } from 'react-i18next';
 import { HashLink as Link } from 'react-router-hash-link';
 const AnonymizerNotification = () => (
    <div className="alert alert-primary mt-6">
        <Trans components={[
            <strong key="0">text</strong>,
            <Link to="/settings#logs-config" key="1">link</Link>,
        ]}>
            anonymizer_notification
        </Trans>
    </div>
 );
 export default AnonymizerNotification;
--- a/client/src/components/Logs/Cells/ClientCell.js
+++ b/client/src/components/Logs/Cells/ClientCell.js
@ -62,7 +62,7 @@ const ClientCell = ({
        'white-space--nowrap': isDetailed,
    });
-    const hintClass = classNames('icons mr-4 icon--24 icon--lightgray', {
+    const hintClass = classNames('icons mr-4 icon--24 logs__question icon--lightgray', {
        'my-3': isDetailed,
    });
--- a/client/src/components/Logs/Cells/DomainCell.js
+++ b/client/src/components/Logs/Cells/DomainCell.js
@ -34,7 +34,7 @@ const DomainCell = ({
        'my-3': isDetailed,
    });
-    const privacyIconClass = classNames('icons mx-2 icon--24 d-none d-sm-block', {
+    const privacyIconClass = classNames('icons mx-2 icon--24 d-none d-sm-block logs__question', {
        'icon--green': hasTracker,
        'icon--disabled': !hasTracker,
        'my-3': isDetailed,
--- a/client/src/components/Logs/Cells/IconTooltip.css
+++ b/client/src/components/Logs/Cells/IconTooltip.css
@ -49,6 +49,12 @@
    padding-top: 1rem;
 }
@media (max-width: 1024px) {
    .grid .key-colon, .grid .title--border {
        font-weight: 600;
    }
 }
@media (max-width: 767.98px) {
    .grid {
        grid-template-columns: 35% 55%;
@ -70,10 +76,6 @@
        grid-column: 2 / span 1;
        margin: 0 !important;
    }
    .grid .key-colon, .grid .title--border {
        font-weight: 600;
    }
 }
 .grid .key-colon:nth-child(odd)::after {
--- a/client/src/components/Logs/Cells/ResponseCell.js
+++ b/client/src/components/Logs/Cells/ResponseCell.js
@ -97,7 +97,7 @@ const ResponseCell = ({
    return (
        <div className="logs__cell logs__cell--response" role="gridcell">
            <IconTooltip
-                className={classNames('icons mr-4 icon--24 icon--lightgray', { 'my-3': isDetailed })}
+                className={classNames('icons mr-4 icon--24 icon--lightgray logs__question', { 'my-3': isDetailed })}
                columnClass='grid grid--limited'
                tooltipClass='px-5 pb-5 pt-4 mw-75 custom-tooltip__response-details'
                contentItemClass='text-truncate key-colon o-hidden'
--- a/client/src/components/Logs/Logs.css
+++ b/client/src/components/Logs/Logs.css
@ -485,3 +485,13 @@
 .bg--green {
    color: var(--green79);
 }
@media (max-width: 1024px) {
    .logs__question {
        display: none;
    }
 }
 .logs__modal {
    max-width: 720px;
 }
--- a/client/src/components/Logs/index.js
+++ b/client/src/components/Logs/index.js
@ -25,6 +25,7 @@ import {
 import InfiniteTable from './InfiniteTable';
 import './Logs.css';
 import { BUTTON_PREFIX } from './Cells/helpers';
 import AnonymizerNotification from './AnonymizerNotification';
 const processContent = (data) => Object.entries(data)
    .map(([key, value]) => {
@ -73,6 +74,7 @@ const Logs = () => {
        processingGetConfig,
        processingAdditionalLogs,
        processingGetLogs,
        anonymize_client_ip: anonymizeClientIp,
    } = useSelector((state) => state.queryLogs, shallowEqual);
    const filter = useSelector((state) => state.queryLogs.filter, shallowEqual);
    const logs = useSelector((state) => state.queryLogs.logs, shallowEqual);
@ -104,6 +106,8 @@ const Logs = () => {
        setIsSmallScreen(e.matches);
        if (e.matches) {
            dispatch(toggleDetailedLogs(false));
        } else {
            dispatch(toggleDetailedLogs(true));
        }
    };
@ -180,35 +184,49 @@ const Logs = () => {
                setButtonType={setButtonType}
                setModalOpened={setModalOpened}
        />
-        <Modal portalClassName='grid' isOpen={isSmallScreen && isModalOpened}
+        <Modal
            portalClassName='grid'
            isOpen={isSmallScreen && isModalOpened}
            onRequestClose={closeModal}
            style={{
                content: {
                    width: '100%',
                    height: 'fit-content',
-                       left: 0,
+                    left: '50%',
                    top: 47,
                    padding: '1rem 1.5rem 1rem',
                    maxWidth: '720px',
                    transform: 'translateX(-50%)',
                },
                overlay: {
                    backgroundColor: 'rgba(0,0,0,0.5)',
                },
            }}
        >
            <div className="logs__modal-wrap">
                <svg
-                    className="icon icon--24 icon-cross d-block d-md-none cursor--pointer"
+                    className="icon icon--24 icon-cross d-block cursor--pointer"
-                    onClick={closeModal}>
+                    onClick={closeModal}
                >
                    <use xlinkHref="#cross" />
                </svg>
                {processContent(detailedDataCurrent, buttonType)}
            </div>
        </Modal>
    </>;
-    return <>
+    return (
-        {enabled && processingGetConfig && <Loading />}
+        <>
-        {enabled && !processingGetConfig && renderPage()}
+            {enabled && (
                <>
                    {processingGetConfig && <Loading />}
                    {anonymizeClientIp && <AnonymizerNotification />}
                    {!processingGetConfig && renderPage()}
                </>
            )}
            {!enabled && !processingGetConfig && <Disabled />}
-    </>;
+        </>
    );
 };
 export default Logs;
--- a/client/src/components/ui/Tabler.css
+++ b/client/src/components/ui/Tabler.css
@ -2820,6 +2820,11 @@ fieldset:disabled a.btn {
 }
 .btn-outline-primary:focus,
 .btn-outline-primary.focus {
    box-shadow: none;
 }
 .btn-outline-primary:focus-visible,
 .btn-outline-primary.focus {
    box-shadow: 0 0 0 2px rgba(70, 127, 207, 0.5);
 }
@ -2858,6 +2863,11 @@ fieldset:disabled a.btn {
 }
 .btn-outline-secondary:focus,
 .btn-outline-secondary.focus {
    box-shadow: none;
 }
 .btn-outline-secondary:focus-visible,
 .btn-outline-secondary.focus {
    box-shadow: 0 0 0 2px rgba(134, 142, 150, 0.5);
 }
--- a/client/src/components/ui/Tabs.css
+++ b/client/src/components/ui/Tabs.css
@ -67,6 +67,7 @@
    height: 24px;
    margin-bottom: 6px;
    fill: #4a4a4a;
    touch-action: initial;
 }
 .tab__text {
--- a/client/src/helpers/constants.js
+++ b/client/src/helpers/constants.js
@ -526,8 +526,8 @@ export const DEFAULT_DATE_FORMAT_OPTIONS = {
    month: 'numeric',
    day: 'numeric',
    hour: 'numeric',
    hourCycle: 'h23',
    minute: 'numeric',
    hour12: false,
 };
 export const DETAILED_DATE_FORMAT_OPTIONS = {
--- a/internal/aghhttp/aghhttp.go
+++ b/internal/aghhttp/aghhttp.go
@ -2,6 +2,7 @@
 package aghhttp
 import (
 	"encoding/json"
 	"fmt"
 	"io"
 	"net/http"
@ -10,6 +11,12 @@ import (
 	"github.com/AdguardTeam/golibs/log"
 )
 // HTTP scheme constants.
 const (
 	SchemeHTTP  = "http"
 	SchemeHTTPS = "https"
 )
 // RegisterFunc is the function that sets the handler to handle the URL for the
 // method.
 //
@ -26,7 +33,7 @@ func OK(w http.ResponseWriter) {
 // Error writes formatted message to w and also logs it.
 func Error(r *http.Request, w http.ResponseWriter, code int, format string, args ...any) {
 	text := fmt.Sprintf(format, args...)
-	log.Error("%s %s: %s", r.Method, r.URL, text)
+	log.Error("%s %s %s: %s", r.Method, r.Host, r.URL, text)
 	http.Error(w, text, code)
 }
@ -35,3 +42,34 @@ func Error(r *http.Request, w http.ResponseWriter, code int, format string, args
 func UserAgent() (ua string) {
 	return fmt.Sprintf("AdGuardHome/%s", version.Version())
 }
 // textPlainDeprMsg is the message returned to API users when they try to use
 // an API that used to accept "text/plain" but doesn't anymore.
 const textPlainDeprMsg = `using this api with the text/plain content-type is deprecated; ` +
 	`use application/json`
 // WriteTextPlainDeprecated responds to the request with a message about
 // deprecation and removal of a plain-text API if the request is made with the
 // "text/plain" content-type.
 func WriteTextPlainDeprecated(w http.ResponseWriter, r *http.Request) (isPlainText bool) {
 	if r.Header.Get(HdrNameContentType) != HdrValTextPlain {
 		return false
 	}
 	Error(r, w, http.StatusUnsupportedMediaType, textPlainDeprMsg)
 	return true
 }
 // WriteJSONResponse sets the content-type header in w.Header() to
 // "application/json", encodes resp to w, calls Error on any returned error, and
 // returns it as well.
 func WriteJSONResponse(w http.ResponseWriter, r *http.Request, resp any) (err error) {
 	w.Header().Set(HdrNameContentType, HdrValApplicationJSON)
 	err = json.NewEncoder(w).Encode(resp)
 	if err != nil {
 		Error(r, w, http.StatusInternalServerError, "encoding resp: %s", err)
 	}
 	return err
 }
--- a/internal/aghhttp/header.go
+++ b/internal/aghhttp/header.go
@ -8,8 +8,8 @@ package aghhttp
 const (
 	HdrNameAcceptEncoding           = "Accept-Encoding"
 	HdrNameAccessControlAllowOrigin = "Access-Control-Allow-Origin"
 	HdrNameContentType              = "Content-Type"
 	HdrNameContentEncoding          = "Content-Encoding"
 	HdrNameContentType              = "Content-Type"
 	HdrNameServer                   = "Server"
 	HdrNameTrailer                  = "Trailer"
 	HdrNameUserAgent                = "User-Agent"
@ -18,4 +18,5 @@ const (
 // HTTP header value constants.
 const (
 	HdrValApplicationJSON = "application/json"
 	HdrValTextPlain       = "text/plain"
 )
--- a/internal/aghnet/arpdb_bsd.go
+++ b/internal/aghnet/arpdb_bsd.go
@ -1,5 +1,4 @@
 //go:build darwin || freebsd
 // +build darwin freebsd
 package aghnet
--- a/internal/aghnet/arpdb_bsd_test.go
+++ b/internal/aghnet/arpdb_bsd_test.go
@ -1,5 +1,4 @@
 //go:build darwin || freebsd
 // +build darwin freebsd
 package aghnet
--- a/internal/aghnet/arpdb_linux.go
+++ b/internal/aghnet/arpdb_linux.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghnet
--- a/internal/aghnet/arpdb_linux_test.go
+++ b/internal/aghnet/arpdb_linux_test.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghnet
--- a/internal/aghnet/arpdb_openbsd.go
+++ b/internal/aghnet/arpdb_openbsd.go
@ -1,5 +1,4 @@
 //go:build openbsd
 // +build openbsd
 package aghnet
--- a/internal/aghnet/arpdb_openbsd_test.go
+++ b/internal/aghnet/arpdb_openbsd_test.go
@ -1,5 +1,4 @@
 //go:build openbsd
 // +build openbsd
 package aghnet
--- a/internal/aghnet/arpdb_windows.go
+++ b/internal/aghnet/arpdb_windows.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghnet
--- a/internal/aghnet/arpdb_windows_test.go
+++ b/internal/aghnet/arpdb_windows_test.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghnet
--- a/internal/aghnet/dhcp_unix.go
+++ b/internal/aghnet/dhcp_unix.go
@ -1,5 +1,4 @@
-//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
+//go:build darwin || freebsd || linux || openbsd
 // +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
 package aghnet
--- a/internal/aghnet/dhcp_windows.go
+++ b/internal/aghnet/dhcp_windows.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghnet
--- a/internal/aghnet/hostscontainer_linux.go
+++ b/internal/aghnet/hostscontainer_linux.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghnet
--- a/internal/aghnet/hostscontainer_others.go
+++ b/internal/aghnet/hostscontainer_others.go
@ -1,5 +1,4 @@
 //go:build !(windows || linux)
 // +build !windows,!linux
 package aghnet
--- a/internal/aghnet/hostscontainer_windows.go
+++ b/internal/aghnet/hostscontainer_windows.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghnet
--- a/internal/aghnet/interfaces_linux.go
+++ b/internal/aghnet/interfaces_linux.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghnet
--- a/internal/aghnet/interfaces_unix.go
+++ b/internal/aghnet/interfaces_unix.go
@ -1,5 +1,4 @@
-//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd || solaris
+//go:build darwin || freebsd || openbsd
 // +build aix darwin dragonfly freebsd netbsd openbsd solaris
 package aghnet
--- a/internal/aghnet/interfaces_windows.go
+++ b/internal/aghnet/interfaces_windows.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghnet
--- a/internal/aghnet/ipset_linux.go
+++ b/internal/aghnet/ipset_linux.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghnet
@ -19,15 +18,9 @@ import (
 // How to test on a real Linux machine:
 //
-// 1.  Run:
+//  1. Run "sudo ipset create example_set hash:ip family ipv4".
 //
-//   sudo ipset create example_set hash:ip family ipv4
+//  2. Run "sudo ipset list example_set".  The Members field should be empty.
 //
 // 2.  Run:
 //
 //   sudo ipset list example_set
 //
 // The Members field should be empty.
 //
 //  3. Add the line "example.com/example_set" to your AdGuardHome.yaml.
 //
@ -35,11 +28,8 @@ import (
 //
 //  5. Make requests to example.com and its subdomains.
 //
-// 6.  Run:
+//  6. Run "sudo ipset list example_set".  The Members field should contain the
-//
+//     resolved IP addresses.
 //   sudo ipset list example_set
 //
 // The Members field should contain the resolved IP addresses.
 // newIpsetMgr returns a new Linux ipset manager.
 func newIpsetMgr(ipsetConf []string) (set IpsetManager, err error) {
--- a/internal/aghnet/ipset_linux_test.go
+++ b/internal/aghnet/ipset_linux_test.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghnet
--- a/internal/aghnet/ipset_others.go
+++ b/internal/aghnet/ipset_others.go
@ -1,5 +1,4 @@
 //go:build !linux
 // +build !linux
 package aghnet
--- a/internal/aghnet/net_bsd.go
+++ b/internal/aghnet/net_bsd.go
@ -1,5 +1,4 @@
 //go:build darwin || freebsd || openbsd
 // +build darwin freebsd openbsd
 package aghnet
--- a/internal/aghnet/net_darwin.go
+++ b/internal/aghnet/net_darwin.go
@ -1,5 +1,4 @@
 //go:build darwin
 // +build darwin
 package aghnet
--- a/internal/aghnet/net_freebsd.go
+++ b/internal/aghnet/net_freebsd.go
@ -1,5 +1,4 @@
 //go:build freebsd
 // +build freebsd
 package aghnet
--- a/internal/aghnet/net_freebsd_test.go
+++ b/internal/aghnet/net_freebsd_test.go
@ -1,5 +1,4 @@
 //go:build freebsd
 // +build freebsd
 package aghnet
--- a/internal/aghnet/net_linux.go
+++ b/internal/aghnet/net_linux.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghnet
--- a/internal/aghnet/net_linux_test.go
+++ b/internal/aghnet/net_linux_test.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghnet
--- a/internal/aghnet/net_openbsd.go
+++ b/internal/aghnet/net_openbsd.go
@ -1,5 +1,4 @@
 //go:build openbsd
 // +build openbsd
 package aghnet
--- a/internal/aghnet/net_openbsd_test.go
+++ b/internal/aghnet/net_openbsd_test.go
@ -1,5 +1,4 @@
 //go:build openbsd
 // +build openbsd
 package aghnet
--- a/internal/aghnet/net_unix.go
+++ b/internal/aghnet/net_unix.go
@ -1,5 +1,4 @@
-//go:build openbsd || freebsd || linux || darwin
+//go:build darwin || freebsd || linux || openbsd
 // +build openbsd freebsd linux darwin
 package aghnet
--- a/internal/aghnet/net_windows.go
+++ b/internal/aghnet/net_windows.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghnet
--- a/internal/aghnet/systemresolvers_others.go
+++ b/internal/aghnet/systemresolvers_others.go
@ -1,5 +1,4 @@
 //go:build !windows
 // +build !windows
 package aghnet
--- a/internal/aghnet/systemresolvers_others_test.go
+++ b/internal/aghnet/systemresolvers_others_test.go
@ -1,5 +1,4 @@
 //go:build !windows
 // +build !windows
 package aghnet
--- a/internal/aghnet/systemresolvers_windows.go
+++ b/internal/aghnet/systemresolvers_windows.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghnet
--- a/internal/aghnet/systemresolvers_windows_test.go
+++ b/internal/aghnet/systemresolvers_windows_test.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghnet
--- a/internal/aghos/endian_big.go
+++ b/internal/aghos/endian_big.go
@ -1,5 +1,4 @@
 //go:build mips || mips64
 // +build mips mips64
 // This file is an adapted version of github.com/josharian/native.
--- a/internal/aghos/endian_little.go
+++ b/internal/aghos/endian_little.go
@ -1,5 +1,4 @@
 //go:build amd64 || 386 || arm || arm64 || mipsle || mips64le || ppc64le
 // +build amd64 386 arm arm64 mipsle mips64le ppc64le
 // This file is an adapted version of github.com/josharian/native.
--- a/internal/aghos/os_bsd.go
+++ b/internal/aghos/os_bsd.go
@ -1,5 +1,4 @@
-//go:build darwin || netbsd || openbsd
+//go:build darwin || openbsd
 // +build darwin netbsd openbsd
 package aghos
--- a/internal/aghos/os_freebsd.go
+++ b/internal/aghos/os_freebsd.go
@ -1,5 +1,4 @@
 //go:build freebsd
 // +build freebsd
 package aghos
--- a/internal/aghos/os_linux.go
+++ b/internal/aghos/os_linux.go
@ -1,5 +1,4 @@
 //go:build linux
 // +build linux
 package aghos
--- a/internal/aghos/os_unix.go
+++ b/internal/aghos/os_unix.go
@ -1,5 +1,4 @@
 //go:build darwin || freebsd || linux || openbsd
 // +build darwin freebsd linux openbsd
 package aghos
--- a/internal/aghos/os_windows.go
+++ b/internal/aghos/os_windows.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghos
--- a/internal/aghos/syslog_others.go
+++ b/internal/aghos/syslog_others.go
@ -1,5 +1,4 @@
-//go:build !(windows || plan9)
+//go:build !windows
 // +build !windows,!plan9
 package aghos
--- a/internal/aghos/syslog_windows.go
+++ b/internal/aghos/syslog_windows.go
@ -1,5 +1,4 @@
-//go:build windows || plan9
+//go:build windows
 // +build windows plan9
 package aghos
--- a/internal/aghos/user_unix.go
+++ b/internal/aghos/user_unix.go
@ -1,5 +1,4 @@
-//go:build darwin || freebsd || linux || netbsd || openbsd
+//go:build darwin || freebsd || linux || openbsd
 // +build darwin freebsd linux netbsd openbsd
 package aghos
--- a/internal/aghos/user_windows.go
+++ b/internal/aghos/user_windows.go
@ -1,5 +1,4 @@
 //go:build windows
 // +build windows
 package aghos
--- a/internal/dhcpd/broadcast_bsd.go
+++ b/internal/dhcpd/broadcast_bsd.go
@ -1,5 +1,4 @@
 //go:build freebsd || openbsd
 // +build freebsd openbsd
 package dhcpd
@ -10,11 +9,10 @@ import (
 // broadcast sends resp to the broadcast address specific for network interface.
 func (c *dhcpConn) broadcast(respData []byte, peer *net.UDPAddr) (n int, err error) {
 	// Despite the fact that server4.NewIPv4UDPConn explicitly sets socket
-	// options to allow broadcasting, it also binds the connection to a
+	// options to allow broadcasting, it also binds the connection to a specific
-	// specific interface.  On FreeBSD and OpenBSD net.UDPConn.WriteTo
+	// interface.  On FreeBSD and OpenBSD net.UDPConn.WriteTo causes errors
-	// causes errors while writing to the addresses that belong to another
+	// while writing to the addresses that belong to another interface.  So, use
-	// interface.  So, use the broadcast address specific for the interface
+	// the broadcast address specific for the interface bound.
 	// bound.
 	peer.IP = c.bcastIP
 	return c.udpConn.WriteTo(respData, peer)
--- a/internal/dhcpd/broadcast_bsd_test.go
+++ b/internal/dhcpd/broadcast_bsd_test.go
@ -1,5 +1,4 @@
 //go:build freebsd || openbsd
 // +build freebsd openbsd
 package dhcpd
--- a/internal/dhcpd/broadcast_others.go
+++ b/internal/dhcpd/broadcast_others.go
@ -1,5 +1,4 @@
-//go:build aix || darwin || dragonfly || linux || netbsd || solaris
+//go:build darwin || linux
 // +build aix darwin dragonfly linux netbsd solaris
 package dhcpd
--- a/internal/dhcpd/broadcast_others_test.go
+++ b/internal/dhcpd/broadcast_others_test.go
@ -1,5 +1,4 @@
-//go:build aix || darwin || dragonfly || linux || netbsd || solaris
+//go:build darwin || linux
 // +build aix darwin dragonfly linux netbsd solaris
 package dhcpd
--- a/internal/dhcpd/config.go
+++ b/internal/dhcpd/config.go
@ -1,10 +1,40 @@
 package dhcpd
 import (
 	"fmt"
 	"net"
 	"time"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/netutil"
 )
 // ServerConfig is the configuration for the DHCP server.  The order of YAML
 // fields is important, since the YAML configuration file follows it.
 type ServerConfig struct {
 	// Called when the configuration is changed by HTTP request
 	ConfigModified func() `yaml:"-"`
 	// Register an HTTP handler
 	HTTPRegister aghhttp.RegisterFunc `yaml:"-"`
 	Enabled       bool   `yaml:"enabled"`
 	InterfaceName string `yaml:"interface_name"`
 	// LocalDomainName is the domain name used for DHCP hosts.  For example,
 	// a DHCP client with the hostname "myhost" can be addressed as "myhost.lan"
 	// when LocalDomainName is "lan".
 	LocalDomainName string `yaml:"local_domain_name"`
 	Conf4 V4ServerConf `yaml:"dhcpv4"`
 	Conf6 V6ServerConf `yaml:"dhcpv6"`
 	WorkDir    string `yaml:"-"`
 	DBFilePath string `yaml:"-"`
 }
 // DHCPServer - DHCP server interface
 type DHCPServer interface {
 	// ResetLeases resets leases.
@ -80,6 +110,86 @@ type V4ServerConf struct {
 	notify func(uint32)
 }
 // errNilConfig is an error returned by validation method if the config is nil.
 const errNilConfig errors.Error = "nil config"
 // ensureV4 returns a 4-byte version of ip.  An error is returned if the passed
 // ip is not an IPv4.
 func ensureV4(ip net.IP) (ip4 net.IP, err error) {
 	if ip == nil {
 		return nil, fmt.Errorf("%v is not an IP address", ip)
 	}
 	ip4 = ip.To4()
 	if ip4 == nil {
 		return nil, fmt.Errorf("%v is not an IPv4 address", ip)
 	}
 	return ip4, nil
 }
 // Validate returns an error if c is not a valid configuration.
 //
 // TODO(e.burkov):  Don't set the config fields when the server itself will stop
 // containing the config.
 func (c *V4ServerConf) Validate() (err error) {
 	defer func() { err = errors.Annotate(err, "dhcpv4: %w") }()
 	if c == nil {
 		return errNilConfig
 	}
 	var gatewayIP net.IP
 	gatewayIP, err = ensureV4(c.GatewayIP)
 	if err != nil {
 		// Don't wrap an errors since it's inforative enough as is and there is
 		// an annotation deferred already.
 		return err
 	}
 	if c.SubnetMask == nil {
 		return fmt.Errorf("invalid subnet mask: %v", c.SubnetMask)
 	}
 	subnetMask := net.IPMask(netutil.CloneIP(c.SubnetMask.To4()))
 	c.subnet = &net.IPNet{
 		IP:   gatewayIP,
 		Mask: subnetMask,
 	}
 	c.broadcastIP = aghnet.BroadcastFromIPNet(c.subnet)
 	c.ipRange, err = newIPRange(c.RangeStart, c.RangeEnd)
 	if err != nil {
 		// Don't wrap an errors since it's inforative enough as is and there is
 		// an annotation deferred already.
 		return err
 	}
 	if c.ipRange.contains(gatewayIP) {
 		return fmt.Errorf("gateway ip %v in the ip range: %v-%v",
 			gatewayIP,
 			c.RangeStart,
 			c.RangeEnd,
 		)
 	}
 	if !c.subnet.Contains(c.RangeStart) {
 		return fmt.Errorf("range start %v is outside network %v",
 			c.RangeStart,
 			c.subnet,
 		)
 	}
 	if !c.subnet.Contains(c.RangeEnd) {
 		return fmt.Errorf("range end %v is outside network %v",
 			c.RangeEnd,
 			c.subnet,
 		)
 	}
 	return nil
 }
 // V6ServerConf - server configuration
 type V6ServerConf struct {
 	Enabled       bool   `yaml:"-" json:"-"`
--- a/internal/dhcpd/conn_unix.go
+++ b/internal/dhcpd/conn_unix.go
@ -1,5 +1,4 @@
-//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
+//go:build darwin || freebsd || linux || openbsd
 // +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
 package dhcpd
--- a/Show more
+++ b/Show more