Skip to content

Commit

Permalink
Merge branch 'master' into 6312-client-ipv6-zone
Browse files Browse the repository at this point in the history
  • Loading branch information
schzhn committed Apr 24, 2024
2 parents 6f4d58f + 60f48e2 commit 922a14b
Show file tree
Hide file tree
Showing 8 changed files with 33 additions and 22 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ NOTE: Add new changes BELOW THIS COMMENT.

### Changed

- Private rDNS resolution now also affects `SOA` and `NS` requests ([#6882]).
- Rewrite rules mechanics was changed due to improve resolving in safe search.

### Fixed
Expand All @@ -53,6 +54,7 @@ NOTE: Add new changes BELOW THIS COMMENT.
[#6312]: https://github.com/AdguardTeam/AdGuardHome/issues/6312
[#6854]: https://github.com/AdguardTeam/AdGuardHome/issues/6854
[#6875]: https://github.com/AdguardTeam/AdGuardHome/issues/6875
[#6882]: https://github.com/AdguardTeam/AdGuardHome/issues/6882

<!--
NOTE: Add new changes ABOVE THIS COMMENT.
Expand Down
4 changes: 2 additions & 2 deletions client/src/__locales/en.json
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,14 @@
"fallback_dns_desc": "List of fallback DNS servers used when upstream DNS servers are not responding. The syntax is the same as in the main upstreams field above.",
"fallback_dns_placeholder": "Enter one fallback DNS server per line",
"local_ptr_title": "Private reverse DNS servers",
"local_ptr_desc": "The DNS servers that AdGuard Home uses for local PTR queries. These servers are used to resolve PTR requests for addresses in private IP ranges, for example \"192.168.12.34\", using reverse DNS. If not set, AdGuard Home uses the addresses of the default DNS resolvers of your OS except for the addresses of AdGuard Home itself.",
"local_ptr_desc": "The DNS servers that AdGuard Home uses for private PTR, SOA, and NS queries. The request is considered private if it asks for ARPA domain containing a subnet within private IP ranges, for example \"192.168.12.34\", and came from a client with private address. If not set, AdGuard Home uses the addresses of the default DNS resolvers of your OS except for the addresses of AdGuard Home itself.",
"local_ptr_default_resolver": "By default, AdGuard Home uses the following reverse DNS resolvers: {{ip}}.",
"local_ptr_no_default_resolver": "AdGuard Home could not determine suitable private reverse DNS resolvers for this system.",
"local_ptr_placeholder": "Enter one IP address per line",
"resolve_clients_title": "Enable reverse resolving of clients' IP addresses",
"resolve_clients_desc": "Reversely resolve clients' IP addresses into their hostnames by sending PTR queries to corresponding resolvers (private DNS servers for local clients, upstream servers for clients with public IP addresses).",
"use_private_ptr_resolvers_title": "Use private reverse DNS resolvers",
"use_private_ptr_resolvers_desc": "Perform reverse DNS lookups for locally served addresses using these upstream servers. If disabled, AdGuard Home responds with NXDOMAIN to all such PTR requests except for clients known from DHCP, /etc/hosts, and so on.",
"use_private_ptr_resolvers_desc": "Resolve PTR, SOA, and NS requests for ARPA domains containing private addresses using private upstream servers, DHCP, /etc/hosts, and so on. If disabled, AdGuard Home responds with NXDOMAIN to all such queries.",
"check_dhcp_servers": "Check for DHCP servers",
"save_config": "Save configuration",
"enabled_dhcp": "DHCP server enabled",
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ module github.com/AdguardTeam/AdGuardHome
go 1.22.2

require (
github.com/AdguardTeam/dnsproxy v0.69.2
github.com/AdguardTeam/dnsproxy v0.70.0
github.com/AdguardTeam/golibs v0.23.2
github.com/AdguardTeam/urlfilter v0.18.0
github.com/NYTimes/gziphandler v1.1.1
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
github.com/AdguardTeam/dnsproxy v0.69.2 h1:/qnjEILMIM7koAIcy+ZB19lb+PSZjJWKjxuGyqVVpp0=
github.com/AdguardTeam/dnsproxy v0.69.2/go.mod h1:zpA9eBxakSyjKC/bUac+UPSYTp/Q43aOmNlBV2/D6ug=
github.com/AdguardTeam/dnsproxy v0.70.0 h1:lwPQ+pfyCuorrP6RS90K628bRn8uvvTlnRyQuLKnf2o=
github.com/AdguardTeam/dnsproxy v0.70.0/go.mod h1:zpA9eBxakSyjKC/bUac+UPSYTp/Q43aOmNlBV2/D6ug=
github.com/AdguardTeam/golibs v0.23.2 h1:rMjYantwtQ39e8G4zBQ6ZLlm4s3XH30Bc9VxhoOHwao=
github.com/AdguardTeam/golibs v0.23.2/go.mod h1:o9i55Sx6v7qogRQeqaBfmLbC/pZqeMBWi015U5PTDY0=
github.com/AdguardTeam/urlfilter v0.18.0 h1:ZZzwODC/ADpjJSODxySrrUnt/fvOCfGFaCW6j+wsGfQ=
Expand Down
9 changes: 6 additions & 3 deletions internal/dnsforward/process.go
Original file line number Diff line number Diff line change
Expand Up @@ -380,8 +380,12 @@ func (s *Server) processDHCPAddrs(dctx *dnsContext) (rc resultCode) {
return resultCodeSuccess
}

req := pctx.Req
q := req.Question[0]
pref := pctx.RequestedPrivateRDNS
if pref == (netip.Prefix{}) {
// TODO(e.burkov): Consider answering authoritatively for SOA and NS
// queries.
if pref == (netip.Prefix{}) || q.Qtype != dns.TypePTR {
return resultCodeSuccess
}

Expand All @@ -393,11 +397,10 @@ func (s *Server) processDHCPAddrs(dctx *dnsContext) (rc resultCode) {

log.Debug("dnsforward: dhcp client %s is %q", addr, host)

req := pctx.Req
resp := s.replyCompressed(req)
ptr := &dns.PTR{
Hdr: dns.RR_Header{
Name: req.Question[0].Name,
Name: q.Name,
Rrtype: dns.TypePTR,
// TODO(e.burkov): Use [dhcpsvc.Lease.Expiry]. See
// https://github.com/AdguardTeam/AdGuardHome/issues/3932.
Expand Down
23 changes: 16 additions & 7 deletions internal/home/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -203,15 +203,24 @@ type dnsConfig struct {
// resolver should be used.
PrivateNets []netutil.Prefix `yaml:"private_networks"`

// UsePrivateRDNS defines if the PTR requests for unknown addresses from
// locally-served networks should be resolved via private PTR resolvers.
// UsePrivateRDNS enables resolving requests containing a private IP address
// using private reverse DNS resolvers. See PrivateRDNSResolvers.
//
// TODO(e.burkov): Rename in YAML.
UsePrivateRDNS bool `yaml:"use_private_ptr_resolvers"`

// LocalPTRResolvers is the slice of addresses to be used as upstreams
// for PTR queries for locally-served networks.
LocalPTRResolvers []string `yaml:"local_ptr_upstreams"`
// PrivateRDNSResolvers is the slice of addresses to be used as upstreams
// for private requests. It's only used for PTR, SOA, and NS queries,
// containing an ARPA subdomain, came from the the client with private
// address. The address considered private according to PrivateNets.
//
// If empty, the OS-provided resolvers are used for private requests.
PrivateRDNSResolvers []string `yaml:"local_ptr_upstreams"`

// UseDNS64 defines if DNS64 should be used for incoming requests.
// UseDNS64 defines if DNS64 should be used for incoming requests. Requests
// of type PTR for addresses within the configured prefixes will be resolved
// via [PrivateRDNSResolvers], so those should be valid and UsePrivateRDNS
// be set to true.
UseDNS64 bool `yaml:"use_dns64"`

// DNS64Prefixes is the list of NAT64 prefixes to be used for DNS64.
Expand Down Expand Up @@ -658,7 +667,7 @@ func (c *configuration) write() (err error) {
dns := &config.DNS
dns.Config = c

dns.LocalPTRResolvers = s.LocalPTRResolvers()
dns.PrivateRDNSResolvers = s.LocalPTRResolvers()

addrProcConf := s.AddrProcConfig()
config.Clients.Sources.RDNS = addrProcConf.UseRDNS
Expand Down
2 changes: 1 addition & 1 deletion internal/home/dns.go
Original file line number Diff line number Diff line change
Expand Up @@ -241,7 +241,7 @@ func newServerConfig(
TLSv12Roots: Context.tlsRoots,
ConfigModified: onConfigModified,
HTTPRegister: httpReg,
LocalPTRResolvers: dnsConf.LocalPTRResolvers,
LocalPTRResolvers: dnsConf.PrivateRDNSResolvers,
UseDNS64: dnsConf.UseDNS64,
DNS64Prefixes: dnsConf.DNS64Prefixes,
UsePrivateRDNS: dnsConf.UsePrivateRDNS,
Expand Down
9 changes: 3 additions & 6 deletions internal/home/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -649,11 +649,6 @@ status() {

// freeBSDScript is the source of the daemon script for FreeBSD. Keep as close
// as possible to the https://github.com/kardianos/service/blob/18c957a3dc1120a2efe77beb401d476bade9e577/service_freebsd.go#L204.
//
// TODO(a.garipov): Don't use .WorkingDirectory here. There are currently no
// guarantees that it will actually be the required directory.
//
// See https://github.com/AdguardTeam/AdGuardHome/issues/2614.
const freeBSDScript = `#!/bin/sh
# PROVIDE: {{.Name}}
# REQUIRE: networking
Expand All @@ -667,7 +662,9 @@ name="{{.Name}}"
pidfile_child="/var/run/${name}.pid"
pidfile="/var/run/${name}_daemon.pid"
command="/usr/sbin/daemon"
command_args="-P ${pidfile} -p ${pidfile_child} -T ${name} -r {{.WorkingDirectory}}/{{.Name}}"
daemon_args="-P ${pidfile} -p ${pidfile_child} -r -t ${name}"
command_args="${daemon_args} {{.Path}}{{range .Arguments}} {{.}}{{end}}"
run_rc_command "$1"
`

Expand Down

0 comments on commit 922a14b

Please sign in to comment.