a/badguardhome
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge: DNS settings: add "disable_ipv6"

Browse Source 
Closes #473

* commit 'b91753e746c421b0e2bc82e2c2dd5aeb169a5406':
  + client: handle Disable IPv6 setting
  + dns: add "aaaa_disabled" setting
This commit is contained in:
Ildar Kamalov 2020-01-16 10:42:44 +03:00
commit b046da5db3
7 changed files with 35 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
AGHTechDoc.md
View File

@ -823,6 +823,7 @@ Response:
"blocking_ipv4": "1.2.3.4", "blocking_ipv4": "1.2.3.4",
"blocking_ipv6": "1:2:3::4", "blocking_ipv6": "1:2:3::4",
"edns_cs_enabled": true | false, "edns_cs_enabled": true | false,
"disable_ipv6": true | false,
} }
@ -839,6 +840,7 @@ Request:
"blocking_ipv4": "1.2.3.4", "blocking_ipv4": "1.2.3.4",
"blocking_ipv6": "1:2:3::4", "blocking_ipv6": "1:2:3::4",
"edns_cs_enabled": true | false, "edns_cs_enabled": true | false,
"disable_ipv6": true | false,
} }
Response: Response:

6
client/src/__locales/en.json
View File

@ -431,5 +431,7 @@
"try_again": "Try again", "try_again": "Try again",
"domain_desc": "Enter the domain name or wildcard you want to be rewritten.", "domain_desc": "Enter the domain name or wildcard you want to be rewritten.",
"example_rewrite_domain": "rewrite responses for this domain name only.", "example_rewrite_domain": "rewrite responses for this domain name only.",
"example_rewrite_wildcard": "rewrite responses for all <0>example.org</0> subdomains." "example_rewrite_wildcard": "rewrite responses for all <0>example.org</0> subdomains.",
} "disable_ipv6": "Disable IPv6",
"disable_ipv6_desc": "If this feature is enabled, all DNS queries for IPv6 addresses (type AAAA) will be dropped."
}

12
client/src/components/Settings/Dns/Config/Form.js
View File

@ -65,6 +65,18 @@ let Form = ({
/> />
</div> </div>
</div> </div>
<div className="col-12">
<div className="form__group form__group--settings">
<Field
name="disable_ipv6"
type="checkbox"
component={renderSelectField}
placeholder={t('disable_ipv6')}
disabled={processing}
subtitle={t('disable_ipv6_desc')}
/>
</div>
</div>
<div className="col-12"> <div className="col-12">
<div className="form__group form__group--settings mb-4"> <div className="form__group form__group--settings mb-4">
<label className="form__label form__label--with-desc"> <label className="form__label form__label--with-desc">

2
client/src/components/Settings/Dns/Config/index.js
View File

@ -16,6 +16,7 @@ const Config = ({ t, dnsConfig, setDnsConfig }) => {
blocking_ipv4, blocking_ipv4,
blocking_ipv6, blocking_ipv6,
edns_cs_enabled, edns_cs_enabled,
disable_ipv6,
processingSetConfig, processingSetConfig,
} = dnsConfig; } = dnsConfig;
@ -33,6 +34,7 @@ const Config = ({ t, dnsConfig, setDnsConfig }) => {
blocking_ipv4, blocking_ipv4,
blocking_ipv6, blocking_ipv6,
edns_cs_enabled, edns_cs_enabled,
disable_ipv6,
}} }}
onSubmit={handleFormSubmit} onSubmit={handleFormSubmit}
processing={processingSetConfig} processing={processingSetConfig}

1
client/src/reducers/dnsConfig.js
View File

@ -44,6 +44,7 @@ const dnsConfig = handleActions(
blocking_ipv4: DEFAULT_BLOCKING_IPV4, blocking_ipv4: DEFAULT_BLOCKING_IPV4,
blocking_ipv6: DEFAULT_BLOCKING_IPV6, blocking_ipv6: DEFAULT_BLOCKING_IPV6,
edns_cs_enabled: false, edns_cs_enabled: false,
disable_ipv6: false,
}, },
); );

8
dnsforward/dnsforward.go
View File

@ -132,6 +132,9 @@ type FilteringConfig struct {
EnableEDNSClientSubnet bool `yaml:"edns_client_subnet"` // Enable EDNS Client Subnet option EnableEDNSClientSubnet bool `yaml:"edns_client_subnet"` // Enable EDNS Client Subnet option
// Respond with an empty answer to all AAAA requests
AAAADisabled bool `yaml:"aaaa_disabled"`
AllowedClients []string `yaml:"allowed_clients"` // IP addresses of whitelist clients AllowedClients []string `yaml:"allowed_clients"` // IP addresses of whitelist clients
DisallowedClients []string `yaml:"disallowed_clients"` // IP addresses of clients that should be blocked DisallowedClients []string `yaml:"disallowed_clients"` // IP addresses of clients that should be blocked
BlockedHosts []string `yaml:"blocked_hosts"` // hosts that should be blocked BlockedHosts []string `yaml:"blocked_hosts"` // hosts that should be blocked
@ -426,6 +429,11 @@ func (s *Server) beforeRequestHandler(p *proxy.Proxy, d *proxy.DNSContext) (bool
func (s *Server) handleDNSRequest(p *proxy.Proxy, d *proxy.DNSContext) error { func (s *Server) handleDNSRequest(p *proxy.Proxy, d *proxy.DNSContext) error {
start := time.Now() start := time.Now()
if s.conf.AAAADisabled && d.Req.Question[0].Qtype == dns.TypeAAAA {
_ = proxy.CheckDisabledAAAARequest(d, true)
return nil
}
if s.conf.OnDNSRequest != nil { if s.conf.OnDNSRequest != nil {
s.conf.OnDNSRequest(d) s.conf.OnDNSRequest(d)
} }

6
dnsforward/dnsforward_http.go
View File

@ -28,6 +28,7 @@ type dnsConfigJSON struct {
BlockingIPv4 string `json:"blocking_ipv4"` BlockingIPv4 string `json:"blocking_ipv4"`
BlockingIPv6 string `json:"blocking_ipv6"` BlockingIPv6 string `json:"blocking_ipv6"`
EDNSCSEnabled bool `json:"edns_cs_enabled"` EDNSCSEnabled bool `json:"edns_cs_enabled"`
DisableIPv6 bool `json:"disable_ipv6"`
} }
func (s *Server) handleGetConfig(w http.ResponseWriter, r *http.Request) { func (s *Server) handleGetConfig(w http.ResponseWriter, r *http.Request) {
@ -39,6 +40,7 @@ func (s *Server) handleGetConfig(w http.ResponseWriter, r *http.Request) {
resp.BlockingIPv6 = s.conf.BlockingIPv6 resp.BlockingIPv6 = s.conf.BlockingIPv6
resp.RateLimit = s.conf.Ratelimit resp.RateLimit = s.conf.Ratelimit
resp.EDNSCSEnabled = s.conf.EnableEDNSClientSubnet resp.EDNSCSEnabled = s.conf.EnableEDNSClientSubnet
resp.DisableIPv6 = s.conf.AAAADisabled
s.RUnlock() s.RUnlock()
js, err := json.Marshal(resp) js, err := json.Marshal(resp)
@ -117,6 +119,10 @@ func (s *Server) handleSetConfig(w http.ResponseWriter, r *http.Request) {
restart = true restart = true
} }
if js.Exists("disable_ipv6") {
s.conf.AAAADisabled = req.DisableIPv6
}
s.Unlock() s.Unlock()
s.conf.ConfigModified() s.conf.ConfigModified()