From 9ed84ff7172841063d8b4668d01e047f6ad499f6 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Mar 2019 02:13:33 +0100 Subject: [PATCH] Do not mark cached PTR queries as externally blocked even if NXDOMAIN (#543) * Add debug logging for externally blocked domains Signed-off-by: DL6ER * Also output which domain was queries in debug output Signed-off-by: DL6ER * Do not mark PTR requests as externally blocked. Add new DEBUG_EXTBLOCKED flag. Signed-off-by: DL6ER * Improve new DEBUG_EXTBLOCKED messages. Signed-off-by: DL6ER * Domain -> Answer Signed-off-by: DL6ER --- FTL.h | 1 + config.c | 7 ++++++ dnsmasq_interface.c | 59 +++++++++++++++++++++++++++++++++++++++------ 3 files changed, 60 insertions(+), 7 deletions(-) diff --git a/FTL.h b/FTL.h index b5de3e876..7c2cf88c7 100644 --- a/FTL.h +++ b/FTL.h @@ -103,6 +103,7 @@ enum { DEBUG_REGEX = (1 << 8), /* 00000001 00000000 */ DEBUG_API = (1 << 9), /* 00000010 00000000 */ DEBUG_OVERTIME = (1 << 10), /* 00000100 00000000 */ + DEBUG_EXTBLOCKED = (1 << 11), /* 00001000 00000000 */ }; // Database table "ftl" diff --git a/config.c b/config.c index 5664f3c59..a2f68ba9d 100644 --- a/config.c +++ b/config.c @@ -588,6 +588,12 @@ void read_debuging_settings(FILE *fp) if(buffer != NULL && strcasecmp(buffer, "true") == 0) config.debug |= DEBUG_OVERTIME; + // DEBUG_EXTBLOCKED + // defaults to: false + buffer = parse_FTLconf(fp, "DEBUG_EXTBLOCKED"); + if(buffer != NULL && strcasecmp(buffer, "true") == 0) + config.debug |= DEBUG_EXTBLOCKED; + // DEBUG_ALL // defaults to: false buffer = parse_FTLconf(fp, "DEBUG_ALL"); @@ -609,6 +615,7 @@ void read_debuging_settings(FILE *fp) logg("* DEBUG_REGEX %s *", (config.debug & DEBUG_REGEX)? "YES":"NO "); logg("* DEBUG_API %s *", (config.debug & DEBUG_API)? "YES":"NO "); logg("* DEBUG_OVERTIME %s *", (config.debug & DEBUG_OVERTIME)? "YES":"NO "); + logg("* DEBUG_EXTBLOCKED %s *", (config.debug & DEBUG_EXTBLOCKED)? "YES":"NO "); logg("************************"); } diff --git a/dnsmasq_interface.c b/dnsmasq_interface.c index 36077e123..7b396cc49 100644 --- a/dnsmasq_interface.c +++ b/dnsmasq_interface.c @@ -115,7 +115,10 @@ void _FTL_new_query(unsigned int flags, char *name, struct all_addr *addr, char // Log new query if in debug mode const char *proto = (type == UDP) ? "UDP" : "TCP"; if(config.debug & DEBUG_QUERIES) - logg("**** new %s %s \"%s\" from %s (ID %i, FTL %i, %s:%i)", proto, types, domain, client, id, queryID, file, line); + { + logg("**** new %s %s \"%s\" from %s (ID %i, FTL %i, %s:%i)", + proto, types, domain, client, id, queryID, file, line); + } // Update counters counters->querytype[querytype-1]++; @@ -518,10 +521,23 @@ void _FTL_reply(unsigned short flags, char *name, struct all_addr *addr, int id, static void detect_blocked_IP(unsigned short flags, const char* answer, int queryID) { - // Skip replies which originated locally. Otherwise, we would count - // gravity.list blocked queries as externally blocked. if(flags & F_HOSTS) { + // Skip replies which originated locally. Otherwise, we would + // count gravity.list blocked queries as externally blocked. + if(config.debug & DEBUG_EXTBLOCKED) + { + logg("Skipping detection of external blocking IP for ID %i as origin is HOSTS", queryID); + } + return; + } + else if(flags & F_REVERSE) + { + // Do not mark responses of PTR requests as externally blocked. + if(config.debug & DEBUG_EXTBLOCKED) + { + logg("Skipping detection of external blocking IP for ID %i as query is PTR", queryID); + } return; } @@ -538,7 +554,14 @@ static void detect_blocked_IP(unsigned short flags, const char* answer, int quer strcmp("146.112.61.109", answer) == 0 || strcmp("146.112.61.110", answer) == 0 )) { - query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_IP); + if(config.debug & DEBUG_EXTBLOCKED) + { + logg("Upstream responded with known blocking page (IPv4), ID %i:\n\t\"%s\" -> \"%s\"", + queryID, getstr(domains[queryID].domainpos), answer); + } + + // Update status + query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_IP); } else if(flags & F_IPV6 && answer != NULL && @@ -550,7 +573,14 @@ static void detect_blocked_IP(unsigned short flags, const char* answer, int quer strcmp("::ffff:146.112.61.109", answer) == 0 || strcmp("::ffff:146.112.61.110", answer) == 0 )) { - query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_IP); + if(config.debug & DEBUG_EXTBLOCKED) + { + logg("Upstream responded with known blocking page (IPv6), ID %i:\n\t\"%s\" -> \"%s\"", + queryID, getstr(domains[queryID].domainpos), answer); + } + + // Update status + query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_IP); } // If upstream replied with 0.0.0.0 or ::, @@ -559,13 +589,27 @@ static void detect_blocked_IP(unsigned short flags, const char* answer, int quer else if(flags & F_IPV4 && answer != NULL && strcmp("0.0.0.0", answer) == 0) { - query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_NULL); + if(config.debug & DEBUG_EXTBLOCKED) + { + logg("Upstream responded with 0.0.0.0, ID %i:\n\t\"%s\" -> \"%s\"", + queryID, getstr(domains[queryID].domainpos), answer); + } + + // Update status + query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_NULL); } else if(flags & F_IPV6 && answer != NULL && strcmp("::", answer) == 0) { - query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_NULL); + if(config.debug & DEBUG_EXTBLOCKED) + { + logg("Upstream responded with ::, ID %i:\n\t\"%s\" -> \"%s\"", + queryID, getstr(domains[queryID].domainpos), answer); + } + + // Update status + query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_NULL); } } @@ -597,6 +641,7 @@ static void query_externally_blocked(int i, unsigned char status) validate_access("clients", queries[i].clientID, true, __LINE__, __FUNCTION__, __FILE__); clients[queries[i].clientID].blockedcount++; + // Update status queries[i].status = status; }