From b6dfee64a6c8527237f5ddc13d8868e95dfd928c Mon Sep 17 00:00:00 2001 From: bloved Date: Tue, 12 Jan 2021 00:04:34 +0100 Subject: [PATCH 01/16] - WIP: - new json configuration: added multiple configs, ip groups/ip aliases and timetables - added multiple configurations: - each configuration has his own upstream, singlefilters, doublefilters, blackholeip hostsfile - cache DB is global to all configs - BL downloader and parser is optimized: each BL source is downloaded/parsed only once - TODO: - implement configuration selection based on source IPs and timetables - unused code cleanup --- 00.database.go | 40 +++++++++--- 01.conf.go | 163 ++++++++++++++++++++++++++++++++++++++--------- 01.killfile.go | 20 +++--- adlist_hosts.go | 37 ++++++++--- adlist_single.go | 35 +++++++--- config.json | 49 ++++++++++++-- dns_client.go | 8 ++- dns_handler.go | 10 ++- hostfile.go | 47 +++++++++----- main.go | 47 ++++++++++++++ 10 files changed, 362 insertions(+), 94 deletions(-) diff --git a/00.database.go b/00.database.go index 3f5e82a..62cdd6c 100644 --- a/00.database.go +++ b/00.database.go @@ -7,12 +7,15 @@ import ( "github.com/syndtr/goleveldb/leveldb" ) -//MyZabovKDB is the storage where we'll put domains to block -var MyZabovKDB *leveldb.DB +//MyZabovKDB is the storage where we'll put domains to block (obsolete) +//var MyZabovKDB *leveldb.DB -//MyZabovCDB is the storage where we'll put domains to cache +//MyZabovCDB is the storage where we'll put domains to cache (global for all configs) var MyZabovCDB *leveldb.DB +//MyZabovKDBs is the storage where we'll put domains to block (one for each config) +var MyZabovKDBs map[string]*leveldb.DB + func init() { var err error @@ -20,13 +23,13 @@ func init() { os.RemoveAll("./db") os.MkdirAll("./db", 0755) - - MyZabovKDB, err = leveldb.OpenFile("./db/killfile", nil) - if err != nil { - fmt.Println("Cannot create Killfile db: ", err.Error()) - } else { - fmt.Println("Killfile DB created") - } + /* + MyZabovKDB, err = leveldb.OpenFile("./db/killfile", nil) + if err != nil { + fmt.Println("Cannot create Killfile db: ", err.Error()) + } else { + fmt.Println("Killfile DB created") + }*/ MyZabovCDB, err = leveldb.OpenFile("./db/cache", nil) if err != nil { @@ -35,4 +38,21 @@ func init() { fmt.Println("Cache DB created") } + MyZabovKDBs = map[string]*leveldb.DB{} +} + +// ZabovCreateKDB creates Kill DBs +func ZabovCreateKDB(conf string) { + var err error + + dbname := "./db/killfile_" + conf + KDB, err := leveldb.OpenFile(dbname, nil) + if err != nil { + fmt.Println("Cannot create Killfile db: ", err.Error()) + } else { + fmt.Println("Killfile DB created") + } + + MyZabovKDBs[conf] = KDB + } diff --git a/01.conf.go b/01.conf.go index 45d1cf8..efdbb96 100644 --- a/01.conf.go +++ b/01.conf.go @@ -6,29 +6,16 @@ import ( "io/ioutil" "log" "os" + "strings" "github.com/miekg/dns" ) +type stringarray []string +type urlsMap map[string]stringarray + func init() { - - //ZabovConf describes the Json we use for configuration - type ZabovConf struct { - Zabov struct { - Port string `json:"port"` - Proto string `json:"proto"` - Ipaddr string `json:"ipaddr"` - Upstream string `json:"upstream"` - Cachettl int `json:"cachettl"` - Killfilettl int `json:"killfilettl"` - Singlefilters string `json:"singlefilters"` - Doublefilters string `json:"doublefilters"` - Blackholeip string `json:"blackholeip"` - Hostsfile string `json:"hostsfile"` - } `json:"zabov"` - } - - var MyConf ZabovConf + var MyConfRaw interface{} file, err := ioutil.ReadFile("config.json") @@ -37,26 +24,35 @@ func init() { os.Exit(1) } - err = json.Unmarshal([]byte(file), &MyConf) + err = json.Unmarshal([]byte(file), &MyConfRaw) if err != nil { - log.Println("Cannot marshal json: ", err.Error()) + log.Println("Cannot unmarshal json: ", err.Error()) os.Exit(1) } // now we read configuration file fmt.Println("Reading configuration file...") - ZabovPort := MyConf.Zabov.Port - ZabovType := MyConf.Zabov.Proto - ZabovAddr := MyConf.Zabov.Ipaddr - ZabovUpDNS = MyConf.Zabov.Upstream - ZabovSingleBL = MyConf.Zabov.Singlefilters - ZabovDoubleBL = MyConf.Zabov.Doublefilters - ZabovAddBL = MyConf.Zabov.Blackholeip - ZabovCacheTTL = MyConf.Zabov.Cachettl - ZabovKillTTL = MyConf.Zabov.Killfilettl - ZabovHostsFile = MyConf.Zabov.Hostsfile + MyConf := MyConfRaw.(map[string]interface{}) + + zabov := MyConf["zabov"].(map[string]interface{}) + + ZabovPort := zabov["port"].(string) + ZabovType := zabov["proto"].(string) + ZabovAddr := zabov["ipaddr"].(string) + ZabovCacheTTL = int(zabov["cachettl"].(float64)) + ZabovKillTTL = int(zabov["killfilettl"].(float64)) + + configs := MyConf["configs"].(map[string]interface{}) + + defaultConf := configs["default"].(map[string]interface{}) + + ZabovUpDNS = defaultConf["upstream"].(string) + ZabovSingleBL = defaultConf["singlefilters"].(string) + ZabovDoubleBL = defaultConf["doublefilters"].(string) + ZabovAddBL = defaultConf["blackholeip"].(string) + ZabovHostsFile = defaultConf["hostsfile"].(string) zabovString := ZabovAddr + ":" + ZabovPort @@ -66,4 +62,111 @@ func init() { ZabovDNSArray = fileByLines(ZabovUpDNS) + ZabovConfigs = map[string]ZabovConfig{} + ZabovIPGroups = []ZabovIPGroup{} + ZabovTimetables = map[string]ZabovTimetable{} + ZabovIPAliases = map[string]string{} + ZabovDNSArrays = map[string][]string{} + IPAliasesRaw := MyConf["ipaliases"].(map[string]interface{}) + + for alias, ip := range IPAliasesRaw { + fmt.Println("IP Alias:", alias, ip) + ZabovIPAliases[alias] = ip.(string) + } + + for name, v := range configs { + fmt.Println("evaluaing config name:", name) + confRaw := v.(map[string]interface{}) + var conf ZabovConfig + conf.ZabovUpDNS = confRaw["upstream"].(string) + conf.ZabovSingleBL = confRaw["singlefilters"].(string) + conf.ZabovDoubleBL = confRaw["doublefilters"].(string) + conf.ZabovAddBL = confRaw["blackholeip"].(string) + conf.ZabovHostsFile = confRaw["hostsfile"].(string) + + ZabovDNSArrays[name] = fileByLines(conf.ZabovUpDNS) + ZabovConfigs[name] = conf + if name == "default" { + ZabovConfigDefault = conf + } + ZabovCreateKDB(name) + } + + timetables := MyConf["timetables"].(map[string]interface{}) + + for name, v := range timetables { + fmt.Println("evaluaing timetable name:", name) + timetableRaw := v.(map[string]interface{}) + var timetable ZabovTimetable + + timetable.cfgin = timetableRaw["cfgin"].(string) + timetable.cfgout = timetableRaw["cfgout"].(string) + + if timetable.cfgin == "" { + timetable.cfgin = "default" + } + if timetable.cfgout == "" { + timetable.cfgout = "default" + } + + _, ok := ZabovConfigs[timetable.cfgin] + if !ok { + log.Println("inexistent cfgin:", timetable.cfgin) + os.Exit(1) + } + + _, ok = ZabovConfigs[timetable.cfgout] + if !ok { + log.Println("inexistent cfgout:", timetable.cfgout) + os.Exit(1) + } + + tables := timetableRaw["tables"].([]interface{}) + + for i := range tables { + table := tables[i].(map[string]interface{}) + var ttEntry ZabovTimetableEntry + ttEntry.times = strings.Split(table["times"].(string), ";") + ttEntry.days = strings.Split(table["days"].(string), ";") + timetable.table = append(timetable.table, ttEntry) + } + ZabovTimetables[name] = timetable + } + + IPGroups := MyConf["ipgroups"].([]interface{}) + + fmt.Println("evaluating IP Groups: ", len(IPGroups)) + for i := range IPGroups { + fmt.Println("evaluating IP Group n.", i) + var groupStruct ZabovIPGroup + groupMap := IPGroups[i].(map[string]interface{}) + IPsRaw := groupMap["ips"].([]interface{}) + groupStruct.ips = []string{} + for x := range IPsRaw { + ip := IPsRaw[x].(string) + fmt.Println("adding IP ", ip) + + alias, ok := ZabovIPAliases[ip] + if ok { + fmt.Println("IP alias: ", ip, alias) + ip = alias + } + groupStruct.ips = append(groupStruct.ips, ip) + } + groupStruct.cfg = groupMap["cfg"].(string) + groupStruct.timetable = groupMap["timetable"].(string) + fmt.Println("cfg:", groupStruct.cfg) + fmt.Println("timetable:", groupStruct.timetable) + _, ok := ZabovTimetables[groupStruct.timetable] + if !ok { + log.Println("inexistent timetable:", groupStruct.timetable) + os.Exit(1) + } + ZabovIPGroups = append(ZabovIPGroups, groupStruct) + } + fmt.Println("ZabovConfigs:", ZabovConfigs) + fmt.Println("ZabovTimetables:", ZabovTimetables) + fmt.Println("ZabovIPAliases:", ZabovIPAliases) + fmt.Println("ZabovIPGroups:", ZabovIPGroups) + } diff --git a/01.killfile.go b/01.killfile.go index b5d914b..60f6071 100644 --- a/01.killfile.go +++ b/01.killfile.go @@ -5,11 +5,10 @@ import ( "strings" ) -var zabovKbucket = []byte("killfile") - type killfileItem struct { - Kdomain string - Ksource string + Kdomain string + Ksource string + Kconfigs stringarray } var bChannel chan killfileItem @@ -27,7 +26,9 @@ func bWriteThread() { for item := range bChannel { - writeInKillfile(item.Kdomain, item.Ksource) + for _, config := range item.Kconfigs { + writeInKillfile(item.Kdomain, item.Ksource, config) + } incrementStats("BL domains from "+item.Ksource, 1) incrementStats("TOTAL", 1) @@ -36,7 +37,7 @@ func bWriteThread() { } //DomainKill stores a domain name inside the killfile -func DomainKill(s, durl string) { +func DomainKill(s, durl string, configs stringarray) { if len(s) > 2 { @@ -46,6 +47,7 @@ func DomainKill(s, durl string) { k.Kdomain = s k.Ksource = durl + k.Kconfigs = configs bChannel <- k @@ -53,11 +55,12 @@ func DomainKill(s, durl string) { } -func writeInKillfile(key, value string) { +func writeInKillfile(key, value string, config string) { stK := []byte(key) stV := []byte(value) + MyZabovKDB := MyZabovKDBs[config] err := MyZabovKDB.Put(stK, stV, nil) if err != nil { fmt.Println("Cannot write to Killfile DB: ", err.Error()) @@ -65,10 +68,11 @@ func writeInKillfile(key, value string) { } -func domainInKillfile(domain string) bool { +func domainInKillfile(domain string, config string) bool { s := strings.ToLower(domain) + MyZabovKDB := MyZabovKDBs[config] has, err := MyZabovKDB.Has([]byte(s), nil) if err != nil { fmt.Println("Cannot read from Killfile DB: ", err.Error()) diff --git a/adlist_hosts.go b/adlist_hosts.go index 5e9150d..fc45b74 100644 --- a/adlist_hosts.go +++ b/adlist_hosts.go @@ -16,9 +16,9 @@ func init() { } //DoubleIndexFilter puts the domains inside file -func DoubleIndexFilter(durl string) error { +func DoubleIndexFilter(durl string, configs stringarray) error { - fmt.Println("Retrieving HostFile from: ", durl) + fmt.Println("DoubleIndexFilter: Retrieving HostFile from: ", durl) var err error @@ -59,7 +59,8 @@ func DoubleIndexFilter(durl string) error { } if net.ParseIP(h[0]) != nil { - DomainKill(h[1], durl) + + DomainKill(h[1], durl, configs) // fmt.Println("MATCH: ", h[1]) numLines++ @@ -76,20 +77,38 @@ func DoubleIndexFilter(durl string) error { } -func getDoubleFilters() { +func getDoubleFilters(urls urlsMap) { - s := fileByLines(ZabovDoubleBL) - - for _, a := range s { - DoubleIndexFilter(a) + fmt.Println("getDoubleFilters: downloading all urls:", len(urls)) + for url, configs := range urls { + DoubleIndexFilter(url, configs) } } func downloadDoubleThread() { fmt.Println("Starting updater of DOUBLE lists, each (hours):", ZabovKillTTL) + + _urls := urlsMap{} + for { - getDoubleFilters() + fmt.Println("downloadDoubleThread: collecting urls from all configs...") + for config := range ZabovConfigs { + ZabovDoubleBL := ZabovConfigs[config].ZabovDoubleBL + + s := fileByLines(ZabovDoubleBL) + for _, v := range s { + configs := _urls[v] + if configs == nil { + configs = stringarray{} + _urls[v] = configs + } + configs = append(configs, config) + _urls[v] = configs + } + } + + getDoubleFilters(_urls) time.Sleep(time.Duration(ZabovKillTTL) * time.Hour) } diff --git a/adlist_single.go b/adlist_single.go index 6945c5e..bbdd3fc 100644 --- a/adlist_single.go +++ b/adlist_single.go @@ -14,7 +14,7 @@ func init() { } //SingleIndexFilter puts the domains inside file -func SingleIndexFilter(durl string) error { +func SingleIndexFilter(durl string, configs stringarray) error { fmt.Println("Retrieving DomainFile from: ", durl) @@ -57,7 +57,9 @@ func SingleIndexFilter(durl string) error { } if !strings.Contains(h[0], "#") { - DomainKill(h[0], durl) + + DomainKill(h[0], durl, configs) + // fmt.Println("MATCH: ", h[1]) numLines++ } else { @@ -73,20 +75,37 @@ func SingleIndexFilter(durl string) error { } -func getSingleFilters() { +func getSingleFilters(urls urlsMap) { - s := fileByLines(ZabovSingleBL) - - for _, a := range s { - SingleIndexFilter(a) + fmt.Println("getSingleFilters: downloading all urls:", len(urls)) + for url, configs := range urls { + SingleIndexFilter(url, configs) } } func downloadThread() { fmt.Println("Starting updater of SINGLE lists, each (hours): ", ZabovKillTTL) + _urls := urlsMap{} + for { - getSingleFilters() + fmt.Println("downloadThread: collecting urls from all configs...") + for config := range ZabovConfigs { + ZabovSingleBL := ZabovConfigs[config].ZabovSingleBL + + s := fileByLines(ZabovSingleBL) + for _, v := range s { + configs := _urls[v] + if configs == nil { + configs = stringarray{} + _urls[v] = configs + } + configs = append(configs, config) + _urls[v] = configs + } + } + + getSingleFilters(_urls) time.Sleep(time.Duration(ZabovKillTTL) * time.Hour) } diff --git a/config.json b/config.json index 79394d9..c104a8c 100644 --- a/config.json +++ b/config.json @@ -1,15 +1,50 @@ { - "zabov": { + "zabov":{ "port":"53", "proto":"udp", "ipaddr":"0.0.0.0", - "upstream":"./dns-upstream.txt" , "cachettl": 1, - "killfilettl": 12, - "singlefilters":"./urls-domains.txt" , - "doublefilters":"./urls-hosts.txt", - "blackholeip":"127.0.0.1", - "hostsfile":"./urls-local.txt" + "killfilettl": 12 + }, + "ipaliases":{ + "pc8":"192.168.178.29" + }, + "ipgroups":[ + { + "ips":["192.168.178.30/32", "192.168.178.31/32", "pc8"], + "cfg":"", + "timetable":"tt_children" + } + ], + "timetables":{ + "tt_children":{ + "tables":[{"times":"8:30-12:30;18:30-22:30", "days":"Mo;Tu;We;Th;Fr;Sa;Su"}], + "cfgin":"children_restricted", + "cfgout":"children" + } + }, + "configs":{ + "default":{ + "upstream":"./dns-upstream.txt", + "singlefilters":"./urls-domains.txt", + "doublefilters":"./urls-hosts.txt", + "blackholeip":"127.0.0.1", + "hostsfile":"./urls-local.txt" + }, + "children":{ + "upstream":"./dns-upstream.txt", + "singlefilters":"./urls-domains.txt", + "doublefilters":"./urls-hosts.txt", + "blackholeip":"127.0.0.1", + "hostsfile":"./urls-local.txt" + }, + "children_restricted":{ + "upstream":"./dns-upstream.txt", + "singlefilters":"./urls-domains.txt", + "doublefilters":"./urls-hosts.txt", + "blackholeip":"127.0.0.1", + "hostsfile":"./urls-local.txt" + } } } diff --git a/dns_client.go b/dns_client.go index 6aa97a0..7ce761c 100644 --- a/dns_client.go +++ b/dns_client.go @@ -12,7 +12,8 @@ import ( //ForwardQuery forwards the query to the upstream server //first server to answer wins -func ForwardQuery(query *dns.Msg) *dns.Msg { +//accepts config name to select the UP DNS source list +func ForwardQuery(query *dns.Msg, config string) *dns.Msg { go incrementStats("ForwardQueries", 1) @@ -45,7 +46,7 @@ func ForwardQuery(query *dns.Msg) *dns.Msg { continue } - d := oneTimeDNS() + d := oneTimeDNS(config) in, _, err := c.Exchange(query, d) if err != nil { @@ -78,10 +79,11 @@ func init() { } -func oneTimeDNS() (dns string) { +func oneTimeDNS(config string) (dns string) { rand.Seed(time.Now().Unix()) + ZabovDNSArray := ZabovDNSArrays[config] upl := ZabovDNSArray if len(upl) < 1 { diff --git a/dns_handler.go b/dns_handler.go index 9cf0fb1..9bff55d 100644 --- a/dns_handler.go +++ b/dns_handler.go @@ -12,19 +12,23 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { remIP, _, e := net.SplitHostPort(w.RemoteAddr().String()) if e != nil { + go incrementStats("CLIENT ERROR: "+remIP, 1) + } else { go incrementStats("CLIENT: "+remIP, 1) } msg := dns.Msg{} msg.SetReply(r) + config := "default" // TODO: get config from client IP & timetable + switch r.Question[0].Qtype { case dns.TypeA: msg.Authoritative = true domain := msg.Question[0].Name fqdn := strings.TrimRight(domain, ".") - if domainInKillfile(fqdn) { + if domainInKillfile(fqdn, config) { go incrementStats("Killed", 1) msg.Answer = append(msg.Answer, &dns.A{ @@ -32,11 +36,11 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { A: net.ParseIP(ZabovAddBL), }) } else { - ret := ForwardQuery(r) + ret := ForwardQuery(r, config) w.WriteMsg(ret) } default: - ret := ForwardQuery(r) + ret := ForwardQuery(r, config) w.WriteMsg(ret) } w.WriteMsg(&msg) diff --git a/hostfile.go b/hostfile.go index 51e4508..a2946ff 100644 --- a/hostfile.go +++ b/hostfile.go @@ -9,28 +9,43 @@ import ( func init() { fmt.Println("Ingesting local hosts file") - ingestLocalBlacklist() + ingestLocalBlacklists() } -func ingestLocalBlacklist() { - - file, err := os.Open(ZabovHostsFile) - if err != nil { - fmt.Println(err.Error()) - } - defer file.Close() - - scanner := bufio.NewScanner(file) - for scanner.Scan() { - d := scanner.Text() - DomainKill(d, ZabovHostsFile) - incrementStats("Blacklist", 1) +func ingestLocalBlacklists() { + fmt.Println("ingestLocalBlacklist: collecting urls from all configs...") + _files := urlsMap{} + for config := range ZabovConfigs { + ZabovHostsFile := ZabovConfigs[config].ZabovHostsFile + configs := _files[ZabovHostsFile] + if configs == nil { + configs = stringarray{} + _files[ZabovHostsFile] = configs + } + configs = append(configs, config) + _files[ZabovHostsFile] = configs } - if err := scanner.Err(); err != nil { - fmt.Println(err.Error()) + for ZabovHostsFile, configs := range _files { + file, err := os.Open(ZabovHostsFile) + if err != nil { + fmt.Println(err.Error()) + } + defer file.Close() + + scanner := bufio.NewScanner(file) + for scanner.Scan() { + d := scanner.Text() + DomainKill(d, ZabovHostsFile, configs) + incrementStats("Blacklist", 1) + + } + + if err := scanner.Err(); err != nil { + fmt.Println(err.Error()) + } } } diff --git a/main.go b/main.go index aaf1ebc..a9178f5 100644 --- a/main.go +++ b/main.go @@ -35,6 +35,53 @@ var ZabovDNSArray []string type handler struct{} +//ZabovDNSArrays contains the arrays containing all the DNS we mention +var ZabovDNSArrays map[string][]string + +// ZabovConfig contains all Zabov configs +type ZabovConfig struct { + ZabovUpDNS string // json:upstream -> ZabovDNSArray + ZabovSingleBL string // json:singlefilters + ZabovDoubleBL string // json:doublefilters + ZabovAddBL string // json:blackholeip + ZabovHostsFile string // json:hostsfile +} + +// ZabovConfigs contains all Zabov configs +var ZabovConfigs map[string]ZabovConfig + +// ZabovConfigDefault contains only "default" config +var ZabovConfigDefault ZabovConfig + +// ZabovIPGroup contains Zabov groups of IPs +type ZabovIPGroup struct { + ips []string // IPs in this group + cfg string // config name to be used if there is no timetable + timetable string // timetable name to be used for this group; timetable SHALL reference to config name to use +} + +// ZabovIPGroups contains an array of all Zabov groups of IP rules +var ZabovIPGroups []ZabovIPGroup + +// ZabovTimetableEntry contains Zabov single time table entry +type ZabovTimetableEntry struct { + times []string + days []string +} + +// ZabovTimetable contains a Zabov time table +type ZabovTimetable struct { + table []ZabovTimetableEntry + cfgin string // configuration name to be used if "inside" timetable + cfgout string // configuration name to be used if "outiside" timetable +} + +// ZabovTimetables contains all Zabov time tables, by name +var ZabovTimetables map[string]ZabovTimetable + +// ZabovIPAliases contains an array of all Zabov IP aliases +var ZabovIPAliases map[string]string + func main() { MyDNS.Handler = &handler{} From 5e94032cd0f734ba5cfbd793393aae4c5188bde0 Mon Sep 17 00:00:00 2001 From: bloved Date: Tue, 12 Jan 2021 13:35:36 +0100 Subject: [PATCH 02/16] - killfile stats: incremented only when adding a new domain in BL - Malformed lines stats: stats are reset at refresh; ignoring blank/comment lines --- 01.killfile.go | 11 +++++++++-- adlist_hosts.go | 6 ++++++ adlist_single.go | 6 ++++++ 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/01.killfile.go b/01.killfile.go index 60f6071..8ad4b18 100644 --- a/01.killfile.go +++ b/01.killfile.go @@ -26,11 +26,18 @@ func bWriteThread() { for item := range bChannel { + alreadyInSomeDB := false + for _, config := range item.Kconfigs { + if !alreadyInSomeDB { + alreadyInSomeDB = domainInKillfile(item.Kdomain, config) + } writeInKillfile(item.Kdomain, item.Ksource, config) } - incrementStats("BL domains from "+item.Ksource, 1) - incrementStats("TOTAL", 1) + if !alreadyInSomeDB { + incrementStats("BL domains from "+item.Ksource, 1) + incrementStats("TOTAL", 1) + } } diff --git a/adlist_hosts.go b/adlist_hosts.go index fc45b74..32dfb47 100644 --- a/adlist_hosts.go +++ b/adlist_hosts.go @@ -20,6 +20,9 @@ func DoubleIndexFilter(durl string, configs stringarray) error { fmt.Println("DoubleIndexFilter: Retrieving HostFile from: ", durl) + // resets malformed HostLines for url + setstatsvalue("Malformed HostLines "+durl, 0) + var err error // Get the data @@ -48,6 +51,9 @@ func DoubleIndexFilter(durl string, configs stringarray) error { line := scanner.Text() + if len(line) == 0 || strings.TrimSpace(line)[0] == '#' { + continue + } h := strings.FieldsFunc(line, splitter) if h == nil { diff --git a/adlist_single.go b/adlist_single.go index bbdd3fc..9f5318f 100644 --- a/adlist_single.go +++ b/adlist_single.go @@ -18,6 +18,9 @@ func SingleIndexFilter(durl string, configs stringarray) error { fmt.Println("Retrieving DomainFile from: ", durl) + // resets malformed HostLines for url + setstatsvalue("Malformed DomainLines "+durl, 0) + var err error // Get the data @@ -46,6 +49,9 @@ func SingleIndexFilter(durl string, configs stringarray) error { line := scanner.Text() + if len(line) == 0 || strings.TrimSpace(line)[0] == '#' { + continue + } h := strings.FieldsFunc(line, splitter) if h == nil { From e86ead83b72e1bd8c42309a76b40a015c16677f8 Mon Sep 17 00:00:00 2001 From: bloved Date: Wed, 13 Jan 2021 22:30:04 +0100 Subject: [PATCH 03/16] - config - sanity checks - parsing of timetables - removed unused global variables (moved at config level) - added new stat: DNS request for each "CONFIG" - implemented configuration from ip groups / timetables --- 01.conf.go | 85 +++++++++++++++++++++++++++++++----------------- adlist_hosts.go | 1 + adlist_single.go | 1 + config.json | 7 ++-- dns_client.go | 3 +- dns_handler.go | 62 +++++++++++++++++++++++++++++++++-- main.go | 62 +++++++++++++++-------------------- 7 files changed, 148 insertions(+), 73 deletions(-) diff --git a/01.conf.go b/01.conf.go index efdbb96..90ae23a 100644 --- a/01.conf.go +++ b/01.conf.go @@ -5,7 +5,9 @@ import ( "fmt" "io/ioutil" "log" + "net" "os" + "strconv" "strings" "github.com/miekg/dns" @@ -46,13 +48,15 @@ func init() { configs := MyConf["configs"].(map[string]interface{}) - defaultConf := configs["default"].(map[string]interface{}) + if len(configs) == 0 { + log.Println("you shall set at least default config") + os.Exit(1) + } - ZabovUpDNS = defaultConf["upstream"].(string) - ZabovSingleBL = defaultConf["singlefilters"].(string) - ZabovDoubleBL = defaultConf["doublefilters"].(string) - ZabovAddBL = defaultConf["blackholeip"].(string) - ZabovHostsFile = defaultConf["hostsfile"].(string) + if configs["default"] == nil { + log.Println("default config is required") + os.Exit(1) + } zabovString := ZabovAddr + ":" + ZabovPort @@ -60,13 +64,11 @@ func init() { MyDNS.Addr = zabovString MyDNS.Net = ZabovType - ZabovDNSArray = fileByLines(ZabovUpDNS) - ZabovConfigs = map[string]ZabovConfig{} ZabovIPGroups = []ZabovIPGroup{} - ZabovTimetables = map[string]ZabovTimetable{} + ZabovTimetables = map[string]*ZabovTimetable{} ZabovIPAliases = map[string]string{} - ZabovDNSArrays = map[string][]string{} + IPAliasesRaw := MyConf["ipaliases"].(map[string]interface{}) for alias, ip := range IPAliasesRaw { @@ -84,11 +86,8 @@ func init() { conf.ZabovAddBL = confRaw["blackholeip"].(string) conf.ZabovHostsFile = confRaw["hostsfile"].(string) - ZabovDNSArrays[name] = fileByLines(conf.ZabovUpDNS) + conf.ZabovDNSArray = fileByLines(conf.ZabovUpDNS) ZabovConfigs[name] = conf - if name == "default" { - ZabovConfigDefault = conf - } ZabovCreateKDB(name) } @@ -111,13 +110,13 @@ func init() { _, ok := ZabovConfigs[timetable.cfgin] if !ok { - log.Println("inexistent cfgin:", timetable.cfgin) + log.Println("timetable: inexistent cfgin:", timetable.cfgin) os.Exit(1) } _, ok = ZabovConfigs[timetable.cfgout] if !ok { - log.Println("inexistent cfgout:", timetable.cfgout) + log.Println("timetable: inexistent cfgout:", timetable.cfgout) os.Exit(1) } @@ -126,11 +125,36 @@ func init() { for i := range tables { table := tables[i].(map[string]interface{}) var ttEntry ZabovTimetableEntry - ttEntry.times = strings.Split(table["times"].(string), ";") - ttEntry.days = strings.Split(table["days"].(string), ";") - timetable.table = append(timetable.table, ttEntry) + ttEntry.times = []*ZabovTimeRange{} + for _, tRaw := range strings.Split(table["times"].(string), ";") { + tRawArr := strings.Split(tRaw, "-") + if len(tRawArr) > 1 { + startArr := strings.Split(tRawArr[0], ":") + stopArr := strings.Split(tRawArr[1], ":") + + if len(startArr) > 1 && len(stopArr) > 1 { + hourStart, _ := strconv.Atoi(startArr[0]) + minuteStart, _ := strconv.Atoi(startArr[1]) + start := ZabovTime{hour: hourStart, minute: minuteStart} + + hourStop, _ := strconv.Atoi(stopArr[0]) + minuteStop, _ := strconv.Atoi(stopArr[1]) + stop := ZabovTime{hour: hourStop, minute: minuteStop} + t := ZabovTimeRange{start: start, stop: stop} + ttEntry.times = append(ttEntry.times, &t) + } + } + + } + + ttEntry.days = map[string]bool{} + for _, day := range strings.Split(table["days"].(string), ";") { + ttEntry.days[day] = true + } + + timetable.table = append(timetable.table, &ttEntry) } - ZabovTimetables[name] = timetable + ZabovTimetables[name] = &timetable } IPGroups := MyConf["ipgroups"].([]interface{}) @@ -141,15 +165,16 @@ func init() { var groupStruct ZabovIPGroup groupMap := IPGroups[i].(map[string]interface{}) IPsRaw := groupMap["ips"].([]interface{}) - groupStruct.ips = []string{} + groupStruct.ips = []net.IP{} for x := range IPsRaw { - ip := IPsRaw[x].(string) - fmt.Println("adding IP ", ip) + ipRaw := IPsRaw[x].(string) + ip := net.ParseIP(ipRaw) + fmt.Println("adding IP ", ipRaw) - alias, ok := ZabovIPAliases[ip] + alias, ok := ZabovIPAliases[ipRaw] if ok { - fmt.Println("IP alias: ", ip, alias) - ip = alias + fmt.Println("IP alias: ", ipRaw, alias) + ip = net.ParseIP(alias) } groupStruct.ips = append(groupStruct.ips, ip) } @@ -164,9 +189,9 @@ func init() { } ZabovIPGroups = append(ZabovIPGroups, groupStruct) } - fmt.Println("ZabovConfigs:", ZabovConfigs) - fmt.Println("ZabovTimetables:", ZabovTimetables) - fmt.Println("ZabovIPAliases:", ZabovIPAliases) - fmt.Println("ZabovIPGroups:", ZabovIPGroups) + //fmt.Println("ZabovConfigs:", ZabovConfigs) + //fmt.Println("ZabovTimetables:", ZabovTimetables) + //fmt.Println("ZabovIPAliases:", ZabovIPAliases) + //fmt.Println("ZabovIPGroups:", ZabovIPGroups) } diff --git a/adlist_hosts.go b/adlist_hosts.go index 32dfb47..daac544 100644 --- a/adlist_hosts.go +++ b/adlist_hosts.go @@ -89,6 +89,7 @@ func getDoubleFilters(urls urlsMap) { for url, configs := range urls { DoubleIndexFilter(url, configs) } + fmt.Println("getDoubleFilters: DONE!") } diff --git a/adlist_single.go b/adlist_single.go index 9f5318f..e08af54 100644 --- a/adlist_single.go +++ b/adlist_single.go @@ -87,6 +87,7 @@ func getSingleFilters(urls urlsMap) { for url, configs := range urls { SingleIndexFilter(url, configs) } + fmt.Println("getSingleFilters: DONE!") } diff --git a/config.json b/config.json index c104a8c..cec4562 100644 --- a/config.json +++ b/config.json @@ -7,18 +7,19 @@ "killfilettl": 12 }, "ipaliases":{ - "pc8":"192.168.178.29" + "pc8":"192.168.178.29", + "localhost":"127.0.0.1" }, "ipgroups":[ { - "ips":["192.168.178.30/32", "192.168.178.31/32", "pc8"], + "ips":["localhost", "::1", "192.168.178.30", "192.168.178.31", "pc8"], "cfg":"", "timetable":"tt_children" } ], "timetables":{ "tt_children":{ - "tables":[{"times":"8:30-12:30;18:30-22:30", "days":"Mo;Tu;We;Th;Fr;Sa;Su"}], + "tables":[{"times":"00:00-05:00;8:30-12:30;18:30-22:59", "days":"Mo;Tu;We;Th;Fr;Sa;Su"}], "cfgin":"children_restricted", "cfgout":"children" } diff --git a/dns_client.go b/dns_client.go index 7ce761c..866ab32 100644 --- a/dns_client.go +++ b/dns_client.go @@ -83,8 +83,7 @@ func oneTimeDNS(config string) (dns string) { rand.Seed(time.Now().Unix()) - ZabovDNSArray := ZabovDNSArrays[config] - upl := ZabovDNSArray + upl := ZabovConfigs[config].ZabovDNSArray if len(upl) < 1 { fmt.Println("No DNS defined, using default 127.0.0.53:53. Hope it works!") diff --git a/dns_handler.go b/dns_handler.go index 9bff55d..7cfb769 100644 --- a/dns_handler.go +++ b/dns_handler.go @@ -1,12 +1,68 @@ package main import ( + "fmt" "net" "strings" + "time" "github.com/miekg/dns" ) +var weekdays []string + +func init() { + weekdays = []string{"Su", "Mo", "Tu", "We", "Th", "Fr", "Sa"} +} + +func getCurTime() (time.Time, error) { + return time.Parse("15:04", time.Now().Format("15:04")) +} + +func confFromTimeTable(timetable string) string { + tt := ZabovTimetables[timetable] + if tt == nil { + fmt.Println("confFromTimeTable: return default") + return "default" + } + for _, ttentry := range tt.table { + now := time.Now() + nowHour := now.Hour() + nowMinute := now.Minute() + weekday := weekdays[now.Weekday()] + if ttentry.days == nil || len(ttentry.days) == 0 || ttentry.days[weekday] || ttentry.days[strings.ToLower(weekday)] { + for _, t := range ttentry.times { + + if (nowHour > t.start.hour || (nowHour == t.start.hour && nowMinute >= t.start.minute)) && + (nowHour < t.stop.hour || (nowHour == t.stop.hour && nowMinute <= t.stop.minute)) { + incrementStats("TIMETABLE IN: "+timetable, 1) + fmt.Println("confFromTimeTable: return IN", tt.cfgin) + return tt.cfgin + } + } + } + } + incrementStats("TIMETABLE OUT: "+timetable, 1) + fmt.Println("confFromTimeTable: return OUT", tt.cfgout) + return tt.cfgout +} + +func confFromIP(clientIP net.IP) string { + + for _, ipgroup := range ZabovIPGroups { + for _, ip := range ipgroup.ips { + if clientIP.Equal(ip) { + if len(ipgroup.timetable) > 0 { + return confFromTimeTable(ipgroup.timetable) + } + fmt.Println("confFromIP: ipgroup.cfg") + return ipgroup.cfg + } + } + } + fmt.Println("confFromIP: return default") + return "default" +} func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { go incrementStats("TotalQueries", 1) @@ -20,8 +76,10 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { msg := dns.Msg{} msg.SetReply(r) - config := "default" // TODO: get config from client IP & timetable + config := confFromIP(net.ParseIP(remIP)) + incrementStats("CONFIG: "+config, 1) + ZabovConfig := ZabovConfigs[config] switch r.Question[0].Qtype { case dns.TypeA: msg.Authoritative = true @@ -33,7 +91,7 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { msg.Answer = append(msg.Answer, &dns.A{ Hdr: dns.RR_Header{Name: domain, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 60}, - A: net.ParseIP(ZabovAddBL), + A: net.ParseIP(ZabovConfig.ZabovAddBL), }) } else { ret := ForwardQuery(r, config) diff --git a/main.go b/main.go index a9178f5..e79b1de 100644 --- a/main.go +++ b/main.go @@ -2,6 +2,7 @@ package main import ( "log" + "net" "github.com/miekg/dns" ) @@ -9,53 +10,30 @@ import ( //MyDNS is my dns server var MyDNS *dns.Server -//ZabovUpDNS keeps the name of upstream DNSs -var ZabovUpDNS string - -//ZabovSingleBL list of urls returning a file with just names of domains -var ZabovSingleBL string - -//ZabovDoubleBL list of urls returning a file with IPdomain -var ZabovDoubleBL string - -//ZabovAddBL is the IP we want to send all the clients to. Usually is 127.0.0.1 -var ZabovAddBL string - -//ZabovCacheTTL is the amount of hours we cache records of DNS +//ZabovCacheTTL is the amount of hours we cache records of DNS (global) var ZabovCacheTTL int -//ZabovKillTTL is the amount of hours we cache the killfile +//ZabovKillTTL is the amount of hours we cache the killfile (global) var ZabovKillTTL int -//ZabovHostsFile is the file we use to keep our hosts -var ZabovHostsFile string - -//ZabovDNSArray is the array containing all the DNS we mention -var ZabovDNSArray []string - type handler struct{} -//ZabovDNSArrays contains the arrays containing all the DNS we mention -var ZabovDNSArrays map[string][]string - // ZabovConfig contains all Zabov configs type ZabovConfig struct { - ZabovUpDNS string // json:upstream -> ZabovDNSArray - ZabovSingleBL string // json:singlefilters - ZabovDoubleBL string // json:doublefilters - ZabovAddBL string // json:blackholeip - ZabovHostsFile string // json:hostsfile + ZabovSingleBL string // json:singlefilters -> ZabovSingleBL list of urls returning a file with just names of domains + ZabovDoubleBL string // json:doublefilters -> ZabovDoubleBL list of urls returning a file with IPdomain + ZabovAddBL string // json:blackholeip -> ZabovAddBL is the IP we want to send all the clients to. Usually is 127.0.0.1 + ZabovHostsFile string // json:hostsfile -> ZabovHostsFile is the file we use to keep our hosts + ZabovUpDNS string // json:upstream -> ZabovUpDNS keeps the name of upstream DNSs + ZabovDNSArray []string // contains all the DNS we mention, parsed from ZabovUpDNS file } // ZabovConfigs contains all Zabov configs var ZabovConfigs map[string]ZabovConfig -// ZabovConfigDefault contains only "default" config -var ZabovConfigDefault ZabovConfig - // ZabovIPGroup contains Zabov groups of IPs type ZabovIPGroup struct { - ips []string // IPs in this group + ips []net.IP // IPs in this group cfg string // config name to be used if there is no timetable timetable string // timetable name to be used for this group; timetable SHALL reference to config name to use } @@ -63,21 +41,33 @@ type ZabovIPGroup struct { // ZabovIPGroups contains an array of all Zabov groups of IP rules var ZabovIPGroups []ZabovIPGroup +// ZabovTime contains Zabov single time +type ZabovTime struct { + hour int + minute int +} + +// ZabovTimeRange contains Zabov single time range +type ZabovTimeRange struct { + start ZabovTime + stop ZabovTime +} + // ZabovTimetableEntry contains Zabov single time table entry type ZabovTimetableEntry struct { - times []string - days []string + times []*ZabovTimeRange + days map[string]bool } // ZabovTimetable contains a Zabov time table type ZabovTimetable struct { - table []ZabovTimetableEntry + table []*ZabovTimetableEntry cfgin string // configuration name to be used if "inside" timetable cfgout string // configuration name to be used if "outiside" timetable } // ZabovTimetables contains all Zabov time tables, by name -var ZabovTimetables map[string]ZabovTimetable +var ZabovTimetables map[string]*ZabovTimetable // ZabovIPAliases contains an array of all Zabov IP aliases var ZabovIPAliases map[string]string From 945709f24e07301d2edff681b324620334523327 Mon Sep 17 00:00:00 2001 From: bloved Date: Wed, 13 Jan 2021 23:38:33 +0100 Subject: [PATCH 04/16] - config: - more sanity checks - added localresponder: if set use specified DNS server for local domains - ipaliases is now used in DNS responses (works same as /etc/hosts file) - ForwardQuery(): accept param to avoid cache --- 01.conf.go | 26 ++++++++++++++++++++++++-- adlist_hosts.go | 4 +++- adlist_single.go | 4 ++++ config.json | 4 ++++ dns_client.go | 14 ++++++++------ dns_handler.go | 28 +++++++++++++++++++++++----- hostfile.go | 3 +++ main.go | 6 ++++++ 8 files changed, 75 insertions(+), 14 deletions(-) diff --git a/01.conf.go b/01.conf.go index 90ae23a..21fe76d 100644 --- a/01.conf.go +++ b/01.conf.go @@ -46,15 +46,20 @@ func init() { ZabovCacheTTL = int(zabov["cachettl"].(float64)) ZabovKillTTL = int(zabov["killfilettl"].(float64)) + if MyConf["configs"] == nil { + log.Println("configs not set: you shall set at least 'default' config") + os.Exit(1) + } + configs := MyConf["configs"].(map[string]interface{}) if len(configs) == 0 { - log.Println("you shall set at least default config") + log.Println("you shall set at least 'default' config") os.Exit(1) } if configs["default"] == nil { - log.Println("default config is required") + log.Println("'default' config is required") os.Exit(1) } @@ -189,6 +194,23 @@ func init() { } ZabovIPGroups = append(ZabovIPGroups, groupStruct) } + + localresponder := MyConf["localresponder"].(map[string]interface{}) + + if localresponder != nil { + if localresponder["responder"] != nil { + ZabovLocalResponder = localresponder["responder"].(string) + if len(ZabovLocalResponder) > 0 { + local := ZabovConfig{} + local.ZabovDNSArray = []string{ZabovLocalResponder} + ZabovConfigs["__localresponder__"] = local + fmt.Println("ZabovLocalResponder:", ZabovLocalResponder) + } + } + if localresponder["localdomain"] != nil { + ZabovLocalDomain = localresponder["localdomain"].(string) + } + } //fmt.Println("ZabovConfigs:", ZabovConfigs) //fmt.Println("ZabovTimetables:", ZabovTimetables) //fmt.Println("ZabovIPAliases:", ZabovIPAliases) diff --git a/adlist_hosts.go b/adlist_hosts.go index daac544..eda7b21 100644 --- a/adlist_hosts.go +++ b/adlist_hosts.go @@ -102,7 +102,9 @@ func downloadDoubleThread() { fmt.Println("downloadDoubleThread: collecting urls from all configs...") for config := range ZabovConfigs { ZabovDoubleBL := ZabovConfigs[config].ZabovDoubleBL - + if len(ZabovDoubleBL) == 0 { + continue + } s := fileByLines(ZabovDoubleBL) for _, v := range s { configs := _urls[v] diff --git a/adlist_single.go b/adlist_single.go index e08af54..a7c1e7a 100644 --- a/adlist_single.go +++ b/adlist_single.go @@ -100,6 +100,10 @@ func downloadThread() { for config := range ZabovConfigs { ZabovSingleBL := ZabovConfigs[config].ZabovSingleBL + if len(ZabovSingleBL) == 0 { + continue + } + s := fileByLines(ZabovSingleBL) for _, v := range s { configs := _urls[v] diff --git a/config.json b/config.json index cec4562..e320ef3 100644 --- a/config.json +++ b/config.json @@ -6,6 +6,10 @@ "cachettl": 1, "killfilettl": 12 }, + "localresponder":{ + "responder":"192.168.178.1:53", + "localdomain":"fritz.box" + }, "ipaliases":{ "pc8":"192.168.178.29", "localhost":"127.0.0.1" diff --git a/dns_client.go b/dns_client.go index 866ab32..65bb214 100644 --- a/dns_client.go +++ b/dns_client.go @@ -13,7 +13,7 @@ import ( //ForwardQuery forwards the query to the upstream server //first server to answer wins //accepts config name to select the UP DNS source list -func ForwardQuery(query *dns.Msg, config string) *dns.Msg { +func ForwardQuery(query *dns.Msg, config string, nocache bool) *dns.Msg { go incrementStats("ForwardQueries", 1) @@ -24,12 +24,14 @@ func ForwardQuery(query *dns.Msg, config string) *dns.Msg { fqdn := strings.TrimRight(query.Question[0].Name, ".") lfqdn := fmt.Sprintf("%d", query.Question[0].Qtype) + "." + fqdn - if cached := GetDomainFromCache(lfqdn); cached != nil { - go incrementStats("CacheHit", 1) - cached.SetReply(query) - cached.Authoritative = true - return cached + if !nocache { + if cached := GetDomainFromCache(lfqdn); cached != nil { + go incrementStats("CacheHit", 1) + cached.SetReply(query) + cached.Authoritative = true + return cached + } } c := new(dns.Client) diff --git a/dns_handler.go b/dns_handler.go index 7cfb769..ed88805 100644 --- a/dns_handler.go +++ b/dns_handler.go @@ -35,14 +35,14 @@ func confFromTimeTable(timetable string) string { if (nowHour > t.start.hour || (nowHour == t.start.hour && nowMinute >= t.start.minute)) && (nowHour < t.stop.hour || (nowHour == t.stop.hour && nowMinute <= t.stop.minute)) { - incrementStats("TIMETABLE IN: "+timetable, 1) + go incrementStats("TIMETABLE IN: "+timetable, 1) fmt.Println("confFromTimeTable: return IN", tt.cfgin) return tt.cfgin } } } } - incrementStats("TIMETABLE OUT: "+timetable, 1) + go incrementStats("TIMETABLE OUT: "+timetable, 1) fmt.Println("confFromTimeTable: return OUT", tt.cfgout) return tt.cfgout } @@ -77,7 +77,6 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { msg.SetReply(r) config := confFromIP(net.ParseIP(remIP)) - incrementStats("CONFIG: "+config, 1) ZabovConfig := ZabovConfigs[config] switch r.Question[0].Qtype { @@ -86,6 +85,24 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { domain := msg.Question[0].Name fqdn := strings.TrimRight(domain, ".") + if len(ZabovIPAliases[fqdn]) > 0 { + config = "__aliases__" + msg.Answer = append(msg.Answer, &dns.A{ + Hdr: dns.RR_Header{Name: domain, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 60}, + A: net.ParseIP(ZabovIPAliases[fqdn]), + }) + break + } + if len(ZabovLocalResponder) > 0 { + if !strings.Contains(fqdn, ".") || + (len(ZabovLocalDomain) > 0 && strings.HasSuffix(fqdn, ZabovLocalDomain)) { + config = "__localresponder__" + ret := ForwardQuery(r, config, true) + w.WriteMsg(ret) + break + } + + } if domainInKillfile(fqdn, config) { go incrementStats("Killed", 1) @@ -94,13 +111,14 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { A: net.ParseIP(ZabovConfig.ZabovAddBL), }) } else { - ret := ForwardQuery(r, config) + ret := ForwardQuery(r, config, false) w.WriteMsg(ret) } default: - ret := ForwardQuery(r, config) + ret := ForwardQuery(r, config, false) w.WriteMsg(ret) } + go incrementStats("CONFIG: "+config, 1) w.WriteMsg(&msg) } diff --git a/hostfile.go b/hostfile.go index a2946ff..c64cb98 100644 --- a/hostfile.go +++ b/hostfile.go @@ -19,6 +19,9 @@ func ingestLocalBlacklists() { _files := urlsMap{} for config := range ZabovConfigs { ZabovHostsFile := ZabovConfigs[config].ZabovHostsFile + if len(ZabovHostsFile) == 0 { + continue + } configs := _files[ZabovHostsFile] if configs == nil { configs = stringarray{} diff --git a/main.go b/main.go index e79b1de..41546c6 100644 --- a/main.go +++ b/main.go @@ -16,6 +16,12 @@ var ZabovCacheTTL int //ZabovKillTTL is the amount of hours we cache the killfile (global) var ZabovKillTTL int +//ZabovLocalResponder is the default DNS server for loca domains +var ZabovLocalResponder string + +//ZabovLocalDomain is the default local domain +var ZabovLocalDomain string + type handler struct{} // ZabovConfig contains all Zabov configs From 15ec9f49ac2fde58dd792bebec8156b4b8f7d33b Mon Sep 17 00:00:00 2001 From: bloved Date: Thu, 14 Jan 2021 00:20:23 +0100 Subject: [PATCH 05/16] - stats: if "SET" to zero, stat is removed --- 01.stats.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/01.stats.go b/01.stats.go index 61e2584..f57c43c 100644 --- a/01.stats.go +++ b/01.stats.go @@ -81,7 +81,12 @@ func statsThread() { case "INC": ZabovStats[item.Payload] += item.Number case "SET": - ZabovStats[item.Payload] = item.Number + if item.Number == 0 { + + delete(ZabovStats, item.Payload) + } else { + ZabovStats[item.Payload] = item.Number + } case "PRI": statsPrint() } From cfabc6064549992c8713c21ab827a8c60838d587 Mon Sep 17 00:00:00 2001 From: bloved Date: Thu, 14 Jan 2021 15:38:46 +0100 Subject: [PATCH 06/16] - config: - unused configurations are disabled to avoid wasting resources --- 01.conf.go | 33 ++++++++++++++++++++++++++------- main.go | 3 ++- 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/01.conf.go b/01.conf.go index 21fe76d..6015a91 100644 --- a/01.conf.go +++ b/01.conf.go @@ -69,7 +69,7 @@ func init() { MyDNS.Addr = zabovString MyDNS.Net = ZabovType - ZabovConfigs = map[string]ZabovConfig{} + ZabovConfigs = map[string]*ZabovConfig{} ZabovIPGroups = []ZabovIPGroup{} ZabovTimetables = map[string]*ZabovTimetable{} ZabovIPAliases = map[string]string{} @@ -92,10 +92,12 @@ func init() { conf.ZabovHostsFile = confRaw["hostsfile"].(string) conf.ZabovDNSArray = fileByLines(conf.ZabovUpDNS) - ZabovConfigs[name] = conf + ZabovConfigs[name] = &conf ZabovCreateKDB(name) } + ZabovConfigs["default"].references++ + timetables := MyConf["timetables"].(map[string]interface{}) for name, v := range timetables { @@ -113,17 +115,19 @@ func init() { timetable.cfgout = "default" } - _, ok := ZabovConfigs[timetable.cfgin] + refConfig, ok := ZabovConfigs[timetable.cfgin] if !ok { log.Println("timetable: inexistent cfgin:", timetable.cfgin) os.Exit(1) } - _, ok = ZabovConfigs[timetable.cfgout] + refConfig.references++ + refConfig, ok = ZabovConfigs[timetable.cfgout] if !ok { log.Println("timetable: inexistent cfgout:", timetable.cfgout) os.Exit(1) } + refConfig.references++ tables := timetableRaw["tables"].([]interface{}) @@ -185,6 +189,15 @@ func init() { } groupStruct.cfg = groupMap["cfg"].(string) groupStruct.timetable = groupMap["timetable"].(string) + if len(groupStruct.cfg) > 0 { + refConfig, ok := ZabovConfigs[groupStruct.cfg] + if !ok { + log.Println("ipgroups: inexistent cfg:", groupStruct.cfg) + os.Exit(1) + } else { + refConfig.references++ + } + } fmt.Println("cfg:", groupStruct.cfg) fmt.Println("timetable:", groupStruct.timetable) _, ok := ZabovTimetables[groupStruct.timetable] @@ -201,9 +214,8 @@ func init() { if localresponder["responder"] != nil { ZabovLocalResponder = localresponder["responder"].(string) if len(ZabovLocalResponder) > 0 { - local := ZabovConfig{} - local.ZabovDNSArray = []string{ZabovLocalResponder} - ZabovConfigs["__localresponder__"] = local + local := ZabovConfig{ZabovDNSArray: []string{ZabovLocalResponder}, references: 1} + ZabovConfigs["__localresponder__"] = &local fmt.Println("ZabovLocalResponder:", ZabovLocalResponder) } } @@ -211,6 +223,13 @@ func init() { ZabovLocalDomain = localresponder["localdomain"].(string) } } + + for name, conf := range ZabovConfigs { + if conf.references == 0 { + log.Println("WARNING: disabling unused configuration:", name) + delete(ZabovConfigs, name) + } + } //fmt.Println("ZabovConfigs:", ZabovConfigs) //fmt.Println("ZabovTimetables:", ZabovTimetables) //fmt.Println("ZabovIPAliases:", ZabovIPAliases) diff --git a/main.go b/main.go index 41546c6..40837af 100644 --- a/main.go +++ b/main.go @@ -32,10 +32,11 @@ type ZabovConfig struct { ZabovHostsFile string // json:hostsfile -> ZabovHostsFile is the file we use to keep our hosts ZabovUpDNS string // json:upstream -> ZabovUpDNS keeps the name of upstream DNSs ZabovDNSArray []string // contains all the DNS we mention, parsed from ZabovUpDNS file + references int // contains references to this config; if zero, config shall be removed } // ZabovConfigs contains all Zabov configs -var ZabovConfigs map[string]ZabovConfig +var ZabovConfigs map[string]*ZabovConfig // ZabovIPGroup contains Zabov groups of IPs type ZabovIPGroup struct { From c96c9f23e2f5793bfe4b53cecacbc5320912a4df Mon Sep 17 00:00:00 2001 From: bloved Date: Thu, 14 Jan 2021 17:15:27 +0100 Subject: [PATCH 07/16] - disabled verbose logs - updated documentation in README.md --- README.md | 123 ++++++++++++++++++++++++++++++++++++++++++------- dns_handler.go | 11 ++--- 2 files changed, 112 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index 6a84604..b878c37 100644 --- a/README.md +++ b/README.md @@ -44,42 +44,133 @@ The second is the format zabov calls "doublefilter" (a file in "/etc/hosts" form This is why configuration file has two separated items. -The config file should look like: +Minimal config file should look like: 
 {
-    "zabov": {  
+    "zabov":{
         "port":"53", 
         "proto":"udp", 
-        "ipaddr":"127.0.0.1",
-        "upstream":"./dns-upstream.txt",
-        "cachettl": "4",
-        "killfilettl": "12",
-        "singlefilters":"./urls-hosts.txt" ,
-        "doublefilters":"./urls-domains.txt", 
-        "blackholeip":"127.0.0.1",
-        "hostsfile":"./urls-local.txt"
+        "ipaddr":"0.0.0.0",
+        "cachettl": 1,
+        "killfilettl": 12
+    },
+    "configs":{
+        "default":{
+            "upstream":"./dns-upstream.txt",
+            "singlefilters":"./urls-domains.txt",
+            "doublefilters":"./urls-hosts.txt", 
+            "blackholeip":"127.0.0.1",
+            "hostsfile":"./urls-local.txt"
+        },
     }
-
 }
-
-
-
-Where: +Global zabov settings: - port is the port number. Usually is 53, you can change for docker, if you like - proto is the protocol. Choices are "udp", "tcp", "tcp/udp" - ipaddr is the port to listen to. Maybe empty, (which will result in listening to 0.0.0.0) to avoid issues with docker. -- upstream: file containing all DNS we want to query : each line in format IP:PORT - cachettl: amount of time the cache is kept (in hours) - killfilettl: refresh time for _killfiles_ + +configs: +- contains multiple zabov configuration dictionaries. "default" configuration name is mandatory +- upstream: file containing all DNS we want to query : each line in format IP:PORT - singlefilters: name of the file for blacklists following the "singlefilter" schema.(one URL per line) - doublefilters: name of the file, for blacklists following the "doublefilter" schema.(one URL per line) - blackholeip: IP address to return when the IP is banned. This is because you may want to avoid MX issues, mail loops on localhost, or you have a web server running on localhost - hostsfile: path where you keep your local blacklistfile : this is in the format "singlefilter", meaning one domain per line, unlike hosts file. + +Advanced configuration includes support for multiple configuration based on IP Soruce and timetables: +
+{
+    "zabov":{
+        "port":"53", 
+        "proto":"udp", 
+        "ipaddr":"0.0.0.0",
+        "cachettl": 1,
+        "killfilettl": 12
+    },
+    "localresponder":{
+        "responder":"192.168.178.1:53",
+        "localdomain":"fritz.box"
+    },
+    "ipaliases":{
+        "pc8":"192.168.178.29",
+        "localhost":"127.0.0.1"
+    },
+    "ipgroups":[
+        {
+            "ips":["localhost", "::1", "192.168.178.30", "192.168.178.31", "pc8"],
+            "cfg":"",
+            "timetable":"tt_children"
+        }
+    ],
+    "timetables":{
+        "tt_children":{
+            "tables":[{"times":"00:00-05:00;8:30-12:30;18:30-22:59", "days":"Mo;Tu;We;Th;Fr;Sa;Su"}],
+            "cfgin":"children_restricted",
+            "cfgout":"default"
+        }
+    },
+    "configs":{
+        "default":{
+            "upstream":"./dns-upstream.txt",
+            "singlefilters":"./urls-domains.txt",
+            "doublefilters":"./urls-hosts.txt", 
+            "blackholeip":"127.0.0.1",
+            "hostsfile":"./urls-local.txt"
+        },
+        "children":{
+            "upstream":"./dns-upstream-safe.txt",
+            "singlefilters":"./urls-domains.txt",
+            "doublefilters":"./urls-hosts.txt", 
+            "blackholeip":"127.0.0.1",
+            "hostsfile":"./urls-local.txt"
+        },
+        "children_restricted":{
+            "upstream":"./dns-upstream-safe.txt",
+            "singlefilters":"./urls-domains-restricted.txt",
+            "doublefilters":"./urls-hosts-restricted.txt", 
+            "blackholeip":"127.0.0.1",
+            "hostsfile":"./urls-local.txt"
+        }
+    }
+}
+
+ +localresponder: + - allows to set a local DNS to respond for "local" domains. A domain name is handled as "local" if dosen't contains "." (dots) or if it ends with a well known prefix, such as ".local". + Note: the cache is not used for local responder. + - responder: is the local DNS server address in the IP:PORT format. + - localdomain: is the suffix for local domain names. All domains ending with this prefix are resolved by local responder + +ipaliases: a dictionary of IPs + - each entry in this dictionary define a domain-alias name and his IP address. It works as replacement of /etc/hosts file. + - each entry is used by Zabov to resolve that names and to replace any value in the ipgroups.ips array. + +timetables: a dictionary of timetable dictionaries + - allow to define timetables in the format "time-ranges" and "days-of-week" + - tables: contain an array of dictionaries, each defining a time rule. + - each table is a dictinary containing "time" and "days" values + - time: is a string in the form "start:time1-stop:time1;start:time2-stop:time2..." + - days: is a string containing semicolon separated day names to apply the rule such as "Mo;Tu;We;Th;Fr" + - days names are: "Mo", "Tu" "We", "Th", "Fr", "Sa", "Su" + - empty value means all week-days + You can define complex time rules using more than one entry in this dictionay + - cfgin: is the name of the configuration to apply if current time is "inside" the timetable + - cfgout: is the name of the configuration to apply if current time is "outside" the timetable + +ipgroups: an array of ipgroup dictionaries + - let you define a set of IP addresses that shall use a configuration other than "default" + - ips: is an array of strings, each containing an ip address or a name defined in the "ipaliases" config branch + - cfg: is a string containing the name of the configuration to be used for this group; ignored if timetable is also defined + - timetable: is a string containing the name of the tiemtable to be aplied to this group + + # DOCKER Multistage Dockerfiles are provided for AMD64, ARMv7, ARM64V8 diff --git a/dns_handler.go b/dns_handler.go index ed88805..c09a046 100644 --- a/dns_handler.go +++ b/dns_handler.go @@ -1,7 +1,6 @@ package main import ( - "fmt" "net" "strings" "time" @@ -22,7 +21,7 @@ func getCurTime() (time.Time, error) { func confFromTimeTable(timetable string) string { tt := ZabovTimetables[timetable] if tt == nil { - fmt.Println("confFromTimeTable: return default") + //fmt.Println("confFromTimeTable: return default") return "default" } for _, ttentry := range tt.table { @@ -36,14 +35,14 @@ func confFromTimeTable(timetable string) string { if (nowHour > t.start.hour || (nowHour == t.start.hour && nowMinute >= t.start.minute)) && (nowHour < t.stop.hour || (nowHour == t.stop.hour && nowMinute <= t.stop.minute)) { go incrementStats("TIMETABLE IN: "+timetable, 1) - fmt.Println("confFromTimeTable: return IN", tt.cfgin) + //fmt.Println("confFromTimeTable: return IN", tt.cfgin) return tt.cfgin } } } } go incrementStats("TIMETABLE OUT: "+timetable, 1) - fmt.Println("confFromTimeTable: return OUT", tt.cfgout) + //fmt.Println("confFromTimeTable: return OUT", tt.cfgout) return tt.cfgout } @@ -55,12 +54,12 @@ func confFromIP(clientIP net.IP) string { if len(ipgroup.timetable) > 0 { return confFromTimeTable(ipgroup.timetable) } - fmt.Println("confFromIP: ipgroup.cfg") + //fmt.Println("confFromIP: ipgroup.cfg") return ipgroup.cfg } } } - fmt.Println("confFromIP: return default") + //fmt.Println("confFromIP: return default") return "default" } func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { From 31e05cb1772262355ad6a7d4e1070cac660aac78 Mon Sep 17 00:00:00 2001 From: bloved Date: Thu, 14 Jan 2021 20:25:10 +0100 Subject: [PATCH 08/16] - config: - added "debug" mode - updated documentation in README.md - BL downloader threads: added 2 seconds delay to allow local DNS service go up & running --- 01.conf.go | 3 +++ README.md | 6 ++++-- adlist_hosts.go | 2 +- adlist_single.go | 2 ++ dns_handler.go | 39 ++++++++++++++++++++++++++++++++++----- main.go | 7 +++++-- 6 files changed, 49 insertions(+), 10 deletions(-) diff --git a/01.conf.go b/01.conf.go index 6015a91..078a33e 100644 --- a/01.conf.go +++ b/01.conf.go @@ -43,9 +43,12 @@ func init() { ZabovPort := zabov["port"].(string) ZabovType := zabov["proto"].(string) ZabovAddr := zabov["ipaddr"].(string) + DebugStr := (zabov["debug"].(string)) ZabovCacheTTL = int(zabov["cachettl"].(float64)) ZabovKillTTL = int(zabov["killfilettl"].(float64)) + ZabovDebug = DebugStr == "true" + if MyConf["configs"] == nil { log.Println("configs not set: you shall set at least 'default' config") os.Exit(1) diff --git a/README.md b/README.md index b878c37..d38b8ba 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,8 @@ Minimal config file should look like: "proto":"udp", "ipaddr":"0.0.0.0", "cachettl": 1, - "killfilettl": 12 + "killfilettl": 12, + "debug:"false" }, "configs":{ "default":{ @@ -74,6 +75,7 @@ Global zabov settings: - ipaddr is the port to listen to. Maybe empty, (which will result in listening to 0.0.0.0) to avoid issues with docker. - cachettl: amount of time the cache is kept (in hours) - killfilettl: refresh time for _killfiles_ +- debug: if set to "true" Zabov prints verbose logs, such as config selection and single DNS requests configs: - contains multiple zabov configuration dictionaries. "default" configuration name is mandatory @@ -84,7 +86,7 @@ configs: - hostsfile: path where you keep your local blacklistfile : this is in the format "singlefilter", meaning one domain per line, unlike hosts file. -Advanced configuration includes support for multiple configuration based on IP Soruce and timetables: +Advanced configuration includes support for multiple configurations based on IP Source and timetables: 
 {
     "zabov":{
diff --git a/adlist_hosts.go b/adlist_hosts.go
index eda7b21..44996cc 100644
--- a/adlist_hosts.go
+++ b/adlist_hosts.go
@@ -95,7 +95,7 @@ func getDoubleFilters(urls urlsMap) {
 
 func downloadDoubleThread() {
 	fmt.Println("Starting updater of DOUBLE lists, each (hours):", ZabovKillTTL)
-
+	time.Sleep(2 * time.Second) // wait for local DNS server up & running (may be our DNS)
 	_urls := urlsMap{}
 
 	for {
diff --git a/adlist_single.go b/adlist_single.go
index a7c1e7a..aeeffbf 100644
--- a/adlist_single.go
+++ b/adlist_single.go
@@ -93,6 +93,8 @@ func getSingleFilters(urls urlsMap) {
 
 func downloadThread() {
 	fmt.Println("Starting updater of SINGLE lists, each (hours): ", ZabovKillTTL)
+	time.Sleep(2 * time.Second) // wait for local DNS server up & running (may be our DNS)
+
 	_urls := urlsMap{}
 
 	for {
diff --git a/dns_handler.go b/dns_handler.go
index c09a046..02a0eda 100644
--- a/dns_handler.go
+++ b/dns_handler.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"log"
 	"net"
 	"strings"
 	"time"
@@ -21,7 +22,9 @@ func getCurTime() (time.Time, error) {
 func confFromTimeTable(timetable string) string {
 	tt := ZabovTimetables[timetable]
 	if tt == nil {
-		//fmt.Println("confFromTimeTable: return default")
+		if ZabovDebug {
+			log.Println("confFromTimeTable: return default")
+		}
 		return "default"
 	}
 	for _, ttentry := range tt.table {
@@ -35,14 +38,18 @@ func confFromTimeTable(timetable string) string {
 				if (nowHour > t.start.hour || (nowHour == t.start.hour && nowMinute >= t.start.minute)) &&
 					(nowHour < t.stop.hour || (nowHour == t.stop.hour && nowMinute <= t.stop.minute)) {
 					go incrementStats("TIMETABLE IN: "+timetable, 1)
-					//fmt.Println("confFromTimeTable: return IN", tt.cfgin)
+					if ZabovDebug {
+						log.Println("confFromTimeTable: return IN", tt.cfgin)
+					}
 					return tt.cfgin
 				}
 			}
 		}
 	}
 	go incrementStats("TIMETABLE OUT: "+timetable, 1)
-	//fmt.Println("confFromTimeTable: return OUT", tt.cfgout)
+	if ZabovDebug {
+		log.Println("confFromTimeTable: return OUT", tt.cfgout)
+	}
 	return tt.cfgout
 }
 
@@ -54,12 +61,16 @@ func confFromIP(clientIP net.IP) string {
 				if len(ipgroup.timetable) > 0 {
 					return confFromTimeTable(ipgroup.timetable)
 				}
-				//fmt.Println("confFromIP: ipgroup.cfg")
+				if ZabovDebug {
+					log.Println("confFromIP: ipgroup.cfg")
+				}
 				return ipgroup.cfg
 			}
 		}
 	}
-	//fmt.Println("confFromIP: return default")
+	if ZabovDebug {
+		log.Println("confFromIP: return default")
+	}
 	return "default"
 }
 func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
@@ -77,6 +88,9 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 
 	config := confFromIP(net.ParseIP(remIP))
 
+	if ZabovDebug {
+		log.Println("REQUEST:", remIP, config)
+	}
 	ZabovConfig := ZabovConfigs[config]
 	switch r.Question[0].Qtype {
 	case dns.TypeA:
@@ -84,6 +98,10 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 		domain := msg.Question[0].Name
 		fqdn := strings.TrimRight(domain, ".")
 
+		if ZabovDebug {
+			log.Println("TypeA: fqdn:", fqdn)
+		}
+
 		if len(ZabovIPAliases[fqdn]) > 0 {
 			config = "__aliases__"
 			msg.Answer = append(msg.Answer, &dns.A{
@@ -113,6 +131,17 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 			ret := ForwardQuery(r, config, false)
 			w.WriteMsg(ret)
 		}
+	case dns.TypePTR:
+		if ZabovDebug {
+			log.Println("TypePTR: Name:", msg.Question[0].Name)
+		}
+
+		if len(ZabovLocalResponder) > 0 {
+			// if set use local responder for reverse lookup (suffix ".in-addr.arpa.")
+			config = "__localresponder__"
+		}
+		ret := ForwardQuery(r, config, true)
+		w.WriteMsg(ret)
 	default:
 		ret := ForwardQuery(r, config, false)
 		w.WriteMsg(ret)
diff --git a/main.go b/main.go
index 40837af..28ca5e9 100644
--- a/main.go
+++ b/main.go
@@ -16,12 +16,15 @@ var ZabovCacheTTL int
 //ZabovKillTTL is the amount of hours we cache the killfile (global)
 var ZabovKillTTL int
 
-//ZabovLocalResponder is the default DNS server for loca domains
+//ZabovLocalResponder is the default DNS server for local domains (global)
 var ZabovLocalResponder string
 
-//ZabovLocalDomain is the default local domain
+//ZabovLocalDomain is the default local domain (global)
 var ZabovLocalDomain string
 
+//ZabovDebug activate more logging if set to true (global)
+var ZabovDebug bool
+
 type handler struct{}
 
 // ZabovConfig contains all Zabov configs

From 946a2245ccf2f96f2a7b332b593e95443291ca7d Mon Sep 17 00:00:00 2001
From: bloved 
Date: Fri, 15 Jan 2021 00:55:08 +0100
Subject: [PATCH 09/16] - if upstream DNS is missing fallbacks on
 localresponder if defined, else on "127.0.0.53:53" as last chance

---
 dns_client.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/dns_client.go b/dns_client.go
index 65bb214..a6c7849 100644
--- a/dns_client.go
+++ b/dns_client.go
@@ -88,6 +88,11 @@ func oneTimeDNS(config string) (dns string) {
 	upl := ZabovConfigs[config].ZabovDNSArray
 
 	if len(upl) < 1 {
+
+		if len(ZabovLocalResponder) > 0 {
+			fmt.Println("No DNS defined, fallback to local responder:", ZabovLocalResponder)
+			return ZabovLocalResponder
+		}
 		fmt.Println("No DNS defined, using default 127.0.0.53:53. Hope it works!")
 		return "127.0.0.53:53"
 	}

From aef07c50d6d6b765ebd9799537e8b74af89a0a67 Mon Sep 17 00:00:00 2001
From: bloved 
Date: Fri, 15 Jan 2021 13:28:15 +0100
Subject: [PATCH 10/16] - single/double and local lists: ignore blank/comment
 lines

---
 adlist_hosts.go  | 3 +++
 adlist_single.go | 3 +++
 hostfile.go      | 4 ++++
 3 files changed, 10 insertions(+)

diff --git a/adlist_hosts.go b/adlist_hosts.go
index 44996cc..1f33e50 100644
--- a/adlist_hosts.go
+++ b/adlist_hosts.go
@@ -107,6 +107,9 @@ func downloadDoubleThread() {
 			}
 			s := fileByLines(ZabovDoubleBL)
 			for _, v := range s {
+				if len(v) == 0 || strings.TrimSpace(v)[0] == '#' {
+					continue
+				}
 				configs := _urls[v]
 				if configs == nil {
 					configs = stringarray{}
diff --git a/adlist_single.go b/adlist_single.go
index aeeffbf..4e69c42 100644
--- a/adlist_single.go
+++ b/adlist_single.go
@@ -108,6 +108,9 @@ func downloadThread() {
 
 			s := fileByLines(ZabovSingleBL)
 			for _, v := range s {
+				if len(v) == 0 || strings.TrimSpace(v)[0] == '#' {
+					continue
+				}
 				configs := _urls[v]
 				if configs == nil {
 					configs = stringarray{}
diff --git a/hostfile.go b/hostfile.go
index c64cb98..63def50 100644
--- a/hostfile.go
+++ b/hostfile.go
@@ -4,6 +4,7 @@ import (
 	"bufio"
 	"fmt"
 	"os"
+	"strings"
 )
 
 func init() {
@@ -41,6 +42,9 @@ func ingestLocalBlacklists() {
 		scanner := bufio.NewScanner(file)
 		for scanner.Scan() {
 			d := scanner.Text()
+			if len(d) == 0 || strings.TrimSpace(d)[0] == '#' {
+				continue
+			}
 			DomainKill(d, ZabovHostsFile, configs)
 			incrementStats("Blacklist", 1)
 

From 0f046cf18edbae580d8fe462bfd811cfd5a3c84d Mon Sep 17 00:00:00 2001
From: bloved 
Date: Fri, 15 Jan 2021 18:50:59 +0100
Subject: [PATCH 11/16] - config:   - added new global setting "debugdbpath":
 if set to a directory name enables DNS queries logging in CLIENTIP-DATE.log
 file format

---
 01.conf.go     |   9 +++-
 dns_handler.go | 142 ++++++++++++++++++++++++++++++++++++++++++++++---
 main.go        |   3 ++
 3 files changed, 146 insertions(+), 8 deletions(-)

diff --git a/01.conf.go b/01.conf.go
index 078a33e..1b76029 100644
--- a/01.conf.go
+++ b/01.conf.go
@@ -43,11 +43,16 @@ func init() {
 	ZabovPort := zabov["port"].(string)
 	ZabovType := zabov["proto"].(string)
 	ZabovAddr := zabov["ipaddr"].(string)
-	DebugStr := (zabov["debug"].(string))
+
 	ZabovCacheTTL = int(zabov["cachettl"].(float64))
 	ZabovKillTTL = int(zabov["killfilettl"].(float64))
 
-	ZabovDebug = DebugStr == "true"
+	if zabov["debug"] != nil {
+		ZabovDebug = zabov["debug"].(string) == "true"
+	}
+	if zabov["debugdbpath"] != nil {
+		ZabovDebugDBPath = (zabov["debugdbpath"].(string))
+	}
 
 	if MyConf["configs"] == nil {
 		log.Println("configs not set: you shall set at least 'default' config")
diff --git a/dns_handler.go b/dns_handler.go
index 02a0eda..01a388c 100644
--- a/dns_handler.go
+++ b/dns_handler.go
@@ -1,18 +1,139 @@
 package main
 
 import (
+	"fmt"
 	"log"
 	"net"
+	"os"
+	"path"
 	"strings"
 	"time"
 
 	"github.com/miekg/dns"
 )
 
+var reqTypes map[uint16]string
+
 var weekdays []string
 
 func init() {
 	weekdays = []string{"Su", "Mo", "Tu", "We", "Th", "Fr", "Sa"}
+
+	if len(ZabovDebugDBPath) > 0 {
+		os.MkdirAll(ZabovDebugDBPath, 0755)
+	}
+
+	reqTypes = map[uint16]string{
+		dns.TypeNone:       "TypeNone",
+		dns.TypeA:          "TypeA",
+		dns.TypeNS:         "TypeNS",
+		dns.TypeMD:         "TypeMD",
+		dns.TypeMF:         "TypeMF",
+		dns.TypeCNAME:      "TypeCNAME",
+		dns.TypeSOA:        "TypeSOA",
+		dns.TypeMB:         "TypeMB",
+		dns.TypeMG:         "TypeMG",
+		dns.TypeMR:         "TypeMR",
+		dns.TypeNULL:       "TypeNULL",
+		dns.TypePTR:        "TypePTR",
+		dns.TypeHINFO:      "TypeHINFO",
+		dns.TypeMINFO:      "TypeMINFO",
+		dns.TypeMX:         "TypeMX",
+		dns.TypeTXT:        "TypeTXT",
+		dns.TypeRP:         "TypeRP",
+		dns.TypeAFSDB:      "TypeAFSDB",
+		dns.TypeX25:        "TypeX25",
+		dns.TypeISDN:       "TypeISDN",
+		dns.TypeRT:         "TypeRT",
+		dns.TypeNSAPPTR:    "TypeNSAPPTR",
+		dns.TypeSIG:        "TypeSIG",
+		dns.TypeKEY:        "TypeKEY",
+		dns.TypePX:         "TypePX",
+		dns.TypeGPOS:       "TypeGPOS",
+		dns.TypeAAAA:       "TypeAAAA",
+		dns.TypeLOC:        "TypeLOC",
+		dns.TypeNXT:        "TypeNXT",
+		dns.TypeEID:        "TypeEID",
+		dns.TypeNIMLOC:     "TypeNIMLOC",
+		dns.TypeSRV:        "TypeSRV",
+		dns.TypeATMA:       "TypeATMA",
+		dns.TypeNAPTR:      "TypeNAPTR",
+		dns.TypeKX:         "TypeKX",
+		dns.TypeCERT:       "TypeCERT",
+		dns.TypeDNAME:      "TypeDNAME",
+		dns.TypeOPT:        "TypeOPT",
+		dns.TypeAPL:        "TypeAPL",
+		dns.TypeDS:         "TypeDS",
+		dns.TypeSSHFP:      "TypeSSHFP",
+		dns.TypeRRSIG:      "TypeRRSIG",
+		dns.TypeNSEC:       "TypeNSEC",
+		dns.TypeDNSKEY:     "TypeDNSKEY",
+		dns.TypeDHCID:      "TypeDHCID",
+		dns.TypeNSEC3:      "TypeNSEC3",
+		dns.TypeNSEC3PARAM: "TypeNSEC3PARAM",
+		dns.TypeTLSA:       "TypeTLSA",
+		dns.TypeSMIMEA:     "TypeSMIMEA",
+		dns.TypeHIP:        "TypeHIP",
+		dns.TypeNINFO:      "TypeNINFO",
+		dns.TypeRKEY:       "TypeRKEY",
+		dns.TypeTALINK:     "TypeTALINK",
+		dns.TypeCDS:        "TypeCDS",
+		dns.TypeCDNSKEY:    "TypeCDNSKEY",
+		dns.TypeOPENPGPKEY: "TypeOPENPGPKEY",
+		dns.TypeCSYNC:      "TypeCSYNC",
+		dns.TypeSPF:        "TypeSPF",
+		dns.TypeUINFO:      "TypeUINFO",
+		dns.TypeUID:        "TypeUID",
+		dns.TypeGID:        "TypeGID",
+		dns.TypeUNSPEC:     "TypeUNSPEC",
+		dns.TypeNID:        "TypeNID",
+		dns.TypeL32:        "TypeL32",
+		dns.TypeL64:        "TypeL64",
+		dns.TypeLP:         "TypeLP",
+		dns.TypeEUI48:      "TypeEUI48",
+		dns.TypeEUI64:      "TypeEUI64",
+		dns.TypeURI:        "TypeURI",
+		dns.TypeCAA:        "TypeCAA",
+		dns.TypeAVC:        "TypeAVC",
+		dns.TypeTKEY:       "TypeTKEY",
+		dns.TypeTSIG:       "TypeTSIG",
+		dns.TypeIXFR:       "TypeIXFR",
+		dns.TypeAXFR:       "TypeAXFR",
+		dns.TypeMAILB:      "TypeMAILB",
+		dns.TypeMAILA:      "TypeMAILA",
+		dns.TypeANY:        "TypeANY",
+		dns.TypeTA:         "TypeTA",
+		dns.TypeDLV:        "TypeDLV",
+		dns.TypeReserved:   "TypeReserved"}
+}
+
+func logQuery(clientIP string, name string, reqType uint16, config string, timetable string, killed string) {
+	if len(ZabovDebugDBPath) > 0 {
+		var header string
+		d := time.Now().Format("2006-01-02")
+		logpath := path.Join(ZabovDebugDBPath, strings.Replace(clientIP, ":", "_", -1)+"-"+d+".log")
+
+		_, err1 := os.Stat(logpath)
+		if os.IsNotExist(err1) {
+			header = strings.Join([]string{"time", "clientIP", "name", "reqType", "config", "timetable", "killed"}, "\t")
+		}
+		f, err := os.OpenFile(logpath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+		if err == nil {
+			reqTypeName, err := reqTypes[reqType]
+			if !err {
+				reqTypeName = fmt.Sprintf("%d", reqType)
+			}
+			ct := time.Now().Format(time.RFC3339)
+			log := strings.Join([]string{ct, clientIP, strings.TrimRight(name, "."), reqTypeName, config, timetable, killed}, "\t")
+			if len(header) > 0 {
+				f.Write([]byte(header))
+				f.Write([]byte("\n"))
+			}
+			f.Write([]byte(log))
+			f.Write([]byte("\n"))
+			f.Close()
+		}
+	}
 }
 
 func getCurTime() (time.Time, error) {
@@ -53,25 +174,25 @@ func confFromTimeTable(timetable string) string {
 	return tt.cfgout
 }
 
-func confFromIP(clientIP net.IP) string {
+func confFromIP(clientIP net.IP) (string, string) {
 
 	for _, ipgroup := range ZabovIPGroups {
 		for _, ip := range ipgroup.ips {
 			if clientIP.Equal(ip) {
 				if len(ipgroup.timetable) > 0 {
-					return confFromTimeTable(ipgroup.timetable)
+					return confFromTimeTable(ipgroup.timetable), ipgroup.timetable
 				}
 				if ZabovDebug {
 					log.Println("confFromIP: ipgroup.cfg")
 				}
-				return ipgroup.cfg
+				return ipgroup.cfg, ""
 			}
 		}
 	}
 	if ZabovDebug {
 		log.Println("confFromIP: return default")
 	}
-	return "default"
+	return "default", ""
 }
 func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 	go incrementStats("TotalQueries", 1)
@@ -86,13 +207,14 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 	msg := dns.Msg{}
 	msg.SetReply(r)
 
-	config := confFromIP(net.ParseIP(remIP))
+	config, timetable := confFromIP(net.ParseIP(remIP))
 
 	if ZabovDebug {
 		log.Println("REQUEST:", remIP, config)
 	}
 	ZabovConfig := ZabovConfigs[config]
-	switch r.Question[0].Qtype {
+	QType := r.Question[0].Qtype
+	switch QType {
 	case dns.TypeA:
 		msg.Authoritative = true
 		domain := msg.Question[0].Name
@@ -108,6 +230,7 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 				Hdr: dns.RR_Header{Name: domain, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 60},
 				A:   net.ParseIP(ZabovIPAliases[fqdn]),
 			})
+			go logQuery(remIP, fqdn, QType, config, timetable, "alias")
 			break
 		}
 		if len(ZabovLocalResponder) > 0 {
@@ -116,6 +239,7 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 				config = "__localresponder__"
 				ret := ForwardQuery(r, config, true)
 				w.WriteMsg(ret)
+				go logQuery(remIP, fqdn, QType, config, timetable, "localresponder")
 				break
 			}
 
@@ -127,7 +251,9 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 				Hdr: dns.RR_Header{Name: domain, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 60},
 				A:   net.ParseIP(ZabovConfig.ZabovAddBL),
 			})
+			go logQuery(remIP, fqdn, QType, config, timetable, "killed")
 		} else {
+			go logQuery(remIP, fqdn, QType, config, timetable, "forwarded")
 			ret := ForwardQuery(r, config, false)
 			w.WriteMsg(ret)
 		}
@@ -142,9 +268,13 @@ func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
 		}
 		ret := ForwardQuery(r, config, true)
 		w.WriteMsg(ret)
+		go logQuery(remIP, msg.Question[0].Name, QType, config, timetable, "localresponder")
 	default:
 		ret := ForwardQuery(r, config, false)
 		w.WriteMsg(ret)
+		if len(ZabovDebugDBPath) > 0 {
+			go logQuery(remIP, msg.Question[0].Name, QType, config, timetable, "forwarded")
+		}
 	}
 	go incrementStats("CONFIG: "+config, 1)
 	w.WriteMsg(&msg)
diff --git a/main.go b/main.go
index 28ca5e9..aa65e20 100644
--- a/main.go
+++ b/main.go
@@ -25,6 +25,9 @@ var ZabovLocalDomain string
 //ZabovDebug activate more logging if set to true (global)
 var ZabovDebug bool
 
+//ZabovDebugDBPath path to store debug query logs: activate logging of each single query in a csv like file (global)
+var ZabovDebugDBPath string
+
 type handler struct{}
 
 // ZabovConfig contains all Zabov configs

From 85ff0dac525c17bb94caa8a3f9476e022ee678a8 Mon Sep 17 00:00:00 2001
From: bloved 
Date: Sat, 16 Jan 2021 00:11:54 +0100
Subject: [PATCH 12/16] - FIX: timetable eval time as "local time" (no UTC) -
 FIX: Dockerfile: added timezone configuration (defaults to CET), use TZ env
 var to change it

---
 Dockerfile.amd64   | 2 ++
 Dockerfile.arm32v7 | 2 ++
 Dockerfile.arm64v8 | 2 ++
 README.md          | 2 ++
 dns_handler.go     | 9 ++++++---
 5 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/Dockerfile.amd64 b/Dockerfile.amd64
index 0632b7b..5f6b923 100644
--- a/Dockerfile.amd64
+++ b/Dockerfile.amd64
@@ -10,9 +10,11 @@ FROM debian:latest
 RUN apt update
 RUN apt upgrade -y
 RUN apt install ca-certificates -y
+RUN apt install tzdata -y
 RUN mkdir -p /opt/zabov
 WORKDIR  /opt/zabov
 COPY --from=builder /go/src/zabov /opt/zabov 
 EXPOSE 53/udp
+ENV TZ Europe/Rome
 ENTRYPOINT ["/opt/zabov/zabov"]
 
diff --git a/Dockerfile.arm32v7 b/Dockerfile.arm32v7
index 606e3d4..633f3ee 100644
--- a/Dockerfile.arm32v7
+++ b/Dockerfile.arm32v7
@@ -10,8 +10,10 @@ FROM arm32v7/debian:latest
 RUN apt update
 RUN apt upgrade -y
 RUN apt install ca-certificates -y
+RUN apt install tzdata -y
 RUN mkdir -p /opt/zabov
 WORKDIR  /opt/zabov
 COPY --from=builder /go/src/zabov /opt/zabov 
 EXPOSE 53/udp
+ENV TZ Europe/Rome
 ENTRYPOINT ["/opt/zabov/zabov"]
diff --git a/Dockerfile.arm64v8 b/Dockerfile.arm64v8
index aa716eb..f1add2b 100644
--- a/Dockerfile.arm64v8
+++ b/Dockerfile.arm64v8
@@ -10,8 +10,10 @@ FROM arm64v8/debian:latest
 RUN apt update
 RUN apt upgrade -y
 RUN apt install ca-certificates -y
+RUN apt install tzdata -y
 RUN mkdir -p /opt/zabov
 WORKDIR  /opt/zabov
 COPY --from=builder /go/src/zabov /opt/zabov 
 EXPOSE 53/udp
+ENV TZ Europe/Rome
 ENTRYPOINT ["/opt/zabov/zabov"]
diff --git a/README.md b/README.md
index d38b8ba..2fbb528 100644
--- a/README.md
+++ b/README.md
@@ -176,6 +176,8 @@ ipgroups: an array of ipgroup dictionaries
 # DOCKER
 Multistage Dockerfiles are provided for AMD64, ARMv7, ARM64V8
 
+NOTE: you shall use TZ env var to change docker image timezone. TZ defaults to CET.
+
 # TODO:
 
 - ~~caching~~
diff --git a/dns_handler.go b/dns_handler.go
index 01a388c..51db447 100644
--- a/dns_handler.go
+++ b/dns_handler.go
@@ -105,6 +105,8 @@ func init() {
 		dns.TypeTA:         "TypeTA",
 		dns.TypeDLV:        "TypeDLV",
 		dns.TypeReserved:   "TypeReserved"}
+
+	fmt.Println("Local Time:", getLocalTime().Format(time.ANSIC))
 }
 
 func logQuery(clientIP string, name string, reqType uint16, config string, timetable string, killed string) {
@@ -136,8 +138,8 @@ func logQuery(clientIP string, name string, reqType uint16, config string, timet
 	}
 }
 
-func getCurTime() (time.Time, error) {
-	return time.Parse("15:04", time.Now().Format("15:04"))
+func getLocalTime() time.Time {
+	return time.Now().Local()
 }
 
 func confFromTimeTable(timetable string) string {
@@ -149,7 +151,8 @@ func confFromTimeTable(timetable string) string {
 		return "default"
 	}
 	for _, ttentry := range tt.table {
-		now := time.Now()
+		now := getLocalTime()
+
 		nowHour := now.Hour()
 		nowMinute := now.Minute()
 		weekday := weekdays[now.Weekday()]

From d2f8601185793534cc97ef89260119c72f71826d Mon Sep 17 00:00:00 2001
From: bloved 
Date: Sat, 16 Jan 2021 18:54:31 +0100
Subject: [PATCH 13/16] - added new setting: default/global timetable (
 config->zabov->timetable )   This table will be used for any client that is
 not already included in an IP group

---
 01.conf.go     |  9 +++++++++
 README.md      | 13 ++++++++++++-
 dns_handler.go |  7 +++++--
 main.go        |  3 +++
 4 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/01.conf.go b/01.conf.go
index 1b76029..580e115 100644
--- a/01.conf.go
+++ b/01.conf.go
@@ -216,6 +216,15 @@ func init() {
 		ZabovIPGroups = append(ZabovIPGroups, groupStruct)
 	}
 
+	if zabov["timetable"] != nil {
+		ZabovDefaultTimetable = zabov["timetable"].(string)
+		_, ok := ZabovTimetables[ZabovDefaultTimetable]
+		if !ok {
+			log.Println("inexistent timetable:", ZabovDefaultTimetable)
+			os.Exit(1)
+		}
+	}
+
 	localresponder := MyConf["localresponder"].(map[string]interface{})
 
 	if localresponder != nil {
diff --git a/README.md b/README.md
index 2fbb528..a1db98f 100644
--- a/README.md
+++ b/README.md
@@ -94,7 +94,9 @@ Advanced configuration includes support for multiple configurations based on IP
         "proto":"udp", 
         "ipaddr":"0.0.0.0",
         "cachettl": 1,
-        "killfilettl": 12
+        "killfilettl": 12,
+        "debug":"false",
+        "timetable":"tt_default"
     },
     "localresponder":{
         "responder":"192.168.178.1:53",
@@ -117,6 +119,11 @@ Advanced configuration includes support for multiple configurations based on IP
             "cfgin":"children_restricted",
             "cfgout":"default"
         }
+        "tt_default":{
+            "tables":[{"times":"8:30-22:30", "days":"Su"}],
+            "cfgin":"children",
+            "cfgout":"default"
+        }
     },
     "configs":{
         "default":{
@@ -144,6 +151,10 @@ Advanced configuration includes support for multiple configurations based on IP
 }
+Global zabov settings: + +- timetable: sets the global/default timetable. This table will be used for any client that is not already included in an IP group + localresponder: - allows to set a local DNS to respond for "local" domains. A domain name is handled as "local" if dosen't contains "." (dots) or if it ends with a well known prefix, such as ".local". Note: the cache is not used for local responder. diff --git a/dns_handler.go b/dns_handler.go index 51db447..bafd375 100644 --- a/dns_handler.go +++ b/dns_handler.go @@ -178,7 +178,6 @@ func confFromTimeTable(timetable string) string { } func confFromIP(clientIP net.IP) (string, string) { - for _, ipgroup := range ZabovIPGroups { for _, ip := range ipgroup.ips { if clientIP.Equal(ip) { @@ -186,12 +185,16 @@ func confFromIP(clientIP net.IP) (string, string) { return confFromTimeTable(ipgroup.timetable), ipgroup.timetable } if ZabovDebug { - log.Println("confFromIP: ipgroup.cfg") + log.Println("confFromIP: ipgroup.cfg", ipgroup.cfg) } return ipgroup.cfg, "" } } } + if len(ZabovDefaultTimetable) > 0 { + return confFromTimeTable(ZabovDefaultTimetable), ZabovDefaultTimetable + } + if ZabovDebug { log.Println("confFromIP: return default") } diff --git a/main.go b/main.go index aa65e20..3f778ce 100644 --- a/main.go +++ b/main.go @@ -22,6 +22,9 @@ var ZabovLocalResponder string //ZabovLocalDomain is the default local domain (global) var ZabovLocalDomain string +//ZabovDefaultTimetable is the default timetable, applied to any client that is not already in any IP Group (global) +var ZabovDefaultTimetable string + //ZabovDebug activate more logging if set to true (global) var ZabovDebug bool From 740e0a387b583c37ffdc3362c5e39a8f95f3f114 Mon Sep 17 00:00:00 2001 From: bloved Date: Sat, 16 Jan 2021 23:26:29 +0100 Subject: [PATCH 14/16] - removed unused/commented code - ZabovCreateKDB is called only on active configurations --- 00.database.go | 10 ---------- 01.conf.go | 30 +++++++++++++++++++++++++----- 2 files changed, 25 insertions(+), 15 deletions(-) diff --git a/00.database.go b/00.database.go index 62cdd6c..67fdba8 100644 --- a/00.database.go +++ b/00.database.go @@ -7,9 +7,6 @@ import ( "github.com/syndtr/goleveldb/leveldb" ) -//MyZabovKDB is the storage where we'll put domains to block (obsolete) -//var MyZabovKDB *leveldb.DB - //MyZabovCDB is the storage where we'll put domains to cache (global for all configs) var MyZabovCDB *leveldb.DB @@ -23,13 +20,6 @@ func init() { os.RemoveAll("./db") os.MkdirAll("./db", 0755) - /* - MyZabovKDB, err = leveldb.OpenFile("./db/killfile", nil) - if err != nil { - fmt.Println("Cannot create Killfile db: ", err.Error()) - } else { - fmt.Println("Killfile DB created") - }*/ MyZabovCDB, err = leveldb.OpenFile("./db/cache", nil) if err != nil { diff --git a/01.conf.go b/01.conf.go index 580e115..a48e951 100644 --- a/01.conf.go +++ b/01.conf.go @@ -38,6 +38,9 @@ func init() { MyConf := MyConfRaw.(map[string]interface{}) + //****************************** + // zabov section (global config) + //****************************** zabov := MyConf["zabov"].(map[string]interface{}) ZabovPort := zabov["port"].(string) @@ -82,6 +85,9 @@ func init() { ZabovTimetables = map[string]*ZabovTimetable{} ZabovIPAliases = map[string]string{} + //******************* + // IP aliases section + //******************* IPAliasesRaw := MyConf["ipaliases"].(map[string]interface{}) for alias, ip := range IPAliasesRaw { @@ -89,6 +95,9 @@ func init() { ZabovIPAliases[alias] = ip.(string) } + //**************** + // configs section + //**************** for name, v := range configs { fmt.Println("evaluaing config name:", name) confRaw := v.(map[string]interface{}) @@ -101,11 +110,15 @@ func init() { conf.ZabovDNSArray = fileByLines(conf.ZabovUpDNS) ZabovConfigs[name] = &conf - ZabovCreateKDB(name) + } + // default config is mandatory ZabovConfigs["default"].references++ + //******************* + // timetables section + //******************* timetables := MyConf["timetables"].(map[string]interface{}) for name, v := range timetables { @@ -174,6 +187,9 @@ func init() { ZabovTimetables[name] = &timetable } + //****************** + // IP groups section + //****************** IPGroups := MyConf["ipgroups"].([]interface{}) fmt.Println("evaluating IP Groups: ", len(IPGroups)) @@ -225,6 +241,9 @@ func init() { } } + //************************ + // Local responser section + //************************ localresponder := MyConf["localresponder"].(map[string]interface{}) if localresponder != nil { @@ -241,15 +260,16 @@ func init() { } } + //****************************************** + // clearing unused config to save resources + //****************************************** for name, conf := range ZabovConfigs { if conf.references == 0 { log.Println("WARNING: disabling unused configuration:", name) delete(ZabovConfigs, name) + } else { + ZabovCreateKDB(name) } } - //fmt.Println("ZabovConfigs:", ZabovConfigs) - //fmt.Println("ZabovTimetables:", ZabovTimetables) - //fmt.Println("ZabovIPAliases:", ZabovIPAliases) - //fmt.Println("ZabovIPGroups:", ZabovIPGroups) } From 749029ba5bb0db83341c8eb6e4e03280fedf4c4a Mon Sep 17 00:00:00 2001 From: bloved Date: Sun, 17 Jan 2021 15:28:20 +0100 Subject: [PATCH 15/16] - FIX: optional settings were not optional - Dockerfile: updated golang image to 1.15.6 - config.json: restored minimal settings - added config.sample.json with all advanced settings - urls-domains-updated.txt: removed/updated obsolete urls (CHEF-KOCH, malwaredomains.com) --- 01.conf.go | 209 +++++++++++++++++++++++---------------------- Dockerfile.amd64 | 3 +- Dockerfile.arm32v7 | 2 +- Dockerfile.arm64v8 | 2 +- config.json | 37 -------- config.sample.json | 57 +++++++++++++ urls-domains.txt | 32 +++---- 7 files changed, 184 insertions(+), 158 deletions(-) create mode 100644 config.sample.json diff --git a/01.conf.go b/01.conf.go index a48e951..c0d788e 100644 --- a/01.conf.go +++ b/01.conf.go @@ -88,11 +88,13 @@ func init() { //******************* // IP aliases section //******************* - IPAliasesRaw := MyConf["ipaliases"].(map[string]interface{}) + if MyConf["ipaliases"] != nil { + IPAliasesRaw := MyConf["ipaliases"].(map[string]interface{}) - for alias, ip := range IPAliasesRaw { - fmt.Println("IP Alias:", alias, ip) - ZabovIPAliases[alias] = ip.(string) + for alias, ip := range IPAliasesRaw { + fmt.Println("IP Alias:", alias, ip) + ZabovIPAliases[alias] = ip.(string) + } } //**************** @@ -119,117 +121,121 @@ func init() { //******************* // timetables section //******************* - timetables := MyConf["timetables"].(map[string]interface{}) + if MyConf["timetables"] != nil { + timetables := MyConf["timetables"].(map[string]interface{}) - for name, v := range timetables { - fmt.Println("evaluaing timetable name:", name) - timetableRaw := v.(map[string]interface{}) - var timetable ZabovTimetable + for name, v := range timetables { + fmt.Println("evaluaing timetable name:", name) + timetableRaw := v.(map[string]interface{}) + var timetable ZabovTimetable - timetable.cfgin = timetableRaw["cfgin"].(string) - timetable.cfgout = timetableRaw["cfgout"].(string) + timetable.cfgin = timetableRaw["cfgin"].(string) + timetable.cfgout = timetableRaw["cfgout"].(string) - if timetable.cfgin == "" { - timetable.cfgin = "default" - } - if timetable.cfgout == "" { - timetable.cfgout = "default" - } + if timetable.cfgin == "" { + timetable.cfgin = "default" + } + if timetable.cfgout == "" { + timetable.cfgout = "default" + } - refConfig, ok := ZabovConfigs[timetable.cfgin] - if !ok { - log.Println("timetable: inexistent cfgin:", timetable.cfgin) - os.Exit(1) - } + refConfig, ok := ZabovConfigs[timetable.cfgin] + if !ok { + log.Println("timetable: inexistent cfgin:", timetable.cfgin) + os.Exit(1) + } - refConfig.references++ - refConfig, ok = ZabovConfigs[timetable.cfgout] - if !ok { - log.Println("timetable: inexistent cfgout:", timetable.cfgout) - os.Exit(1) - } - refConfig.references++ + refConfig.references++ + refConfig, ok = ZabovConfigs[timetable.cfgout] + if !ok { + log.Println("timetable: inexistent cfgout:", timetable.cfgout) + os.Exit(1) + } + refConfig.references++ - tables := timetableRaw["tables"].([]interface{}) + tables := timetableRaw["tables"].([]interface{}) - for i := range tables { - table := tables[i].(map[string]interface{}) - var ttEntry ZabovTimetableEntry - ttEntry.times = []*ZabovTimeRange{} - for _, tRaw := range strings.Split(table["times"].(string), ";") { - tRawArr := strings.Split(tRaw, "-") - if len(tRawArr) > 1 { - startArr := strings.Split(tRawArr[0], ":") - stopArr := strings.Split(tRawArr[1], ":") + for i := range tables { + table := tables[i].(map[string]interface{}) + var ttEntry ZabovTimetableEntry + ttEntry.times = []*ZabovTimeRange{} + for _, tRaw := range strings.Split(table["times"].(string), ";") { + tRawArr := strings.Split(tRaw, "-") + if len(tRawArr) > 1 { + startArr := strings.Split(tRawArr[0], ":") + stopArr := strings.Split(tRawArr[1], ":") - if len(startArr) > 1 && len(stopArr) > 1 { - hourStart, _ := strconv.Atoi(startArr[0]) - minuteStart, _ := strconv.Atoi(startArr[1]) - start := ZabovTime{hour: hourStart, minute: minuteStart} + if len(startArr) > 1 && len(stopArr) > 1 { + hourStart, _ := strconv.Atoi(startArr[0]) + minuteStart, _ := strconv.Atoi(startArr[1]) + start := ZabovTime{hour: hourStart, minute: minuteStart} - hourStop, _ := strconv.Atoi(stopArr[0]) - minuteStop, _ := strconv.Atoi(stopArr[1]) - stop := ZabovTime{hour: hourStop, minute: minuteStop} - t := ZabovTimeRange{start: start, stop: stop} - ttEntry.times = append(ttEntry.times, &t) + hourStop, _ := strconv.Atoi(stopArr[0]) + minuteStop, _ := strconv.Atoi(stopArr[1]) + stop := ZabovTime{hour: hourStop, minute: minuteStop} + t := ZabovTimeRange{start: start, stop: stop} + ttEntry.times = append(ttEntry.times, &t) + } } + } - } + ttEntry.days = map[string]bool{} + for _, day := range strings.Split(table["days"].(string), ";") { + ttEntry.days[day] = true + } - ttEntry.days = map[string]bool{} - for _, day := range strings.Split(table["days"].(string), ";") { - ttEntry.days[day] = true + timetable.table = append(timetable.table, &ttEntry) } - - timetable.table = append(timetable.table, &ttEntry) + ZabovTimetables[name] = &timetable } - ZabovTimetables[name] = &timetable } //****************** // IP groups section //****************** - IPGroups := MyConf["ipgroups"].([]interface{}) + if MyConf["ipgroups"] != nil { + IPGroups := MyConf["ipgroups"].([]interface{}) - fmt.Println("evaluating IP Groups: ", len(IPGroups)) - for i := range IPGroups { - fmt.Println("evaluating IP Group n.", i) - var groupStruct ZabovIPGroup - groupMap := IPGroups[i].(map[string]interface{}) - IPsRaw := groupMap["ips"].([]interface{}) - groupStruct.ips = []net.IP{} - for x := range IPsRaw { - ipRaw := IPsRaw[x].(string) - ip := net.ParseIP(ipRaw) - fmt.Println("adding IP ", ipRaw) + fmt.Println("evaluating IP Groups: ", len(IPGroups)) + for i := range IPGroups { + fmt.Println("evaluating IP Group n.", i) + var groupStruct ZabovIPGroup + groupMap := IPGroups[i].(map[string]interface{}) + IPsRaw := groupMap["ips"].([]interface{}) + groupStruct.ips = []net.IP{} + for x := range IPsRaw { + ipRaw := IPsRaw[x].(string) + ip := net.ParseIP(ipRaw) + fmt.Println("adding IP ", ipRaw) - alias, ok := ZabovIPAliases[ipRaw] - if ok { - fmt.Println("IP alias: ", ipRaw, alias) - ip = net.ParseIP(alias) + alias, ok := ZabovIPAliases[ipRaw] + if ok { + fmt.Println("IP alias: ", ipRaw, alias) + ip = net.ParseIP(alias) + } + groupStruct.ips = append(groupStruct.ips, ip) } - groupStruct.ips = append(groupStruct.ips, ip) - } - groupStruct.cfg = groupMap["cfg"].(string) - groupStruct.timetable = groupMap["timetable"].(string) - if len(groupStruct.cfg) > 0 { - refConfig, ok := ZabovConfigs[groupStruct.cfg] + groupStruct.cfg = groupMap["cfg"].(string) + groupStruct.timetable = groupMap["timetable"].(string) + if len(groupStruct.cfg) > 0 { + refConfig, ok := ZabovConfigs[groupStruct.cfg] + if !ok { + log.Println("ipgroups: inexistent cfg:", groupStruct.cfg) + os.Exit(1) + } else { + refConfig.references++ + } + } + fmt.Println("cfg:", groupStruct.cfg) + fmt.Println("timetable:", groupStruct.timetable) + _, ok := ZabovTimetables[groupStruct.timetable] if !ok { - log.Println("ipgroups: inexistent cfg:", groupStruct.cfg) + log.Println("inexistent timetable:", groupStruct.timetable) os.Exit(1) - } else { - refConfig.references++ } + ZabovIPGroups = append(ZabovIPGroups, groupStruct) } - fmt.Println("cfg:", groupStruct.cfg) - fmt.Println("timetable:", groupStruct.timetable) - _, ok := ZabovTimetables[groupStruct.timetable] - if !ok { - log.Println("inexistent timetable:", groupStruct.timetable) - os.Exit(1) - } - ZabovIPGroups = append(ZabovIPGroups, groupStruct) } if zabov["timetable"] != nil { @@ -244,24 +250,25 @@ func init() { //************************ // Local responser section //************************ - localresponder := MyConf["localresponder"].(map[string]interface{}) + if MyConf["localresponder"] != nil { + localresponder := MyConf["localresponder"].(map[string]interface{}) - if localresponder != nil { - if localresponder["responder"] != nil { - ZabovLocalResponder = localresponder["responder"].(string) - if len(ZabovLocalResponder) > 0 { - local := ZabovConfig{ZabovDNSArray: []string{ZabovLocalResponder}, references: 1} - ZabovConfigs["__localresponder__"] = &local - fmt.Println("ZabovLocalResponder:", ZabovLocalResponder) + if localresponder != nil { + if localresponder["responder"] != nil { + ZabovLocalResponder = localresponder["responder"].(string) + if len(ZabovLocalResponder) > 0 { + local := ZabovConfig{ZabovDNSArray: []string{ZabovLocalResponder}, references: 1} + ZabovConfigs["__localresponder__"] = &local + fmt.Println("ZabovLocalResponder:", ZabovLocalResponder) + } + } + if localresponder["localdomain"] != nil { + ZabovLocalDomain = localresponder["localdomain"].(string) } } - if localresponder["localdomain"] != nil { - ZabovLocalDomain = localresponder["localdomain"].(string) - } } - //****************************************** - // clearing unused config to save resources + // clearing unused configs to save resources //****************************************** for name, conf := range ZabovConfigs { if conf.references == 0 { diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 5f6b923..6402889 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -1,4 +1,4 @@ -FROM golang:1.14.1 AS builder +FROM arm64v8/golang:1.15.6 AS builder RUN apt install git -y RUN mkdir -p /go/src/zabov RUN git clone https://git.keinpfusch.net/loweel/zabov /go/src/zabov @@ -17,4 +17,3 @@ COPY --from=builder /go/src/zabov /opt/zabov EXPOSE 53/udp ENV TZ Europe/Rome ENTRYPOINT ["/opt/zabov/zabov"] - diff --git a/Dockerfile.arm32v7 b/Dockerfile.arm32v7 index 633f3ee..57206ff 100644 --- a/Dockerfile.arm32v7 +++ b/Dockerfile.arm32v7 @@ -1,4 +1,4 @@ -FROM arm32v7/golang:1.14.1 AS builder +FROM arm64v8/golang:1.15.6 AS builder RUN apt install git -y RUN mkdir -p /go/src/zabov RUN git clone https://git.keinpfusch.net/loweel/zabov /go/src/zabov diff --git a/Dockerfile.arm64v8 b/Dockerfile.arm64v8 index f1add2b..6577e05 100644 --- a/Dockerfile.arm64v8 +++ b/Dockerfile.arm64v8 @@ -1,4 +1,4 @@ -FROM arm64v8/golang:1.14.1 AS builder +FROM arm64v8/golang:1.15.6 AS builder RUN apt install git -y RUN mkdir -p /go/src/zabov RUN git clone https://git.keinpfusch.net/loweel/zabov /go/src/zabov diff --git a/config.json b/config.json index e320ef3..3ca894d 100644 --- a/config.json +++ b/config.json @@ -6,28 +6,6 @@ "cachettl": 1, "killfilettl": 12 }, - "localresponder":{ - "responder":"192.168.178.1:53", - "localdomain":"fritz.box" - }, - "ipaliases":{ - "pc8":"192.168.178.29", - "localhost":"127.0.0.1" - }, - "ipgroups":[ - { - "ips":["localhost", "::1", "192.168.178.30", "192.168.178.31", "pc8"], - "cfg":"", - "timetable":"tt_children" - } - ], - "timetables":{ - "tt_children":{ - "tables":[{"times":"00:00-05:00;8:30-12:30;18:30-22:59", "days":"Mo;Tu;We;Th;Fr;Sa;Su"}], - "cfgin":"children_restricted", - "cfgout":"children" - } - }, "configs":{ "default":{ "upstream":"./dns-upstream.txt", @@ -35,21 +13,6 @@ "doublefilters":"./urls-hosts.txt", "blackholeip":"127.0.0.1", "hostsfile":"./urls-local.txt" - }, - "children":{ - "upstream":"./dns-upstream.txt", - "singlefilters":"./urls-domains.txt", - "doublefilters":"./urls-hosts.txt", - "blackholeip":"127.0.0.1", - "hostsfile":"./urls-local.txt" - }, - "children_restricted":{ - "upstream":"./dns-upstream.txt", - "singlefilters":"./urls-domains.txt", - "doublefilters":"./urls-hosts.txt", - "blackholeip":"127.0.0.1", - "hostsfile":"./urls-local.txt" } } - } diff --git a/config.sample.json b/config.sample.json new file mode 100644 index 0000000..cd68e77 --- /dev/null +++ b/config.sample.json @@ -0,0 +1,57 @@ +{ + "zabov":{ + "port":"53", + "proto":"udp", + "ipaddr":"0.0.0.0", + "cachettl": 1, + "killfilettl": 12, + "debug":"true", + "debugdbpath":"./logs", + "timetable":"" + }, + "localresponder":{ + "responder":"192.168.1.1:53", + "localdomain":".local" + }, + "ipaliases":{ + "pc8":"192.168.1.2", + }, + "ipgroups":[ + { + "ips":["pc8"], + "cfg":"", + "timetable":"tt_children" + } + ], + "timetables":{ + "tt_children":{ + "tables":[{"times":"9:30-11:30", "days":"Mo;Tu;We;Th;Fr;Sa"}], + "cfgin":"children_restricted", + "cfgout":"children" + } + }, + "configs":{ + "default":{ + "upstream":"./dns-upstream.txt", + "singlefilters":"./urls-domains-updated.txt", + "doublefilters":"./urls-hosts-normal.txt", + "blackholeip":"127.0.0.1", + "hostsfile":"./urls-local-normal.txt" + }, + "children":{ + "upstream":"./dns-familyscreen.txt", + "singlefilters":"./urls-domains-updated.txt", + "doublefilters":"./urls-hosts-nofb.txt", + "blackholeip":"127.0.0.1", + "hostsfile":"./urls-local-normal.txt" + }, + "children_restricted":{ + "upstream":"./dns-familyscreen.txt", + "singlefilters":"./urls-domains-updated.txt", + "doublefilters":"./urls-hosts-nofb.txt", + "blackholeip":"127.0.0.1", + "hostsfile":"./urls-local-restricted.txt" + } + } + +} diff --git a/urls-domains.txt b/urls-domains.txt index 579b04a..756abe4 100644 --- a/urls-domains.txt +++ b/urls-domains.txt @@ -1,12 +1,8 @@ -https://mirror1.malwaredomains.com/files/justdomains https://raw.githubusercontent.com/hectorm/hmirror/master/data/adaway.org/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/adblock-nocoin-list/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/adguard-simplified/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/anudeepnd-adservers/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-ad/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-malvertising/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-malware/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-tracking/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/antipopads/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/digitalside-threat-intel/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/easylist/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/easyprivacy/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/eth-phishing-detect/list.txt @@ -14,24 +10,28 @@ https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.2o7ne https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.dead/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.risk/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.spam/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/gfrogeye-firstparty-trackers/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/hostsvn/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/kadhosts/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomainlist.com/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomains.com-immortaldomains/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomains.com-justdomains/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/lightswitch05-ads-and-tracking/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/matomo.org-spammers/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/mitchellkrogza-badd-boyz-hosts/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/pgl.yoyo.org/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/ransomwaretracker.abuse.ch/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/phishing.army/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/socram8888-notonmyshift/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/someonewhocares.org/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/spam404.com/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/stevenblack/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/ublock/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/ublock-abuse/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/ublock-badware/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/ublock-privacy/list.txt +https://raw.githubusercontent.com/hectorm/hmirror/master/data/urlhaus/list.txt https://raw.githubusercontent.com/hectorm/hmirror/master/data/winhelp2002.mvps.org/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/zerodot1-coinblockerlists-browser/list.txt -https://raw.githubusercontent.com/hectorm/hmirror/master/data/zeustracker.abuse.ch/list.txt -https://raw.githubusercontent.com/CHEF-KOCH/Audio-fingerprint-pages/master/AudioFp.txt -https://raw.githubusercontent.com/CHEF-KOCH/Canvas-fingerprinting-pages/master/Canvas.txt -https://raw.githubusercontent.com/CHEF-KOCH/WebRTC-tracking/master/WebRTC.txt -https://raw.githubusercontent.com/CHEF-KOCH/CKs-FilterList/master/Anti-Corp/hosts/NSABlocklist.txt + + https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt https://www.stopforumspam.com/downloads/toxic_domains_whole.txt + +https://mirror.cedia.org.ec/malwaredomains/immortal_domains.txt From 0752a7e443c6501a70e7654c313016d121df74bf Mon Sep 17 00:00:00 2001 From: bloved Date: Sun, 17 Jan 2021 16:15:12 +0100 Subject: [PATCH 16/16] - FIX: Query logger: moved to different thread to serialize access to log file --- 00.database.go | 2 +- dns_handler.go | 39 +++++++++++++++++++++++++++++++++------ 2 files changed, 34 insertions(+), 7 deletions(-) diff --git a/00.database.go b/00.database.go index 67fdba8..ac4889b 100644 --- a/00.database.go +++ b/00.database.go @@ -40,7 +40,7 @@ func ZabovCreateKDB(conf string) { if err != nil { fmt.Println("Cannot create Killfile db: ", err.Error()) } else { - fmt.Println("Killfile DB created") + fmt.Println("Killfile DB created:", dbname) } MyZabovKDBs[conf] = KDB diff --git a/dns_handler.go b/dns_handler.go index bafd375..12c6801 100644 --- a/dns_handler.go +++ b/dns_handler.go @@ -16,7 +16,20 @@ var reqTypes map[uint16]string var weekdays []string +type logItem struct { + clientIP string + name string + reqType uint16 + config string + timetable string + killed string +} + +// logChannel used by logging thread +var logChannel chan logItem + func init() { + weekdays = []string{"Su", "Mo", "Tu", "We", "Th", "Fr", "Sa"} if len(ZabovDebugDBPath) > 0 { @@ -107,13 +120,18 @@ func init() { dns.TypeReserved: "TypeReserved"} fmt.Println("Local Time:", getLocalTime().Format(time.ANSIC)) + + if len(ZabovDebugDBPath) > 0 { + logChannel = make(chan logItem, 1024) + go logWriteThread() + } } -func logQuery(clientIP string, name string, reqType uint16, config string, timetable string, killed string) { - if len(ZabovDebugDBPath) > 0 { +func logWriteThread() { + for item := range logChannel { var header string d := time.Now().Format("2006-01-02") - logpath := path.Join(ZabovDebugDBPath, strings.Replace(clientIP, ":", "_", -1)+"-"+d+".log") + logpath := path.Join(ZabovDebugDBPath, strings.Replace(item.clientIP, ":", "_", -1)+"-"+d+".log") _, err1 := os.Stat(logpath) if os.IsNotExist(err1) { @@ -121,12 +139,12 @@ func logQuery(clientIP string, name string, reqType uint16, config string, timet } f, err := os.OpenFile(logpath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) if err == nil { - reqTypeName, err := reqTypes[reqType] + reqTypeName, err := reqTypes[item.reqType] if !err { - reqTypeName = fmt.Sprintf("%d", reqType) + reqTypeName = fmt.Sprintf("%d", item.reqType) } ct := time.Now().Format(time.RFC3339) - log := strings.Join([]string{ct, clientIP, strings.TrimRight(name, "."), reqTypeName, config, timetable, killed}, "\t") + log := strings.Join([]string{ct, item.clientIP, strings.TrimRight(item.name, "."), reqTypeName, item.config, item.timetable, item.killed}, "\t") if len(header) > 0 { f.Write([]byte(header)) f.Write([]byte("\n")) @@ -138,6 +156,15 @@ func logQuery(clientIP string, name string, reqType uint16, config string, timet } } +func logQuery(clientIP string, name string, reqType uint16, config string, timetable string, killed string) { + if len(ZabovDebugDBPath) > 0 { + k := logItem{clientIP: clientIP, name: name, reqType: reqType, config: config, timetable: timetable, killed: killed} + + logChannel <- k + + } +} + func getLocalTime() time.Time { return time.Now().Local() }