From c96c9f23e2f5793bfe4b53cecacbc5320912a4df Mon Sep 17 00:00:00 2001 From: bloved Date: Thu, 14 Jan 2021 17:15:27 +0100 Subject: [PATCH] - disabled verbose logs - updated documentation in README.md --- README.md | 123 ++++++++++++++++++++++++++++++++++++++++++------- dns_handler.go | 11 ++--- 2 files changed, 112 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index 6a84604..b878c37 100644 --- a/README.md +++ b/README.md @@ -44,42 +44,133 @@ The second is the format zabov calls "doublefilter" (a file in "/etc/hosts" form This is why configuration file has two separated items. -The config file should look like: +Minimal config file should look like: 
 {
-    "zabov": {  
+    "zabov":{
         "port":"53", 
         "proto":"udp", 
-        "ipaddr":"127.0.0.1",
-        "upstream":"./dns-upstream.txt",
-        "cachettl": "4",
-        "killfilettl": "12",
-        "singlefilters":"./urls-hosts.txt" ,
-        "doublefilters":"./urls-domains.txt", 
-        "blackholeip":"127.0.0.1",
-        "hostsfile":"./urls-local.txt"
+        "ipaddr":"0.0.0.0",
+        "cachettl": 1,
+        "killfilettl": 12
+    },
+    "configs":{
+        "default":{
+            "upstream":"./dns-upstream.txt",
+            "singlefilters":"./urls-domains.txt",
+            "doublefilters":"./urls-hosts.txt", 
+            "blackholeip":"127.0.0.1",
+            "hostsfile":"./urls-local.txt"
+        },
     }
-
 }
-
-
-
-Where: +Global zabov settings: - port is the port number. Usually is 53, you can change for docker, if you like - proto is the protocol. Choices are "udp", "tcp", "tcp/udp" - ipaddr is the port to listen to. Maybe empty, (which will result in listening to 0.0.0.0) to avoid issues with docker. -- upstream: file containing all DNS we want to query : each line in format IP:PORT - cachettl: amount of time the cache is kept (in hours) - killfilettl: refresh time for _killfiles_ + +configs: +- contains multiple zabov configuration dictionaries. "default" configuration name is mandatory +- upstream: file containing all DNS we want to query : each line in format IP:PORT - singlefilters: name of the file for blacklists following the "singlefilter" schema.(one URL per line) - doublefilters: name of the file, for blacklists following the "doublefilter" schema.(one URL per line) - blackholeip: IP address to return when the IP is banned. This is because you may want to avoid MX issues, mail loops on localhost, or you have a web server running on localhost - hostsfile: path where you keep your local blacklistfile : this is in the format "singlefilter", meaning one domain per line, unlike hosts file. + +Advanced configuration includes support for multiple configuration based on IP Soruce and timetables: +
+{
+    "zabov":{
+        "port":"53", 
+        "proto":"udp", 
+        "ipaddr":"0.0.0.0",
+        "cachettl": 1,
+        "killfilettl": 12
+    },
+    "localresponder":{
+        "responder":"192.168.178.1:53",
+        "localdomain":"fritz.box"
+    },
+    "ipaliases":{
+        "pc8":"192.168.178.29",
+        "localhost":"127.0.0.1"
+    },
+    "ipgroups":[
+        {
+            "ips":["localhost", "::1", "192.168.178.30", "192.168.178.31", "pc8"],
+            "cfg":"",
+            "timetable":"tt_children"
+        }
+    ],
+    "timetables":{
+        "tt_children":{
+            "tables":[{"times":"00:00-05:00;8:30-12:30;18:30-22:59", "days":"Mo;Tu;We;Th;Fr;Sa;Su"}],
+            "cfgin":"children_restricted",
+            "cfgout":"default"
+        }
+    },
+    "configs":{
+        "default":{
+            "upstream":"./dns-upstream.txt",
+            "singlefilters":"./urls-domains.txt",
+            "doublefilters":"./urls-hosts.txt", 
+            "blackholeip":"127.0.0.1",
+            "hostsfile":"./urls-local.txt"
+        },
+        "children":{
+            "upstream":"./dns-upstream-safe.txt",
+            "singlefilters":"./urls-domains.txt",
+            "doublefilters":"./urls-hosts.txt", 
+            "blackholeip":"127.0.0.1",
+            "hostsfile":"./urls-local.txt"
+        },
+        "children_restricted":{
+            "upstream":"./dns-upstream-safe.txt",
+            "singlefilters":"./urls-domains-restricted.txt",
+            "doublefilters":"./urls-hosts-restricted.txt", 
+            "blackholeip":"127.0.0.1",
+            "hostsfile":"./urls-local.txt"
+        }
+    }
+}
+
+ +localresponder: + - allows to set a local DNS to respond for "local" domains. A domain name is handled as "local" if dosen't contains "." (dots) or if it ends with a well known prefix, such as ".local". + Note: the cache is not used for local responder. + - responder: is the local DNS server address in the IP:PORT format. + - localdomain: is the suffix for local domain names. All domains ending with this prefix are resolved by local responder + +ipaliases: a dictionary of IPs + - each entry in this dictionary define a domain-alias name and his IP address. It works as replacement of /etc/hosts file. + - each entry is used by Zabov to resolve that names and to replace any value in the ipgroups.ips array. + +timetables: a dictionary of timetable dictionaries + - allow to define timetables in the format "time-ranges" and "days-of-week" + - tables: contain an array of dictionaries, each defining a time rule. + - each table is a dictinary containing "time" and "days" values + - time: is a string in the form "start:time1-stop:time1;start:time2-stop:time2..." + - days: is a string containing semicolon separated day names to apply the rule such as "Mo;Tu;We;Th;Fr" + - days names are: "Mo", "Tu" "We", "Th", "Fr", "Sa", "Su" + - empty value means all week-days + You can define complex time rules using more than one entry in this dictionay + - cfgin: is the name of the configuration to apply if current time is "inside" the timetable + - cfgout: is the name of the configuration to apply if current time is "outside" the timetable + +ipgroups: an array of ipgroup dictionaries + - let you define a set of IP addresses that shall use a configuration other than "default" + - ips: is an array of strings, each containing an ip address or a name defined in the "ipaliases" config branch + - cfg: is a string containing the name of the configuration to be used for this group; ignored if timetable is also defined + - timetable: is a string containing the name of the tiemtable to be aplied to this group + + # DOCKER Multistage Dockerfiles are provided for AMD64, ARMv7, ARM64V8 diff --git a/dns_handler.go b/dns_handler.go index ed88805..c09a046 100644 --- a/dns_handler.go +++ b/dns_handler.go @@ -1,7 +1,6 @@ package main import ( - "fmt" "net" "strings" "time" @@ -22,7 +21,7 @@ func getCurTime() (time.Time, error) { func confFromTimeTable(timetable string) string { tt := ZabovTimetables[timetable] if tt == nil { - fmt.Println("confFromTimeTable: return default") + //fmt.Println("confFromTimeTable: return default") return "default" } for _, ttentry := range tt.table { @@ -36,14 +35,14 @@ func confFromTimeTable(timetable string) string { if (nowHour > t.start.hour || (nowHour == t.start.hour && nowMinute >= t.start.minute)) && (nowHour < t.stop.hour || (nowHour == t.stop.hour && nowMinute <= t.stop.minute)) { go incrementStats("TIMETABLE IN: "+timetable, 1) - fmt.Println("confFromTimeTable: return IN", tt.cfgin) + //fmt.Println("confFromTimeTable: return IN", tt.cfgin) return tt.cfgin } } } } go incrementStats("TIMETABLE OUT: "+timetable, 1) - fmt.Println("confFromTimeTable: return OUT", tt.cfgout) + //fmt.Println("confFromTimeTable: return OUT", tt.cfgout) return tt.cfgout } @@ -55,12 +54,12 @@ func confFromIP(clientIP net.IP) string { if len(ipgroup.timetable) > 0 { return confFromTimeTable(ipgroup.timetable) } - fmt.Println("confFromIP: ipgroup.cfg") + //fmt.Println("confFromIP: ipgroup.cfg") return ipgroup.cfg } } } - fmt.Println("confFromIP: return default") + //fmt.Println("confFromIP: return default") return "default" } func (mydns *handler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {