Github
/
FTL
mirror of
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change priorities such that special domains (Firefox and Apple at this time) can be explicitly allowed for some clients (per group assignments) while they stay blocked for all others in the network 

Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER 2023-12-06 23:46:53 +01:00
parent ade6e67ae2
commit 05b689422d
No known key found for this signature in database
GPG Key ID: 00135ACBD90B28DD
1 changed files with 27 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/dnsmasq_interface.c
View File

@ -1392,8 +1392,33 @@ static bool _FTL_check_blocking(int queryID, int domainID, int clientID, const c
break;
}
// Not in FTL's cache. Check if this is a special domain
if(special_domain(query, domainstr))
// Skip all checks and continue if we hit already at least one whitelist in the chain
if(query->flags.whitelisted)
{
if(config.debug & DEBUG_QUERIES)
{
logg("Query is permitted as at least one whitelist entry matched");
}
return false;
}
// when we reach this point: the query is not in FTL's cache (for this client)
// Make a local copy of the domain string. The string memory may get
// reorganized in the following. We cannot expect domainstr to remain
// valid for all time.
domainstr = strdup(domainstr);
const char *blockedDomain = domainstr;
// Check exact whitelist for match
query->flags.whitelisted = in_whitelist(domainstr, dns_cache, client) == FOUND;
// If not found: Check regex whitelist for match
if(!query->flags.whitelisted)
query->flags.whitelisted = in_regex(domainstr, dns_cache, client->id, REGEX_WHITELIST);
// Check if this is a special domain
if(!query->flags.whitelisted && special_domain(query, domainstr))
{
// Set DNS cache properties
dns_cache->blocking_status = SPECIAL_DOMAIN;
@ -1409,29 +1434,6 @@ static bool _FTL_check_blocking(int queryID, int domainID, int clientID, const c
return true;
}
// Skip all checks and continue if we hit already at least one whitelist in the chain
if(query->flags.whitelisted)
{
if(config.debug & DEBUG_QUERIES)
{
logg("Query is permitted as at least one whitelist entry matched");
}
return false;
}
// Make a local copy of the domain string. The string memory may get
// reorganized in the following. We cannot expect domainstr to remain
// valid for all time.
domainstr = strdup(domainstr);
const char *blockedDomain = domainstr;
// Check exact whitelist for match
query->flags.whitelisted = in_whitelist(domainstr, dns_cache, client) == FOUND;
// If not found: Check regex whitelist for match
if(!query->flags.whitelisted)
query->flags.whitelisted = in_regex(domainstr, dns_cache, client->id, REGEX_WHITELIST);
// Check blacklist (exact + regex) and gravity for queried domain
unsigned char new_status = QUERY_UNKNOWN;
bool db_okay = true;