Changes for query log implementation
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
parent
18d45d709a
commit
ea509ecca1
|
@ -202,13 +202,13 @@ components:
|
|||
queries:
|
||||
type: object
|
||||
properties:
|
||||
history:
|
||||
queries:
|
||||
type: array
|
||||
description: Data array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
timestamp:
|
||||
time:
|
||||
type: number
|
||||
description: Timestamp
|
||||
type:
|
||||
|
@ -217,7 +217,7 @@ components:
|
|||
domain:
|
||||
type: string
|
||||
description: Queried domain
|
||||
CNAME_domain:
|
||||
cname:
|
||||
type: string
|
||||
description: Domain blocked during deep CNAME inspection (may be `null`)
|
||||
nullable: true
|
||||
|
@ -233,13 +233,19 @@ components:
|
|||
description: DNSSEC status (may be `null`)
|
||||
nullable: true
|
||||
reply:
|
||||
type: string
|
||||
description: Reply type (may be `null`)
|
||||
nullable: true
|
||||
response_time:
|
||||
type: object
|
||||
properties:
|
||||
type:
|
||||
type: string
|
||||
description: Reply type (may be `null`)
|
||||
nullable: true
|
||||
time:
|
||||
type: integer
|
||||
description: Time until the response was received (ms, negative if N/A)
|
||||
ttl:
|
||||
type: integer
|
||||
description: Time until the response was sent back to the client (`-1` if N/A)
|
||||
regex_idx:
|
||||
description: Remaining Time-To-Live (0 if N/A)
|
||||
regex:
|
||||
type: integer
|
||||
description: ID of blocking regex (`-1` if N/A)
|
||||
upstream:
|
||||
|
|
|
@ -251,7 +251,7 @@ int api_history_queries(struct ftl_conn *api)
|
|||
// We start with the most recent query at the beginning (until the cursor is changed)
|
||||
unsigned int cursor = counters->queries;
|
||||
// We send 100 queries (unless the API is asked for a different limit)
|
||||
unsigned int show = 100u;
|
||||
int show = 100;
|
||||
|
||||
if(api->request->query_string != NULL)
|
||||
{
|
||||
|
@ -266,7 +266,7 @@ int api_history_queries(struct ftl_conn *api)
|
|||
|
||||
// Does the user request a non-default number of replies?
|
||||
// Note: We do not accept zero query requests here
|
||||
get_uint_var(api->request->query_string, "n", &show);
|
||||
get_int_var(api->request->query_string, "n", &show);
|
||||
|
||||
// Upstream destination filtering?
|
||||
char buffer[256] = { 0 };
|
||||
|
@ -448,7 +448,7 @@ int api_history_queries(struct ftl_conn *api)
|
|||
clearSetupVarsArray();
|
||||
|
||||
cJSON *history = JSON_NEW_ARRAY();
|
||||
unsigned int added = 0u;
|
||||
int added = 0;
|
||||
unsigned int lastID = 0u;
|
||||
for(unsigned int i = ibeg; i > 0u; i--)
|
||||
{
|
||||
|
@ -549,10 +549,10 @@ int api_history_queries(struct ftl_conn *api)
|
|||
else
|
||||
clientIPName = getClientIPString(query);
|
||||
|
||||
unsigned long delay = query->response;
|
||||
double delay = 0.1*query->response;
|
||||
// Check if received (delay should be smaller than 30min)
|
||||
if(delay > 1.8e7)
|
||||
delay = -1;
|
||||
if(delay > 1.8e6 || query->reply == REPLY_UNKNOWN)
|
||||
delay = -1.0;
|
||||
|
||||
// Get domain blocked during deep CNAME inspection, if applicable
|
||||
const char *CNAME_domain = NULL;
|
||||
|
@ -599,23 +599,28 @@ int api_history_queries(struct ftl_conn *api)
|
|||
const char *qreply = get_query_reply_str(query);
|
||||
|
||||
cJSON *item = JSON_NEW_OBJ();
|
||||
JSON_OBJ_ADD_NUMBER(item, "timestamp", query->timestamp);
|
||||
JSON_OBJ_ADD_NUMBER(item, "time", query->timestamp);
|
||||
// We have to copy the string as TYPExxx string won't be static
|
||||
JSON_OBJ_COPY_STR(item, "type", qtype);
|
||||
// Safe to reference the FTL-strings pointer here
|
||||
JSON_OBJ_REF_STR(item, "domain", domain);
|
||||
// Safe to reference the FTL-strings pointer here
|
||||
JSON_OBJ_REF_STR(item, "CNAME_domain", CNAME_domain);
|
||||
JSON_OBJ_REF_STR(item, "cname", CNAME_domain);
|
||||
// Safe to reference the static strings here
|
||||
JSON_OBJ_REF_STR(item, "status", qstatus);
|
||||
// Safe to reference the FTL-strings pointer here
|
||||
JSON_OBJ_REF_STR(item, "client", clientIPName);
|
||||
// Safe to reference the static strings here
|
||||
JSON_OBJ_REF_STR(item, "dnssec", qdnssec);
|
||||
|
||||
cJSON *reply = JSON_NEW_OBJ();
|
||||
// Safe to reference the static strings here
|
||||
JSON_OBJ_REF_STR(item, "reply", qreply);
|
||||
JSON_OBJ_ADD_NUMBER(item, "response_time", delay);
|
||||
JSON_OBJ_ADD_NUMBER(item, "regex_id", regex_id);
|
||||
JSON_OBJ_REF_STR(reply, "type", qreply);
|
||||
JSON_OBJ_ADD_NUMBER(reply, "time", delay);
|
||||
JSON_OBJ_ADD_ITEM(item, "reply", reply);
|
||||
|
||||
JSON_OBJ_ADD_NUMBER(item, "ttl", query->ttl);
|
||||
JSON_OBJ_ADD_NUMBER(item, "regex", regex_id);
|
||||
// We have to copy the string as the ip#port string isn't static
|
||||
if(upstream[0] != '\0')
|
||||
{
|
||||
|
@ -627,7 +632,7 @@ int api_history_queries(struct ftl_conn *api)
|
|||
}
|
||||
JSON_ARRAY_ADD_ITEM(history, item);
|
||||
|
||||
if(++added >= show)
|
||||
if(show > -1 && ++added >= show)
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
@ -640,7 +645,7 @@ int api_history_queries(struct ftl_conn *api)
|
|||
free(clientid_list);
|
||||
|
||||
cJSON *json = JSON_NEW_OBJ();
|
||||
JSON_OBJ_ADD_ITEM(json, "history", history);
|
||||
JSON_OBJ_ADD_ITEM(json, "queries", history);
|
||||
|
||||
// if(lastID < 0)
|
||||
// There are no more queries available, send null cursor
|
||||
|
|
|
@ -133,17 +133,17 @@ int api_stats_database_overTime_history(struct ftl_conn *api)
|
|||
// Add to blocked count if this is the result for a blocked status
|
||||
switch (status)
|
||||
{
|
||||
case QUERY_GRAVITY:
|
||||
case QUERY_REGEX:
|
||||
case QUERY_BLACKLIST:
|
||||
case QUERY_EXTERNAL_BLOCKED_IP:
|
||||
case QUERY_EXTERNAL_BLOCKED_NULL:
|
||||
case QUERY_EXTERNAL_BLOCKED_NXRA:
|
||||
blocked += count;
|
||||
break;
|
||||
case QUERY_GRAVITY:
|
||||
case QUERY_REGEX:
|
||||
case QUERY_DENYLIST:
|
||||
case QUERY_EXTERNAL_BLOCKED_IP:
|
||||
case QUERY_EXTERNAL_BLOCKED_NULL:
|
||||
case QUERY_EXTERNAL_BLOCKED_NXRA:
|
||||
blocked += count;
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -101,7 +101,7 @@ static bool init_memory_database(sqlite3 **db, const char *name, const int busy)
|
|||
bool init_memory_databases(void)
|
||||
{
|
||||
// Initialize in-memory database for all queries
|
||||
if(!init_memory_database(&memdb, "file:memdb?mode=memory", DATABASE_BUSY_TIMEOUT))
|
||||
if(!init_memory_database(&memdb, "file:memdb?mode=memory&cache=shared", DATABASE_BUSY_TIMEOUT))
|
||||
return false;
|
||||
// Initialize in-memory database for new queries
|
||||
if(!init_memory_database(&newdb, "file:newdb?mode=memory&cache=shared", 0))
|
||||
|
@ -478,7 +478,14 @@ bool mv_newdb_memdb(void)
|
|||
if( rc != SQLITE_OK ){
|
||||
logg("mv_newdb_memdb(%s) failed: %s",
|
||||
querystr[i], sqlite3_errstr(rc));
|
||||
return false;
|
||||
|
||||
// Try to ROLLLBACK the TRANSACTION
|
||||
const int rc2 = sqlite3_exec(memdb, "ROLLBACK", NULL, NULL, NULL);
|
||||
if( rc2 != SQLITE_OK ){
|
||||
logg("mv_newdb_memdb(ROLLBACK) failed: %s",
|
||||
sqlite3_errstr(rc2));
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -645,7 +652,7 @@ void DB_read_queries(void)
|
|||
// Get additional information from the additional_info column if applicable
|
||||
if(status == QUERY_GRAVITY_CNAME ||
|
||||
status == QUERY_REGEX_CNAME ||
|
||||
status == QUERY_BLACKLIST_CNAME)
|
||||
status == QUERY_DENYLIST_CNAME)
|
||||
{
|
||||
// QUERY_*_CNAME: Get domain causing the blocking
|
||||
const char *CNAMEdomain = (const char *)sqlite3_column_text(stmt, 7);
|
||||
|
@ -679,13 +686,13 @@ void DB_read_queries(void)
|
|||
|
||||
case QUERY_GRAVITY: // Blocked by gravity
|
||||
case QUERY_REGEX: // Blocked by regex blacklist
|
||||
case QUERY_BLACKLIST: // Blocked by exact blacklist
|
||||
case QUERY_DENYLIST: // Blocked by exact blacklist
|
||||
case QUERY_EXTERNAL_BLOCKED_IP: // Blocked by external provider
|
||||
case QUERY_EXTERNAL_BLOCKED_NULL: // Blocked by external provider
|
||||
case QUERY_EXTERNAL_BLOCKED_NXRA: // Blocked by external provider
|
||||
case QUERY_GRAVITY_CNAME: // Blocked by gravity (inside CNAME path)
|
||||
case QUERY_REGEX_CNAME: // Blocked by regex blacklist (inside CNAME path)
|
||||
case QUERY_BLACKLIST_CNAME: // Blocked by exact blacklist (inside CNAME path)
|
||||
case QUERY_DENYLIST_CNAME: // Blocked by exact blacklist (inside CNAME path)
|
||||
counters->blocked++;
|
||||
query->flags.blocked = true;
|
||||
// Get domain pointer
|
||||
|
@ -741,9 +748,6 @@ void DB_read_queries(void)
|
|||
|
||||
// Finalize SQLite3 statement
|
||||
sqlite3_finalize(stmt);
|
||||
|
||||
// Close database here, we have to reopen it later (after forking)
|
||||
dbclose();
|
||||
}
|
||||
|
||||
bool query_to_database(queriesData* query)
|
||||
|
@ -831,7 +835,7 @@ bool query_to_database(queriesData* query)
|
|||
// ADDITIONAL_INFO
|
||||
if(query->status == QUERY_GRAVITY_CNAME ||
|
||||
query->status == QUERY_REGEX_CNAME ||
|
||||
query->status == QUERY_BLACKLIST_CNAME)
|
||||
query->status == QUERY_DENYLIST_CNAME)
|
||||
{
|
||||
// Restore domain blocked during deep CNAME inspection if applicable
|
||||
const char *cname = getCNAMEDomainString(query);
|
||||
|
|
|
@ -564,8 +564,8 @@ const char * __attribute__ ((pure)) get_query_status_str(const queriesData *quer
|
|||
return "CACHE";
|
||||
case QUERY_REGEX:
|
||||
return "REGEX";
|
||||
case QUERY_BLACKLIST:
|
||||
return "BLACKLIST";
|
||||
case QUERY_DENYLIST:
|
||||
return "DENYLIST";
|
||||
case QUERY_EXTERNAL_BLOCKED_IP:
|
||||
return "EXTERNAL_BLOCKED_IP";
|
||||
case QUERY_EXTERNAL_BLOCKED_NULL:
|
||||
|
@ -576,8 +576,8 @@ const char * __attribute__ ((pure)) get_query_status_str(const queriesData *quer
|
|||
return "GRAVITY_CNAME";
|
||||
case QUERY_REGEX_CNAME:
|
||||
return "REGEX_CNAME";
|
||||
case QUERY_BLACKLIST_CNAME:
|
||||
return "BLACKLIST_CNAME";
|
||||
case QUERY_DENYLIST_CNAME:
|
||||
return "DENYLIST_CNAME";
|
||||
case QUERY_RETRIED:
|
||||
return "RETRIED";
|
||||
case QUERY_RETRIED_DNSSEC:
|
||||
|
|
|
@ -36,6 +36,7 @@ typedef struct {
|
|||
unsigned long response; // saved in units of 1/10 milliseconds (1 = 0.1ms, 2 = 0.2ms, 2500 = 250.0ms, etc.)
|
||||
unsigned long forwardresponse; // saved in units of 1/10 milliseconds (1 = 0.1ms, 2 = 0.2ms, 2500 = 250.0ms, etc.)
|
||||
double timestamp;
|
||||
unsigned long ttl;
|
||||
int64_t db;
|
||||
// Adjacent bit field members in the struct flags may be packed to share
|
||||
// and straddle the individual bytes. It is useful to pack the memory as
|
||||
|
@ -51,7 +52,7 @@ typedef struct {
|
|||
} queriesData;
|
||||
|
||||
// ARM needs alignment to 8-byte boundary
|
||||
ASSERT_SIZEOF(queriesData, 72, 60, 64);
|
||||
ASSERT_SIZEOF(queriesData, 80, 60, 64);
|
||||
|
||||
typedef struct {
|
||||
unsigned char magic;
|
||||
|
|
|
@ -491,7 +491,7 @@ struct crec *cache_insert(char *name, union all_addr *addr, unsigned short class
|
|||
{
|
||||
/* Don't log DNSSEC records here, done elsewhere */
|
||||
log_query(flags | F_UPSTREAM, name, addr, NULL);
|
||||
FTL_reply(flags, name, addr, daemon->log_display_id);
|
||||
FTL_reply(flags, name, addr, daemon->log_display_id, ttl);
|
||||
if (daemon->max_cache_ttl != 0 && daemon->max_cache_ttl < ttl)
|
||||
ttl = daemon->max_cache_ttl;
|
||||
if (daemon->min_cache_ttl != 0 && daemon->min_cache_ttl > ttl)
|
||||
|
|
|
@ -233,7 +233,7 @@ static unsigned int search_servers(time_t now, union all_addr **addrpp, unsigned
|
|||
if (flags == F_NXDOMAIN || flags == F_NOERR)
|
||||
{
|
||||
log_query(flags | qtype | F_NEG | F_CONFIG | F_FORWARD, qdomain, NULL, NULL);
|
||||
FTL_reply(flags | qtype | F_NEG | F_CONFIG | F_FORWARD, qdomain, NULL, daemon->log_display_id);
|
||||
FTL_reply(flags | qtype | F_NEG | F_CONFIG | F_FORWARD, qdomain, NULL, daemon->log_display_id, 0);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -241,12 +241,12 @@ static unsigned int search_servers(time_t now, union all_addr **addrpp, unsigned
|
|||
if (flags & F_IPV4)
|
||||
{
|
||||
log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, qdomain, *addrpp, NULL);
|
||||
FTL_reply((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, qdomain, *addrpp, daemon->log_display_id);
|
||||
FTL_reply((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, qdomain, *addrpp, daemon->log_display_id, 0);
|
||||
}
|
||||
if (flags & F_IPV6)
|
||||
{
|
||||
log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, qdomain, *addrpp, NULL);
|
||||
FTL_reply((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, qdomain, *addrpp, daemon->log_display_id);
|
||||
FTL_reply((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, qdomain, *addrpp, daemon->log_display_id, 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -963,7 +963,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
|
|||
union all_addr a;
|
||||
a.log.rcode = SERVFAIL;
|
||||
log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
|
||||
FTL_reply(F_CONFIG | F_RCODE, "error", &a, daemon->log_display_id);
|
||||
FTL_reply(F_CONFIG | F_RCODE, "error", &a, daemon->log_display_id, -1);
|
||||
SET_RCODE(header, SERVFAIL);
|
||||
}
|
||||
else if (flags & ( F_IPV4 | F_IPV6))
|
||||
|
@ -989,7 +989,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
|
|||
union all_addr a;
|
||||
a.log.rcode = REFUSED;
|
||||
log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
|
||||
FTL_reply(F_CONFIG | F_RCODE, "error", &a, daemon->log_display_id);
|
||||
FTL_reply(F_CONFIG | F_RCODE, "error", &a, daemon->log_display_id, -1);
|
||||
SET_RCODE(header, REFUSED);
|
||||
}
|
||||
|
||||
|
@ -1403,7 +1403,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (ok)
|
||||
{
|
||||
log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>");
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<TXT>", daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<TXT>", daemon->log_display_id, ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
ttl, NULL,
|
||||
T_TXT, t->class, "t", t->len, t->txt))
|
||||
|
@ -1426,7 +1426,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
{
|
||||
addr.log.rcode = NOTIMP;
|
||||
log_query(F_CONFIG | F_RCODE, name, &addr, NULL);
|
||||
FTL_cache(F_CONFIG | F_RCODE, name, &addr, NULL, daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_RCODE, name, &addr, NULL, daemon->log_display_id, 0);
|
||||
}
|
||||
ans = 1, sec_data = 0;
|
||||
}
|
||||
|
@ -1445,7 +1445,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, t->class));
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, t->class), daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, t->class), daemon->log_display_id, daemon->local_ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
daemon->local_ttl, NULL,
|
||||
t->class, C_IN, "t", t->len, t->txt))
|
||||
|
@ -1502,7 +1502,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
|
||||
FTL_cache(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL, daemon->log_display_id);
|
||||
FTL_cache(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL, daemon->log_display_id, daemon->local_ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
daemon->local_ttl, NULL,
|
||||
T_PTR, C_IN, "d", intr->name))
|
||||
|
@ -1516,7 +1516,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(F_CONFIG | F_RRNAME, name, NULL, "<PTR>");
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<PTR>", daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<PTR>", daemon->log_display_id, daemon->local_ttl);
|
||||
for (ptr = daemon->ptr; ptr; ptr = ptr->next)
|
||||
if (hostname_isequal(name, ptr->name) &&
|
||||
add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
|
@ -1553,7 +1553,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(crecp->flags & ~F_FORWARD, name, &addr, NULL);
|
||||
FTL_cache(crecp->flags & ~F_FORWARD, name, &addr, NULL, daemon->log_display_id);
|
||||
FTL_cache(crecp->flags & ~F_FORWARD, name, &addr, NULL, daemon->log_display_id, 0);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -1565,7 +1565,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
log_query(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr,
|
||||
record_source(crecp->uid));
|
||||
FTL_cache(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr,
|
||||
record_source(crecp->uid), daemon->log_display_id);
|
||||
record_source(crecp->uid), daemon->log_display_id, crec_ttl(crecp, now));
|
||||
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
crec_ttl(crecp, now), NULL,
|
||||
|
@ -1583,7 +1583,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL);
|
||||
FTL_cache(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL, daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL, daemon->log_display_id, daemon->local_ttl);
|
||||
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
daemon->local_ttl, NULL,
|
||||
|
@ -1629,7 +1629,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
log_query(F_CONFIG | F_REVERSE | is_arpa | F_NEG | F_NXDOMAIN,
|
||||
name, &addr, NULL);
|
||||
FTL_cache(F_CONFIG | F_REVERSE | is_arpa | F_NEG | F_NXDOMAIN,
|
||||
name, &addr, NULL, daemon->log_display_id);
|
||||
name, &addr, NULL, daemon->log_display_id, 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1687,7 +1687,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
{
|
||||
gotit = 1;
|
||||
log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL);
|
||||
FTL_cache(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL, daemon->log_display_id);
|
||||
FTL_cache(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL, daemon->log_display_id, daemon->local_ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
daemon->local_ttl, NULL, type, C_IN,
|
||||
type == T_A ? "4" : "6", &addrlist->addr))
|
||||
|
@ -1699,7 +1699,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun && !gotit)
|
||||
{
|
||||
log_query(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL);
|
||||
FTL_cache(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL, daemon->log_display_id);
|
||||
FTL_cache(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL, daemon->log_display_id, 0);
|
||||
}
|
||||
|
||||
continue;
|
||||
|
@ -1747,9 +1747,9 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
// Pi-hole modification: Added record_source(crecp->uid) such that the subroutines know
|
||||
// where the reply dame from (e.g. gravity.list)
|
||||
// where the reply came from (e.g. gravity.list)
|
||||
log_query(crecp->flags, name, NULL, record_source(crecp->uid));
|
||||
FTL_cache(crecp->flags, name, NULL, record_source(crecp->uid), daemon->log_display_id);
|
||||
FTL_cache(crecp->flags, name, NULL, record_source(crecp->uid), daemon->log_display_id, 0);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -1771,7 +1771,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
record_source(crecp->uid));
|
||||
FTL_cache(crecp->flags & ~F_REVERSE, name, &crecp->addr,
|
||||
record_source(crecp->uid),
|
||||
daemon->log_display_id);
|
||||
daemon->log_display_id, crec_ttl(crecp, now));
|
||||
// ****************************** Pi-hole modification ******************************
|
||||
if(FTL_CNAME(name, crecp, daemon->log_display_id))
|
||||
{
|
||||
|
@ -1796,7 +1796,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL);
|
||||
FTL_cache(F_FORWARD | F_CONFIG | flag, name, &addr, NULL, daemon->log_display_id);
|
||||
FTL_cache(F_FORWARD | F_CONFIG | flag, name, &addr, NULL, daemon->log_display_id, daemon->local_ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
daemon->local_ttl, NULL, type, C_IN, type == T_A ? "4" : "6", &addr))
|
||||
anscount++;
|
||||
|
@ -1816,7 +1816,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
{
|
||||
int offset;
|
||||
log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<MX>", daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<MX>", daemon->log_display_id, daemon->local_ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
|
||||
&offset, T_MX, C_IN, "sd", rec->weight, rec->target))
|
||||
{
|
||||
|
@ -1835,7 +1835,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<MX>", daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<MX>", daemon->log_display_id, daemon->local_ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL,
|
||||
T_MX, C_IN, "sd", 1,
|
||||
option_bool(OPT_SELFMX) ? name : daemon->mxtarget))
|
||||
|
@ -1858,7 +1858,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
{
|
||||
int offset;
|
||||
log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>");
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<SRV>", daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<SRV>", daemon->log_display_id, daemon->local_ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
|
||||
&offset, T_SRV, C_IN, "sssd",
|
||||
rec->priority, rec->weight, rec->srvport, rec->target))
|
||||
|
@ -1907,14 +1907,14 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(crecp->flags, name, NULL, NULL);
|
||||
FTL_cache(crecp->flags, name, NULL, NULL, daemon->log_display_id);
|
||||
FTL_cache(crecp->flags, name, NULL, NULL, daemon->log_display_id, 0);
|
||||
}
|
||||
}
|
||||
else if (!dryrun)
|
||||
{
|
||||
char *target = blockdata_retrieve(crecp->addr.srv.target, crecp->addr.srv.targetlen, NULL);
|
||||
log_query(crecp->flags, name, NULL, 0);
|
||||
FTL_cache(crecp->flags, name, NULL, NULL, daemon->log_display_id);
|
||||
FTL_cache(crecp->flags, name, NULL, NULL, daemon->log_display_id, crec_ttl(crecp, now));
|
||||
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
crec_ttl(crecp, now), NULL, T_SRV, C_IN, "sssd",
|
||||
|
@ -1933,7 +1933,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(F_CONFIG | F_NEG, name, NULL, NULL);
|
||||
FTL_cache(F_CONFIG | F_NEG, name, NULL, NULL, daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_NEG, name, NULL, NULL, daemon->log_display_id, 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1949,7 +1949,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>");
|
||||
FTL_cache(F_CONFIG | F_NEG, name, NULL, "<NAPTR>", daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_NEG, name, NULL, "<NAPTR>", daemon->log_display_id, daemon->local_ttl);
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
|
||||
NULL, T_NAPTR, C_IN, "sszzzd",
|
||||
na->order, na->pref, na->flags, na->services, na->regexp, na->replace))
|
||||
|
@ -1968,7 +1968,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
|
|||
if (!dryrun)
|
||||
{
|
||||
log_query(F_CONFIG | F_NEG, name, &addr, NULL);
|
||||
FTL_cache(F_CONFIG | F_NEG, name, NULL, NULL, daemon->log_display_id);
|
||||
FTL_cache(F_CONFIG | F_NEG, name, NULL, NULL, daemon->log_display_id, 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -97,7 +97,7 @@ static bool check_domain_blocked(const char *domain, const int clientID,
|
|||
{
|
||||
// We block this domain
|
||||
blockDomain = true;
|
||||
*new_status = QUERY_BLACKLIST;
|
||||
*new_status = QUERY_DENYLIST;
|
||||
*blockingreason = "exactly blacklisted";
|
||||
|
||||
// Mark domain as exactly blacklisted for this client
|
||||
|
@ -194,7 +194,7 @@ static bool _FTL_check_blocking(int queryID, int domainID, int clientID, const c
|
|||
if(!query->flags.whitelisted)
|
||||
{
|
||||
force_next_DNS_reply = dns_cache->force_reply;
|
||||
query_blocked(query, domain, client, QUERY_BLACKLIST);
|
||||
query_blocked(query, domain, client, QUERY_DENYLIST);
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
|
@ -435,10 +435,10 @@ bool _FTL_CNAME(const char *domain, const struct crec *cpp, const int id, const
|
|||
// Set status
|
||||
query->status = QUERY_REGEX_CNAME;
|
||||
}
|
||||
else if(query->status == QUERY_BLACKLIST)
|
||||
else if(query->status == QUERY_DENYLIST)
|
||||
{
|
||||
// Only set status
|
||||
query->status = QUERY_BLACKLIST_CNAME;
|
||||
query->status = QUERY_DENYLIST_CNAME;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1018,7 +1018,7 @@ void FTL_dnsmasq_reload(void)
|
|||
}
|
||||
|
||||
void _FTL_reply(const unsigned int flags, const char *name, const union all_addr *addr, const int id,
|
||||
const char* file, const int line)
|
||||
const unsigned long ttl, const char* file, const int line)
|
||||
{
|
||||
// Lock shared memory
|
||||
lock_shm();
|
||||
|
@ -1118,6 +1118,7 @@ void _FTL_reply(const unsigned int flags, const char *name, const union all_addr
|
|||
counters->cached++;
|
||||
overTime[timeidx].cached++;
|
||||
query->status = QUERY_CACHE;
|
||||
query->ttl = ttl;
|
||||
|
||||
// Save reply type and update individual reply counters
|
||||
save_reply_type(flags, addr, query, response);
|
||||
|
@ -1325,7 +1326,8 @@ static void query_externally_blocked(const int queryID, const enum query_status
|
|||
}
|
||||
|
||||
void _FTL_cache(const unsigned int flags, const char *name, const union all_addr *addr,
|
||||
const char *arg, const int id, const char* file, const int line)
|
||||
const char *arg, const int id, const unsigned long ttl,
|
||||
const char* file, const int line)
|
||||
{
|
||||
// Save that this query got answered from cache
|
||||
|
||||
|
@ -1414,6 +1416,7 @@ void _FTL_cache(const unsigned int flags, const char *name, const union all_addr
|
|||
const unsigned int timeidx = query->timeidx;
|
||||
|
||||
query->status = requesttype;
|
||||
query->ttl = ttl;
|
||||
|
||||
// Detect if returned IP indicates that this query was blocked
|
||||
detect_blocked_IP(flags, addr, queryID);
|
||||
|
|
|
@ -27,11 +27,11 @@ bool _FTL_new_query(const unsigned int flags, const char *name, const char** blo
|
|||
#define FTL_forwarded(flags, name, serv, id) _FTL_forwarded(flags, name, serv, id, __FILE__, __LINE__)
|
||||
void _FTL_forwarded(const unsigned int flags, const char *name, const struct server *serv, const int id, const char* file, const int line);
|
||||
|
||||
#define FTL_reply(flags, name, addr, id) _FTL_reply(flags, name, addr, id, __FILE__, __LINE__)
|
||||
void _FTL_reply(const unsigned int flags, const char *name, const union all_addr *addr, const int id, const char* file, const int line);
|
||||
#define FTL_reply(flags, name, addr, id, ttl) _FTL_reply(flags, name, addr, id, ttl, __FILE__, __LINE__)
|
||||
void _FTL_reply(const unsigned int flags, const char *name, const union all_addr *addr, const int id, const unsigned long ttl, const char* file, const int line);
|
||||
|
||||
#define FTL_cache(flags, name, addr, arg, id) _FTL_cache(flags, name, addr, arg, id, __FILE__, __LINE__)
|
||||
void _FTL_cache(const unsigned int flags, const char *name, const union all_addr *addr, const char * arg, const int id, const char* file, const int line);
|
||||
#define FTL_cache(flags, name, addr, arg, id, ttl) _FTL_cache(flags, name, addr, arg, id, ttl, __FILE__, __LINE__)
|
||||
void _FTL_cache(const unsigned int flags, const char *name, const union all_addr *addr, const char * arg, const int id, const unsigned long ttl, const char* file, const int line);
|
||||
|
||||
#define FTL_dnssec(status, id) _FTL_dnssec(status, id, __FILE__, __LINE__)
|
||||
void _FTL_dnssec(const int status, const int id, const char* file, const int line);
|
||||
|
|
|
@ -33,13 +33,13 @@ enum query_status {
|
|||
QUERY_FORWARDED,
|
||||
QUERY_CACHE,
|
||||
QUERY_REGEX,
|
||||
QUERY_BLACKLIST,
|
||||
QUERY_DENYLIST,
|
||||
QUERY_EXTERNAL_BLOCKED_IP,
|
||||
QUERY_EXTERNAL_BLOCKED_NULL,
|
||||
QUERY_EXTERNAL_BLOCKED_NXRA,
|
||||
QUERY_GRAVITY_CNAME,
|
||||
QUERY_REGEX_CNAME,
|
||||
QUERY_BLACKLIST_CNAME,
|
||||
QUERY_DENYLIST_CNAME,
|
||||
QUERY_RETRIED,
|
||||
QUERY_RETRIED_DNSSEC,
|
||||
QUERY_IN_PROGRESS,
|
||||
|
|
6
src/gc.c
6
src/gc.c
|
@ -132,14 +132,14 @@ void *GC_thread(void *val)
|
|||
overTime[timeidx].cached--;
|
||||
break;
|
||||
case QUERY_GRAVITY: // Blocked by Pi-hole's blocking lists (fall through)
|
||||
case QUERY_BLACKLIST: // Exact blocked (fall through)
|
||||
case QUERY_DENYLIST: // Exact blocked (fall through)
|
||||
case QUERY_REGEX: // Regex blocked (fall through)
|
||||
case QUERY_EXTERNAL_BLOCKED_IP: // Blocked by upstream provider (fall through)
|
||||
case QUERY_EXTERNAL_BLOCKED_NXRA: // Blocked by upstream provider (fall through)
|
||||
case QUERY_EXTERNAL_BLOCKED_NULL: // Blocked by upstream provider (fall through)
|
||||
case QUERY_GRAVITY_CNAME: // Gravity domain in CNAME chain (fall through)
|
||||
case QUERY_BLACKLIST_CNAME: // Exactly blacklisted domain in CNAME chain (fall through)
|
||||
case QUERY_REGEX_CNAME: // Regex blacklisted domain in CNAME chain (fall through)
|
||||
case QUERY_DENYLIST_CNAME: // Exactly denied domain in CNAME chain (fall through)
|
||||
case QUERY_REGEX_CNAME: // Regex denied domain in CNAME chain (fall through)
|
||||
counters->blocked--;
|
||||
overTime[timeidx].blocked--;
|
||||
if(domain != NULL)
|
||||
|
|
Loading…
Reference in New Issue