Github
/
FTL
mirror of
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Changes for query log implementation 

Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER 2021-03-02 12:55:22 +01:00
parent 18d45d709a
commit ea509ecca1
No known key found for this signature in database
GPG Key ID: 00135ACBD90B28DD
13 changed files with 109 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/api/docs/content/specs/history.yaml
View File

@ -202,13 +202,13 @@ components:
queries:
type: object
properties:
history:
queries:
type: array
description: Data array
items:
type: object
properties:
timestamp:
time:
type: number
description: Timestamp
type:
@ -217,7 +217,7 @@ components:
domain:
type: string
description: Queried domain
CNAME_domain:
cname:
type: string
description: Domain blocked during deep CNAME inspection (may be `null`)
nullable: true
@ -233,13 +233,19 @@ components:
description: DNSSEC status (may be `null`)
nullable: true
reply:
type: string
description: Reply type (may be `null`)
nullable: true
response_time:
type: object
properties:
type:
type: string
description: Reply type (may be `null`)
nullable: true
time:
type: integer
description: Time until the response was received (ms, negative if N/A)
ttl:
type: integer
description: Time until the response was sent back to the client (`-1` if N/A)
regex_idx:
description: Remaining Time-To-Live (0 if N/A)
regex:
type: integer
description: ID of blocking regex (`-1` if N/A)
upstream:

31
src/api/history.c
View File

@ -251,7 +251,7 @@ int api_history_queries(struct ftl_conn *api)
// We start with the most recent query at the beginning (until the cursor is changed)
unsigned int cursor = counters->queries;
// We send 100 queries (unless the API is asked for a different limit)
unsigned int show = 100u;
int show = 100;
if(api->request->query_string != NULL)
{
@ -266,7 +266,7 @@ int api_history_queries(struct ftl_conn *api)
// Does the user request a non-default number of replies?
// Note: We do not accept zero query requests here
get_uint_var(api->request->query_string, "n", &show);
get_int_var(api->request->query_string, "n", &show);
// Upstream destination filtering?
char buffer[256] = { 0 };
@ -448,7 +448,7 @@ int api_history_queries(struct ftl_conn *api)
clearSetupVarsArray();
cJSON *history = JSON_NEW_ARRAY();
unsigned int added = 0u;
int added = 0;
unsigned int lastID = 0u;
for(unsigned int i = ibeg; i > 0u; i--)
{
@ -549,10 +549,10 @@ int api_history_queries(struct ftl_conn *api)
else
clientIPName = getClientIPString(query);
unsigned long delay = query->response;
double delay = 0.1*query->response;
// Check if received (delay should be smaller than 30min)
if(delay > 1.8e7)
delay = -1;
if(delay > 1.8e6 || query->reply == REPLY_UNKNOWN)
delay = -1.0;
// Get domain blocked during deep CNAME inspection, if applicable
const char *CNAME_domain = NULL;
@ -599,23 +599,28 @@ int api_history_queries(struct ftl_conn *api)
const char *qreply = get_query_reply_str(query);
cJSON *item = JSON_NEW_OBJ();
JSON_OBJ_ADD_NUMBER(item, "timestamp", query->timestamp);
JSON_OBJ_ADD_NUMBER(item, "time", query->timestamp);
// We have to copy the string as TYPExxx string won't be static
JSON_OBJ_COPY_STR(item, "type", qtype);
// Safe to reference the FTL-strings pointer here
JSON_OBJ_REF_STR(item, "domain", domain);
// Safe to reference the FTL-strings pointer here
JSON_OBJ_REF_STR(item, "CNAME_domain", CNAME_domain);
JSON_OBJ_REF_STR(item, "cname", CNAME_domain);
// Safe to reference the static strings here
JSON_OBJ_REF_STR(item, "status", qstatus);
// Safe to reference the FTL-strings pointer here
JSON_OBJ_REF_STR(item, "client", clientIPName);
// Safe to reference the static strings here
JSON_OBJ_REF_STR(item, "dnssec", qdnssec);
cJSON *reply = JSON_NEW_OBJ();
// Safe to reference the static strings here
JSON_OBJ_REF_STR(item, "reply", qreply);
JSON_OBJ_ADD_NUMBER(item, "response_time", delay);
JSON_OBJ_ADD_NUMBER(item, "regex_id", regex_id);
JSON_OBJ_REF_STR(reply, "type", qreply);
JSON_OBJ_ADD_NUMBER(reply, "time", delay);
JSON_OBJ_ADD_ITEM(item, "reply", reply);
JSON_OBJ_ADD_NUMBER(item, "ttl", query->ttl);
JSON_OBJ_ADD_NUMBER(item, "regex", regex_id);
// We have to copy the string as the ip#port string isn't static
if(upstream[0] != '\0')
{
@ -627,7 +632,7 @@ int api_history_queries(struct ftl_conn *api)
}
JSON_ARRAY_ADD_ITEM(history, item);
if(++added >= show)
if(show > -1 && ++added >= show)
{
break;
}
@ -640,7 +645,7 @@ int api_history_queries(struct ftl_conn *api)
free(clientid_list);
cJSON *json = JSON_NEW_OBJ();
JSON_OBJ_ADD_ITEM(json, "history", history);
JSON_OBJ_ADD_ITEM(json, "queries", history);
// if(lastID < 0)
// There are no more queries available, send null cursor

20
src/api/stats_database.c
View File

@ -133,17 +133,17 @@ int api_stats_database_overTime_history(struct ftl_conn *api)
// Add to blocked count if this is the result for a blocked status
switch (status)
{
case QUERY_GRAVITY:
case QUERY_REGEX:
case QUERY_BLACKLIST:
case QUERY_EXTERNAL_BLOCKED_IP:
case QUERY_EXTERNAL_BLOCKED_NULL:
case QUERY_EXTERNAL_BLOCKED_NXRA:
blocked += count;
break;
case QUERY_GRAVITY:
case QUERY_REGEX:
case QUERY_DENYLIST:
case QUERY_EXTERNAL_BLOCKED_IP:
case QUERY_EXTERNAL_BLOCKED_NULL:
case QUERY_EXTERNAL_BLOCKED_NXRA:
blocked += count;
break;
default:
break;
default:
break;
}
}

22
src/database/query-table.c
View File

@ -101,7 +101,7 @@ static bool init_memory_database(sqlite3 **db, const char *name, const int busy)
bool init_memory_databases(void)
{
// Initialize in-memory database for all queries
if(!init_memory_database(&memdb, "file:memdb?mode=memory", DATABASE_BUSY_TIMEOUT))
if(!init_memory_database(&memdb, "file:memdb?mode=memory&cache=shared", DATABASE_BUSY_TIMEOUT))
return false;
// Initialize in-memory database for new queries
if(!init_memory_database(&newdb, "file:newdb?mode=memory&cache=shared", 0))
@ -478,7 +478,14 @@ bool mv_newdb_memdb(void)
if( rc != SQLITE_OK ){
logg("mv_newdb_memdb(%s) failed: %s",
querystr[i], sqlite3_errstr(rc));
return false;
// Try to ROLLLBACK the TRANSACTION
const int rc2 = sqlite3_exec(memdb, "ROLLBACK", NULL, NULL, NULL);
if( rc2 != SQLITE_OK ){
logg("mv_newdb_memdb(ROLLBACK) failed: %s",
sqlite3_errstr(rc2));
return false;
}
}
}
@ -645,7 +652,7 @@ void DB_read_queries(void)
// Get additional information from the additional_info column if applicable
if(status == QUERY_GRAVITY_CNAME ||
status == QUERY_REGEX_CNAME ||
status == QUERY_BLACKLIST_CNAME)
status == QUERY_DENYLIST_CNAME)
{
// QUERY_*_CNAME: Get domain causing the blocking
const char *CNAMEdomain = (const char *)sqlite3_column_text(stmt, 7);
@ -679,13 +686,13 @@ void DB_read_queries(void)
case QUERY_GRAVITY: // Blocked by gravity
case QUERY_REGEX: // Blocked by regex blacklist
case QUERY_BLACKLIST: // Blocked by exact blacklist
case QUERY_DENYLIST: // Blocked by exact blacklist
case QUERY_EXTERNAL_BLOCKED_IP: // Blocked by external provider
case QUERY_EXTERNAL_BLOCKED_NULL: // Blocked by external provider
case QUERY_EXTERNAL_BLOCKED_NXRA: // Blocked by external provider
case QUERY_GRAVITY_CNAME: // Blocked by gravity (inside CNAME path)
case QUERY_REGEX_CNAME: // Blocked by regex blacklist (inside CNAME path)
case QUERY_BLACKLIST_CNAME: // Blocked by exact blacklist (inside CNAME path)
case QUERY_DENYLIST_CNAME: // Blocked by exact blacklist (inside CNAME path)
counters->blocked++;
query->flags.blocked = true;
// Get domain pointer
@ -741,9 +748,6 @@ void DB_read_queries(void)
// Finalize SQLite3 statement
sqlite3_finalize(stmt);
// Close database here, we have to reopen it later (after forking)
dbclose();
}
bool query_to_database(queriesData* query)
@ -831,7 +835,7 @@ bool query_to_database(queriesData* query)
// ADDITIONAL_INFO
if(query->status == QUERY_GRAVITY_CNAME ||
query->status == QUERY_REGEX_CNAME ||
query->status == QUERY_BLACKLIST_CNAME)
query->status == QUERY_DENYLIST_CNAME)
{
// Restore domain blocked during deep CNAME inspection if applicable
const char *cname = getCNAMEDomainString(query);

8
src/datastructure.c
View File

@ -564,8 +564,8 @@ const char * __attribute__ ((pure)) get_query_status_str(const queriesData *quer
return "CACHE";
case QUERY_REGEX:
return "REGEX";
case QUERY_BLACKLIST:
return "BLACKLIST";
case QUERY_DENYLIST:
return "DENYLIST";
case QUERY_EXTERNAL_BLOCKED_IP:
return "EXTERNAL_BLOCKED_IP";
case QUERY_EXTERNAL_BLOCKED_NULL:
@ -576,8 +576,8 @@ const char * __attribute__ ((pure)) get_query_status_str(const queriesData *quer
return "GRAVITY_CNAME";
case QUERY_REGEX_CNAME:
return "REGEX_CNAME";
case QUERY_BLACKLIST_CNAME:
return "BLACKLIST_CNAME";
case QUERY_DENYLIST_CNAME:
return "DENYLIST_CNAME";
case QUERY_RETRIED:
return "RETRIED";
case QUERY_RETRIED_DNSSEC:

3
src/datastructure.h
View File

@ -36,6 +36,7 @@ typedef struct {
unsigned long response; // saved in units of 1/10 milliseconds (1 = 0.1ms, 2 = 0.2ms, 2500 = 250.0ms, etc.)
unsigned long forwardresponse; // saved in units of 1/10 milliseconds (1 = 0.1ms, 2 = 0.2ms, 2500 = 250.0ms, etc.)
double timestamp;
unsigned long ttl;
int64_t db;
// Adjacent bit field members in the struct flags may be packed to share
// and straddle the individual bytes. It is useful to pack the memory as
@ -51,7 +52,7 @@ typedef struct {
} queriesData;
// ARM needs alignment to 8-byte boundary
ASSERT_SIZEOF(queriesData, 72, 60, 64);
ASSERT_SIZEOF(queriesData, 80, 60, 64);
typedef struct {
unsigned char magic;

2
src/dnsmasq/cache.c
View File

@ -491,7 +491,7 @@ struct crec *cache_insert(char *name, union all_addr *addr, unsigned short class
{
/* Don't log DNSSEC records here, done elsewhere */
log_query(flags | F_UPSTREAM, name, addr, NULL);
FTL_reply(flags, name, addr, daemon->log_display_id);
FTL_reply(flags, name, addr, daemon->log_display_id, ttl);
if (daemon->max_cache_ttl != 0 && daemon->max_cache_ttl < ttl)
ttl = daemon->max_cache_ttl;
if (daemon->min_cache_ttl != 0 && daemon->min_cache_ttl > ttl)

6
src/dnsmasq/forward.c
View File

@ -233,7 +233,7 @@ static unsigned int search_servers(time_t now, union all_addr **addrpp, unsigned
if (flags == F_NXDOMAIN || flags == F_NOERR)
{
log_query(flags | qtype | F_NEG | F_CONFIG | F_FORWARD, qdomain, NULL, NULL);
FTL_reply(flags | qtype | F_NEG | F_CONFIG | F_FORWARD, qdomain, NULL, daemon->log_display_id);
FTL_reply(flags | qtype | F_NEG | F_CONFIG | F_FORWARD, qdomain, NULL, daemon->log_display_id, 0);
}
else
{
@ -241,12 +241,12 @@ static unsigned int search_servers(time_t now, union all_addr **addrpp, unsigned
if (flags & F_IPV4)
{
log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, qdomain, *addrpp, NULL);
FTL_reply((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, qdomain, *addrpp, daemon->log_display_id);
FTL_reply((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, qdomain, *addrpp, daemon->log_display_id, 0);
}
if (flags & F_IPV6)
{
log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, qdomain, *addrpp, NULL);
FTL_reply((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, qdomain, *addrpp, daemon->log_display_id);
FTL_reply((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, qdomain, *addrpp, daemon->log_display_id, 0);
}
}
}

50
src/dnsmasq/rfc1035.c
View File

@ -963,7 +963,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
union all_addr a;
a.log.rcode = SERVFAIL;
log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
FTL_reply(F_CONFIG | F_RCODE, "error", &a, daemon->log_display_id);
FTL_reply(F_CONFIG | F_RCODE, "error", &a, daemon->log_display_id, -1);
SET_RCODE(header, SERVFAIL);
}
else if (flags & ( F_IPV4 | F_IPV6))
@ -989,7 +989,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
union all_addr a;
a.log.rcode = REFUSED;
log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
FTL_reply(F_CONFIG | F_RCODE, "error", &a, daemon->log_display_id);
FTL_reply(F_CONFIG | F_RCODE, "error", &a, daemon->log_display_id, -1);
SET_RCODE(header, REFUSED);
}
@ -1403,7 +1403,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (ok)
{
log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>");
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<TXT>", daemon->log_display_id);
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<TXT>", daemon->log_display_id, ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
ttl, NULL,
T_TXT, t->class, "t", t->len, t->txt))
@ -1426,7 +1426,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
{
addr.log.rcode = NOTIMP;
log_query(F_CONFIG | F_RCODE, name, &addr, NULL);
FTL_cache(F_CONFIG | F_RCODE, name, &addr, NULL, daemon->log_display_id);
FTL_cache(F_CONFIG | F_RCODE, name, &addr, NULL, daemon->log_display_id, 0);
}
ans = 1, sec_data = 0;
}
@ -1445,7 +1445,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, t->class));
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, t->class), daemon->log_display_id);
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, t->class), daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL,
t->class, C_IN, "t", t->len, t->txt))
@ -1502,7 +1502,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
FTL_cache(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL, daemon->log_display_id);
FTL_cache(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL, daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL,
T_PTR, C_IN, "d", intr->name))
@ -1516,7 +1516,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(F_CONFIG | F_RRNAME, name, NULL, "<PTR>");
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<PTR>", daemon->log_display_id);
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<PTR>", daemon->log_display_id, daemon->local_ttl);
for (ptr = daemon->ptr; ptr; ptr = ptr->next)
if (hostname_isequal(name, ptr->name) &&
add_resource_record(header, limit, &trunc, nameoffset, &ansp,
@ -1553,7 +1553,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(crecp->flags & ~F_FORWARD, name, &addr, NULL);
FTL_cache(crecp->flags & ~F_FORWARD, name, &addr, NULL, daemon->log_display_id);
FTL_cache(crecp->flags & ~F_FORWARD, name, &addr, NULL, daemon->log_display_id, 0);
}
}
else
@ -1565,7 +1565,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
log_query(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr,
record_source(crecp->uid));
FTL_cache(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr,
record_source(crecp->uid), daemon->log_display_id);
record_source(crecp->uid), daemon->log_display_id, crec_ttl(crecp, now));
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
crec_ttl(crecp, now), NULL,
@ -1583,7 +1583,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL);
FTL_cache(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL, daemon->log_display_id);
FTL_cache(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL, daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL,
@ -1629,7 +1629,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
log_query(F_CONFIG | F_REVERSE | is_arpa | F_NEG | F_NXDOMAIN,
name, &addr, NULL);
FTL_cache(F_CONFIG | F_REVERSE | is_arpa | F_NEG | F_NXDOMAIN,
name, &addr, NULL, daemon->log_display_id);
name, &addr, NULL, daemon->log_display_id, 0);
}
}
}
@ -1687,7 +1687,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
{
gotit = 1;
log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL);
FTL_cache(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL, daemon->log_display_id);
FTL_cache(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL, daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL, type, C_IN,
type == T_A ? "4" : "6", &addrlist->addr))
@ -1699,7 +1699,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun && !gotit)
{
log_query(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL);
FTL_cache(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL, daemon->log_display_id);
FTL_cache(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL, daemon->log_display_id, 0);
}
continue;
@ -1747,9 +1747,9 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
// Pi-hole modification: Added record_source(crecp->uid) such that the subroutines know
// where the reply dame from (e.g. gravity.list)
// where the reply came from (e.g. gravity.list)
log_query(crecp->flags, name, NULL, record_source(crecp->uid));
FTL_cache(crecp->flags, name, NULL, record_source(crecp->uid), daemon->log_display_id);
FTL_cache(crecp->flags, name, NULL, record_source(crecp->uid), daemon->log_display_id, 0);
}
}
else
@ -1771,7 +1771,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
record_source(crecp->uid));
FTL_cache(crecp->flags & ~F_REVERSE, name, &crecp->addr,
record_source(crecp->uid),
daemon->log_display_id);
daemon->log_display_id, crec_ttl(crecp, now));
// ****************************** Pi-hole modification ******************************
if(FTL_CNAME(name, crecp, daemon->log_display_id))
{
@ -1796,7 +1796,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL);
FTL_cache(F_FORWARD | F_CONFIG | flag, name, &addr, NULL, daemon->log_display_id);
FTL_cache(F_FORWARD | F_CONFIG | flag, name, &addr, NULL, daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL, type, C_IN, type == T_A ? "4" : "6", &addr))
anscount++;
@ -1816,7 +1816,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
{
int offset;
log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<MX>", daemon->log_display_id);
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<MX>", daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
&offset, T_MX, C_IN, "sd", rec->weight, rec->target))
{
@ -1835,7 +1835,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<MX>", daemon->log_display_id);
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<MX>", daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL,
T_MX, C_IN, "sd", 1,
option_bool(OPT_SELFMX) ? name : daemon->mxtarget))
@ -1858,7 +1858,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
{
int offset;
log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>");
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<SRV>", daemon->log_display_id);
FTL_cache(F_CONFIG | F_RRNAME, name, NULL, "<SRV>", daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
&offset, T_SRV, C_IN, "sssd",
rec->priority, rec->weight, rec->srvport, rec->target))
@ -1907,14 +1907,14 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(crecp->flags, name, NULL, NULL);
FTL_cache(crecp->flags, name, NULL, NULL, daemon->log_display_id);
FTL_cache(crecp->flags, name, NULL, NULL, daemon->log_display_id, 0);
}
}
else if (!dryrun)
{
char *target = blockdata_retrieve(crecp->addr.srv.target, crecp->addr.srv.targetlen, NULL);
log_query(crecp->flags, name, NULL, 0);
FTL_cache(crecp->flags, name, NULL, NULL, daemon->log_display_id);
FTL_cache(crecp->flags, name, NULL, NULL, daemon->log_display_id, crec_ttl(crecp, now));
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
crec_ttl(crecp, now), NULL, T_SRV, C_IN, "sssd",
@ -1933,7 +1933,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(F_CONFIG | F_NEG, name, NULL, NULL);
FTL_cache(F_CONFIG | F_NEG, name, NULL, NULL, daemon->log_display_id);
FTL_cache(F_CONFIG | F_NEG, name, NULL, NULL, daemon->log_display_id, 0);
}
}
}
@ -1949,7 +1949,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>");
FTL_cache(F_CONFIG | F_NEG, name, NULL, "<NAPTR>", daemon->log_display_id);
FTL_cache(F_CONFIG | F_NEG, name, NULL, "<NAPTR>", daemon->log_display_id, daemon->local_ttl);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
NULL, T_NAPTR, C_IN, "sszzzd",
na->order, na->pref, na->flags, na->services, na->regexp, na->replace))
@ -1968,7 +1968,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(F_CONFIG | F_NEG, name, &addr, NULL);
FTL_cache(F_CONFIG | F_NEG, name, NULL, NULL, daemon->log_display_id);
FTL_cache(F_CONFIG | F_NEG, name, NULL, NULL, daemon->log_display_id, 0);
}
}
}

15
src/dnsmasq_interface.c
View File

@ -97,7 +97,7 @@ static bool check_domain_blocked(const char *domain, const int clientID,
{
// We block this domain
blockDomain = true;
*new_status = QUERY_BLACKLIST;
*new_status = QUERY_DENYLIST;
*blockingreason = "exactly blacklisted";
// Mark domain as exactly blacklisted for this client
@ -194,7 +194,7 @@ static bool _FTL_check_blocking(int queryID, int domainID, int clientID, const c
if(!query->flags.whitelisted)
{
force_next_DNS_reply = dns_cache->force_reply;
query_blocked(query, domain, client, QUERY_BLACKLIST);
query_blocked(query, domain, client, QUERY_DENYLIST);
return true;
}
break;
@ -435,10 +435,10 @@ bool _FTL_CNAME(const char *domain, const struct crec *cpp, const int id, const
// Set status
query->status = QUERY_REGEX_CNAME;
}
else if(query->status == QUERY_BLACKLIST)
else if(query->status == QUERY_DENYLIST)
{
// Only set status
query->status = QUERY_BLACKLIST_CNAME;
query->status = QUERY_DENYLIST_CNAME;
}
}
@ -1018,7 +1018,7 @@ void FTL_dnsmasq_reload(void)
}
void _FTL_reply(const unsigned int flags, const char *name, const union all_addr *addr, const int id,
const char* file, const int line)
const unsigned long ttl, const char* file, const int line)
{
// Lock shared memory
lock_shm();
@ -1118,6 +1118,7 @@ void _FTL_reply(const unsigned int flags, const char *name, const union all_addr
counters->cached++;
overTime[timeidx].cached++;
query->status = QUERY_CACHE;
query->ttl = ttl;
// Save reply type and update individual reply counters
save_reply_type(flags, addr, query, response);
@ -1325,7 +1326,8 @@ static void query_externally_blocked(const int queryID, const enum query_status
}
void _FTL_cache(const unsigned int flags, const char *name, const union all_addr *addr,
const char *arg, const int id, const char* file, const int line)
const char *arg, const int id, const unsigned long ttl,
const char* file, const int line)
{
// Save that this query got answered from cache
@ -1414,6 +1416,7 @@ void _FTL_cache(const unsigned int flags, const char *name, const union all_addr
const unsigned int timeidx = query->timeidx;
query->status = requesttype;
query->ttl = ttl;
// Detect if returned IP indicates that this query was blocked
detect_blocked_IP(flags, addr, queryID);

8
src/dnsmasq_interface.h
View File

@ -27,11 +27,11 @@ bool _FTL_new_query(const unsigned int flags, const char *name, const char** blo
#define FTL_forwarded(flags, name, serv, id) _FTL_forwarded(flags, name, serv, id, __FILE__, __LINE__)
void _FTL_forwarded(const unsigned int flags, const char *name, const struct server *serv, const int id, const char* file, const int line);
#define FTL_reply(flags, name, addr, id) _FTL_reply(flags, name, addr, id, __FILE__, __LINE__)
void _FTL_reply(const unsigned int flags, const char *name, const union all_addr *addr, const int id, const char* file, const int line);
#define FTL_reply(flags, name, addr, id, ttl) _FTL_reply(flags, name, addr, id, ttl, __FILE__, __LINE__)
void _FTL_reply(const unsigned int flags, const char *name, const union all_addr *addr, const int id, const unsigned long ttl, const char* file, const int line);
#define FTL_cache(flags, name, addr, arg, id) _FTL_cache(flags, name, addr, arg, id, __FILE__, __LINE__)
void _FTL_cache(const unsigned int flags, const char *name, const union all_addr *addr, const char * arg, const int id, const char* file, const int line);
#define FTL_cache(flags, name, addr, arg, id, ttl) _FTL_cache(flags, name, addr, arg, id, ttl, __FILE__, __LINE__)
void _FTL_cache(const unsigned int flags, const char *name, const union all_addr *addr, const char * arg, const int id, const unsigned long ttl, const char* file, const int line);
#define FTL_dnssec(status, id) _FTL_dnssec(status, id, __FILE__, __LINE__)
void _FTL_dnssec(const int status, const int id, const char* file, const int line);

4
src/enums.h
View File

@ -33,13 +33,13 @@ enum query_status {
QUERY_FORWARDED,
QUERY_CACHE,
QUERY_REGEX,
QUERY_BLACKLIST,
QUERY_DENYLIST,
QUERY_EXTERNAL_BLOCKED_IP,
QUERY_EXTERNAL_BLOCKED_NULL,
QUERY_EXTERNAL_BLOCKED_NXRA,
QUERY_GRAVITY_CNAME,
QUERY_REGEX_CNAME,
QUERY_BLACKLIST_CNAME,
QUERY_DENYLIST_CNAME,
QUERY_RETRIED,
QUERY_RETRIED_DNSSEC,
QUERY_IN_PROGRESS,

6
src/gc.c
View File

@ -132,14 +132,14 @@ void *GC_thread(void *val)
overTime[timeidx].cached--;
break;
case QUERY_GRAVITY: // Blocked by Pi-hole's blocking lists (fall through)
case QUERY_BLACKLIST: // Exact blocked (fall through)
case QUERY_DENYLIST: // Exact blocked (fall through)
case QUERY_REGEX: // Regex blocked (fall through)
case QUERY_EXTERNAL_BLOCKED_IP: // Blocked by upstream provider (fall through)
case QUERY_EXTERNAL_BLOCKED_NXRA: // Blocked by upstream provider (fall through)
case QUERY_EXTERNAL_BLOCKED_NULL: // Blocked by upstream provider (fall through)
case QUERY_GRAVITY_CNAME: // Gravity domain in CNAME chain (fall through)
case QUERY_BLACKLIST_CNAME: // Exactly blacklisted domain in CNAME chain (fall through)
case QUERY_REGEX_CNAME: // Regex blacklisted domain in CNAME chain (fall through)
case QUERY_DENYLIST_CNAME: // Exactly denied domain in CNAME chain (fall through)
case QUERY_REGEX_CNAME: // Regex denied domain in CNAME chain (fall through)
counters->blocked--;
overTime[timeidx].blocked--;
if(domain != NULL)