Skip to content

Commit

Permalink
Implement finer-grained externally blocked displaying. This updates t…
Browse files Browse the repository at this point in the history 
…he shared memory version to 3

Signed-off-by: DL6ER <[email protected]>
  • Loading branch information
@DL6ER
DL6ER committed Feb 4, 2019
1 parent f1d226a commit 5bee17b
Show file tree
Hide file tree
Showing 5 changed files with 30 additions and 18 deletions.
2 changes: 1 addition & 1 deletion FTL.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@
enum { DATABASE_WRITE_TIMER, EXIT_TIMER, GC_TIMER, LISTS_TIMER, REGEX_TIMER, ARP_TIMER, LAST_TIMER };
enum { QUERIES, FORWARDED, CLIENTS, DOMAINS, OVERTIME, WILDCARD };
enum { DNSSEC_UNSPECIFIED, DNSSEC_SECURE, DNSSEC_INSECURE, DNSSEC_BOGUS, DNSSEC_ABANDONED, DNSSEC_UNKNOWN };
enum { QUERY_UNKNOWN, QUERY_GRAVITY, QUERY_FORWARDED, QUERY_CACHE, QUERY_WILDCARD, QUERY_BLACKLIST, QUERY_EXTERNAL_BLOCKED };
enum { QUERY_UNKNOWN, QUERY_GRAVITY, QUERY_FORWARDED, QUERY_CACHE, QUERY_WILDCARD, QUERY_BLACKLIST, QUERY_EXTERNAL_BLOCKED_IP, QUERY_EXTERNAL_BLOCKED_NULL, QUERY_EXTERNAL_BLOCKED_NXRA };
enum { TYPE_A = 1, TYPE_AAAA, TYPE_ANY, TYPE_SRV, TYPE_SOA, TYPE_PTR, TYPE_TXT, TYPE_MAX };
enum { REPLY_UNKNOWN, REPLY_NODATA, REPLY_NXDOMAIN, REPLY_CNAME, REPLY_IP, REPLY_DOMAIN, REPLY_RRNAME, REPLY_SERVFAIL, REPLY_REFUSED, REPLY_NOTIMP, REPLY_OTHER };
enum { PRIVACY_SHOW_ALL = 0, PRIVACY_HIDE_DOMAINS, PRIVACY_HIDE_DOMAINS_CLIENTS, PRIVACY_MAXIMUM, PRIVACY_NOSTATS };
Expand Down
12 changes: 8 additions & 4 deletions database.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -524,7 +524,9 @@ void save_to_DB(void)
if(queries[i].status == QUERY_GRAVITY ||
queries[i].status == QUERY_BLACKLIST ||
queries[i].status == QUERY_WILDCARD ||
queries[i].status == QUERY_EXTERNAL_BLOCKED)
queries[i].status == QUERY_EXTERNAL_BLOCKED_IP ||
queries[i].status == QUERY_EXTERNAL_BLOCKED_NULL ||
queries[i].status == QUERY_EXTERNAL_BLOCKED_NXRA)
blocked++;

// Update lasttimestamp variable with timestamp of the latest stored query
Expand Down Expand Up @@ -710,9 +712,9 @@ void read_data_from_DB(void)
}

int status = sqlite3_column_int(stmt, 3);
if(status < QUERY_UNKNOWN || status > QUERY_EXTERNAL_BLOCKED)
if(status < QUERY_UNKNOWN || status > QUERY_EXTERNAL_BLOCKED_NXRA)
{
logg("DB warn: STATUS should be within [%i,%i] but is %i", QUERY_UNKNOWN, QUERY_EXTERNAL_BLOCKED, status);
logg("DB warn: STATUS should be within [%i,%i] but is %i", QUERY_UNKNOWN, QUERY_EXTERNAL_BLOCKED_NXRA, status);
continue;
}

Expand Down Expand Up @@ -812,7 +814,9 @@ void read_data_from_DB(void)
case QUERY_GRAVITY: // Blocked by gravity.list
case QUERY_WILDCARD: // Blocked by regex filter
case QUERY_BLACKLIST: // Blocked by black.list
case QUERY_EXTERNAL_BLOCKED: // Blocked by external provider
case QUERY_EXTERNAL_BLOCKED_IP: // Blocked by external provider
case QUERY_EXTERNAL_BLOCKED_NULL: // Blocked by external provider
case QUERY_EXTERNAL_BLOCKED_NXRA: // Blocked by external provider
counters->blocked++;
overTime[timeidx].blocked++;
domains[domainID].blockedcount++;
Expand Down
28 changes: 17 additions & 11 deletions dnsmasq_interface.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ void save_reply_type(unsigned int flags, int queryID, struct timeval response);
unsigned long converttimeval(struct timeval time);
static void block_single_domain_regex(char *domain);
static void detect_blocked_IP(unsigned short flags, char* answer, int queryID);
static void query_externally_blocked(int i);
static void query_externally_blocked(int i, unsigned char status);
static int findQueryID(int id);

unsigned char* pihole_privacylevel = &config.privacylevel;
Expand Down Expand Up @@ -482,7 +482,9 @@ void _FTL_reply(unsigned short flags, char *name, struct all_addr *addr, int id,
{
// Only proceed if query is not already known
// to have been blocked by Quad9
if(queries[i].reply != QUERY_EXTERNAL_BLOCKED)
if(queries[i].reply != QUERY_EXTERNAL_BLOCKED_IP &&
queries[i].reply != QUERY_EXTERNAL_BLOCKED_NULL &&
queries[i].reply != QUERY_EXTERNAL_BLOCKED_NXRA)
{
// Save reply type and update individual reply counters
save_reply_type(flags, i, response);
Expand Down Expand Up @@ -536,7 +538,7 @@ static void detect_blocked_IP(unsigned short flags, char* answer, int queryID)
strcmp("146.112.61.109", answer) == 0 ||
strcmp("146.112.61.110", answer) == 0 ))
{
query_externally_blocked(queryID);
query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_IP);
}

else if(flags & F_IPV6 && answer != NULL &&
Expand All @@ -548,7 +550,7 @@ static void detect_blocked_IP(unsigned short flags, char* answer, int queryID)
strcmp("::ffff:146.112.61.109", answer) == 0 ||
strcmp("::ffff:146.112.61.110", answer) == 0 ))
{
query_externally_blocked(queryID);
query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_IP);
}

// If upstream replied with 0.0.0.0 or ::,
Expand All @@ -557,21 +559,23 @@ static void detect_blocked_IP(unsigned short flags, char* answer, int queryID)
else if(flags & F_IPV4 && answer != NULL &&
strcmp("0.0.0.0", answer) == 0)
{
query_externally_blocked(queryID);
query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_NULL);
}

else if(flags & F_IPV6 && answer != NULL &&
strcmp("::", answer) == 0)
{
query_externally_blocked(queryID);
query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_NULL);
}
}

static void query_externally_blocked(int i)
static void query_externally_blocked(int i, unsigned char status)
{
// If query is already known to be externally blocked,
// then we have nothing to do here
if(queries[i].status == QUERY_EXTERNAL_BLOCKED)
if(queries[i].status == QUERY_EXTERNAL_BLOCKED_IP ||
queries[i].status == QUERY_EXTERNAL_BLOCKED_NULL ||
queries[i].status == QUERY_EXTERNAL_BLOCKED_NXRA)
return;

// Correct counters if necessary ...
Expand All @@ -590,7 +594,7 @@ static void query_externally_blocked(int i)
validate_access("clients", queries[i].clientID, true, __LINE__, __FUNCTION__, __FILE__);
clients[queries[i].clientID].blockedcount++;

queries[i].status = QUERY_EXTERNAL_BLOCKED;
queries[i].status = status;
}

void _FTL_cache(unsigned int flags, char *name, struct all_addr *addr, char *arg, int id, const char* file, const int line)
Expand Down Expand Up @@ -722,7 +726,9 @@ void _FTL_cache(unsigned int flags, char *name, struct all_addr *addr, char *arg
counters->cached++;
overTime[timeidx].cached++;
break;
case QUERY_EXTERNAL_BLOCKED:
case QUERY_EXTERNAL_BLOCKED_IP:
case QUERY_EXTERNAL_BLOCKED_NULL:
case QUERY_EXTERNAL_BLOCKED_NXRA:
// everything has already been done
// in query_externally_blocked()
break;
Expand Down Expand Up @@ -880,7 +886,7 @@ void _FTL_header_analysis(const unsigned char header4, const unsigned int rcode,
gettimeofday(&response, 0);

// Store query as externally blocked
query_externally_blocked(queryID);
query_externally_blocked(queryID, QUERY_EXTERNAL_BLOCKED_NXRA);

// Store reply type as replied with NXDOMAIN
save_reply_type(F_NEG | F_NXDOMAIN, queryID, response);
Expand Down
4 changes: 3 additions & 1 deletion gc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,9 @@ void *GC_thread(void *val)
case QUERY_GRAVITY: // Blocked by Pi-hole's blocking lists (fall through)
case QUERY_BLACKLIST: // Exact blocked (fall through)
case QUERY_WILDCARD: // Regex blocked (fall through)
case QUERY_EXTERNAL_BLOCKED: // Blocked by upstream provider (fall through)
case QUERY_EXTERNAL_BLOCKED_IP: // Blocked by upstream provider (fall through)
case QUERY_EXTERNAL_BLOCKED_NXRA: // Blocked by upstream provider (fall through)
case QUERY_EXTERNAL_BLOCKED_NULL: // Blocked by upstream provider (fall through)
counters->blocked--;
overTime[timeidx].blocked--;
domains[domainID].blockedcount--;
Expand Down
2 changes: 1 addition & 1 deletion shmem.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
#include "shmem.h"

/// The version of shared memory used
#define SHARED_MEMORY_VERSION 2
#define SHARED_MEMORY_VERSION 3

/// The name of the shared memory. Use this when connecting to the shared memory.
#define SHARED_LOCK_NAME "/FTL-lock"
Expand Down

0 comments on commit 5bee17b

Please sign in to comment.