README
¶
blocked
A coredns plugin to block domains/query.
Usage
.:1053 {
errors
bind 127.0.0.1
forward . 223.5.5.5:53
log . {
class all
}
blocked {
# to reload cache_data/black_list/white_list, default: 5days.
# Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
reload 86400s
# bloom filter capacity & rate. default: 250_000 0.001
size_rate 250_000 0.001
# enable log, remove is disable
log
# hostname query, default: refused. Options: ignore / refused
hostname_query refused
# blocked_query_response, default: soa. Options: soa / zero / hinfo / no-ans / refused
# can config some special for qtypes
resp_type zero {
refused ANY AAAA HTTPS MX PTR SRV CNAME
zero AAAA
}
# covert domain in wildcard, and compare all to filter
# if use it black_list must used `local+` prefix to skip domain valid
wildcard
# (the last cache-data will be ues) load cache file from local or remote
cache_data https://example.com/rules.data
cache_data <AbsolutePath>/rules.data
# black list to block query, load rules from local or remote.
# use `local+` will skip the domain verify means allow any line exclude comment
black_list <AbsolutePath>/list.txt
black_list local+<AbsolutePath>/list.txt
black_list https://example.com/reject-list.txt
# white list to disable block
white_list <AbsolutePath>/white-list.txt
white_list https://example.com/white-list.txt
}
}
Feature
- 大规则小内存匹配快,Thanks: bits-and-blooms
- 支持从远端/本地加载缓存
- 支持黑/白名单的规则,并可从远端/本地加载规则
- 默认远端加载会检查域名合法性;本地使用
local+前缀,跳过合法性检查
- 默认远端加载会检查域名合法性;本地使用
- 支持多种屏蔽的返回报文
SOAHINFOZERONo-AnsNX-NXDOMAINREFUSED
- 支持屏蔽指定查询类型
- 支持多种格式的规则文件
hosts-HostParsersurge-SurgeParserdnsmasq-DnsmasqParserdomain-DomainParserabnf-ABNFParser, 需要使用abnf+前缀指定解析器
TODO
- Github Action 创建缓存文件
- Github Action 创建bin文件
- 使用缓存文件
- 增加response的报文类型
- expose过滤器的参数
- 增加white_list
- 屏蔽指定类型的dns查询
- 支持泛域名屏蔽规则(需要考虑n级域名的问题)
- 引入AdGuard的过滤器
- ...
Changelog & Note
Documentation
¶
Index ¶
- Constants
- func CreateHINFO(q dns.Question, r *dns.Msg) *dns.Msg
- func CreateNOANS(_ dns.Question, r *dns.Msg) *dns.Msg
- func CreateNXDOMAIN(_ dns.Question, r *dns.Msg) *dns.Msg
- func CreateREFUSED(_ dns.Question, r *dns.Msg) *dns.Msg
- func CreateSOA(q dns.Question, r *dns.Msg) *dns.Msg
- func CreateZERO(q dns.Question, r *dns.Msg) *dns.Msg
- func FileToLines(path string) ([]string, error)
- func GetWild(h string) []string
- func IsBlocked(cfg *Configs, host string) bool
- func IsHostname(s string) bool
- func LinesFromReader(r io.Reader) ([]string, error)
- func LocalCacheLoader(path string) (*bloom.Filter, error)
- func LocalRuleLoader(path string, filter *bloom.Filter, strictMode bool) error
- func PureDomain(s string) string
- func RemoteCacheLoader(uri string) (*bloom.Filter, error)
- func RemoteRuleLoader(uri string, filter *bloom.Filter) error
- func UrlToLines(url string) ([]string, error)
- type Blocked
- type Configs
- type RespFunc
- type RespType
Constants ¶
View Source
const ( MINUTE = 60 HOUR = 60 * MINUTE DAY = 24 * HOUR )
View Source
const (
NXDOMAIN = NX
)
Variables ¶
This section is empty.
Functions ¶
func FileToLines ¶
func IsHostname ¶ added in v1.1.0
func LocalRuleLoader ¶ added in v1.1.4
func PureDomain ¶ added in v1.1.0
func RemoteRuleLoader ¶ added in v1.1.4
func UrlToLines ¶
Types ¶
type Blocked ¶
type Configs ¶
type Configs struct {
sync.RWMutex
Size int
Rate float64
// contains filtered or unexported fields
}
func NewConfigs ¶ added in v1.1.0
func NewConfigs() *Configs
type RespFunc ¶ added in v1.1.0
func RespType2RespFunc ¶ added in v1.1.0
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.