From f8f2162c5ff1f4200abcfca40cd2d92b4e342f1f Mon Sep 17 00:00:00 2001 From: Shreyas Zare Date: Sat, 2 Oct 2021 12:41:01 +0530 Subject: [PATCH] AdvancedBlocking: updated implementation to have blocking options at group level. --- Apps/AdvancedBlockingApp/App.cs | 166 +++++++++++++++---------- Apps/AdvancedBlockingApp/dnsApp.config | 22 ++-- 2 files changed, 112 insertions(+), 76 deletions(-) diff --git a/Apps/AdvancedBlockingApp/App.cs b/Apps/AdvancedBlockingApp/App.cs index f4ac970c..d4c53e6a 100644 --- a/Apps/AdvancedBlockingApp/App.cs +++ b/Apps/AdvancedBlockingApp/App.cs @@ -44,16 +44,12 @@ namespace AdvancedBlocking IDnsServer _dnsServer; string _localCacheFolder; - bool _enableBlocking; - bool _allowTxtBlockingReport; - bool _blockAsNxDomain; - int _blockListUrlUpdateIntervalHours; - - IReadOnlyCollection _aRecords; - IReadOnlyCollection _aaaaRecords; DnsSOARecord _soaRecord; DnsNSRecord _nsRecord; + bool _enableBlocking; + int _blockListUrlUpdateIntervalHours; + IReadOnlyDictionary _networkGroupMap; IReadOnlyDictionary _groups; @@ -224,7 +220,7 @@ namespace AdvancedBlocking } } - _dnsServer.WriteLog("Advance Blocking app successfully downloaded " + (isAdblockList ? "adblock" : (isRegexList ? "regex " : "") + (isAllowList ? "allow" : "block")) + " list (" + WebUtilities.GetFormattedSize(new FileInfo(listFilePath).Length) + "): " + listUrl.AbsoluteUri); + _dnsServer.WriteLog("Advanced Blocking app successfully downloaded " + (isAdblockList ? "adblock" : (isRegexList ? "regex " : "") + (isAllowList ? "allow" : "block")) + " list (" + WebUtilities.GetFormattedSize(new FileInfo(listFilePath).Length) + "): " + listUrl.AbsoluteUri); } break; @@ -232,7 +228,7 @@ namespace AdvancedBlocking { notModified = true; - _dnsServer.WriteLog("Advance Blocking app successfully checked for a new update of the " + (isAdblockList ? "adblock" : (isRegexList ? "regex " : "") + (isAllowList ? "allow" : "block")) + " list: " + listUrl.AbsoluteUri); + _dnsServer.WriteLog("Advanced Blocking app successfully checked for a new update of the " + (isAdblockList ? "adblock" : (isRegexList ? "regex " : "") + (isAllowList ? "allow" : "block")) + " list: " + listUrl.AbsoluteUri); } break; @@ -243,7 +239,7 @@ namespace AdvancedBlocking } catch (Exception ex) { - _dnsServer.WriteLog("Advance Blocking app failed to download " + (isAdblockList ? "adblock" : (isRegexList ? "regex " : "") + (isAllowList ? "allow" : "block")) + " list and will use previously downloaded file (if available): " + listUrl.AbsoluteUri + "\r\n" + ex.ToString()); + _dnsServer.WriteLog("Advanced Blocking app failed to download " + (isAdblockList ? "adblock" : (isRegexList ? "regex " : "") + (isAllowList ? "allow" : "block")) + " list and will use previously downloaded file (if available): " + listUrl.AbsoluteUri + "\r\n" + ex.ToString()); } } @@ -308,7 +304,7 @@ namespace AdvancedBlocking try { - _dnsServer.WriteLog("Advance Blocking app is reading " + (isAllowList ? "allow" : "block") + " list from: " + listUrl.AbsoluteUri); + _dnsServer.WriteLog("Advanced Blocking app is reading " + (isAllowList ? "allow" : "block") + " list from: " + listUrl.AbsoluteUri); using (FileStream fS = new FileStream(GetListFilePath(listUrl), FileMode.Open, FileAccess.Read)) { @@ -378,11 +374,11 @@ namespace AdvancedBlocking } } - _dnsServer.WriteLog("Advance Blocking app read " + (isAllowList ? "allow" : "block") + " list file (" + domains.Count + " domains) from: " + listUrl.AbsoluteUri); + _dnsServer.WriteLog("Advanced Blocking app read " + (isAllowList ? "allow" : "block") + " list file (" + domains.Count + " domains) from: " + listUrl.AbsoluteUri); } catch (Exception ex) { - _dnsServer.WriteLog("Advance Blocking app failed to read " + (isAllowList ? "allow" : "block") + " list from: " + listUrl.AbsoluteUri + "\r\n" + ex.ToString()); + _dnsServer.WriteLog("Advanced Blocking app failed to read " + (isAllowList ? "allow" : "block") + " list from: " + listUrl.AbsoluteUri + "\r\n" + ex.ToString()); } return domains; @@ -394,7 +390,7 @@ namespace AdvancedBlocking try { - _dnsServer.WriteLog("Advance Blocking app is reading regex " + (isAllowList ? "allow" : "block") + " list from: " + listUrl.AbsoluteUri); + _dnsServer.WriteLog("Advanced Blocking app is reading regex " + (isAllowList ? "allow" : "block") + " list from: " + listUrl.AbsoluteUri); using (FileStream fS = new FileStream(GetListFilePath(listUrl), FileMode.Open, FileAccess.Read)) { @@ -420,11 +416,11 @@ namespace AdvancedBlocking } } - _dnsServer.WriteLog("Advance Blocking app read regex " + (isAllowList ? "allow" : "block") + " list file (" + regices.Count + " regex patterns) from: " + listUrl.AbsoluteUri); + _dnsServer.WriteLog("Advanced Blocking app read regex " + (isAllowList ? "allow" : "block") + " list file (" + regices.Count + " regex patterns) from: " + listUrl.AbsoluteUri); } catch (Exception ex) { - _dnsServer.WriteLog("Advance Blocking app failed to read regex " + (isAllowList ? "allow" : "block") + " list from: " + listUrl.AbsoluteUri + "\r\n" + ex.ToString()); + _dnsServer.WriteLog("Advanced Blocking app failed to read regex " + (isAllowList ? "allow" : "block") + " list from: " + listUrl.AbsoluteUri + "\r\n" + ex.ToString()); } return regices; @@ -437,7 +433,7 @@ namespace AdvancedBlocking try { - _dnsServer.WriteLog("Advance Blocking app is reading adblock list from: " + listUrl.AbsoluteUri); + _dnsServer.WriteLog("Advanced Blocking app is reading adblock list from: " + listUrl.AbsoluteUri); using (FileStream fS = new FileStream(GetListFilePath(listUrl), FileMode.Open, FileAccess.Read)) { @@ -500,11 +496,11 @@ namespace AdvancedBlocking } } - _dnsServer.WriteLog("Advance Blocking app read adblock list file (" + (allowedDomains.Count + blockedDomains.Count) + " domains) from: " + listUrl.AbsoluteUri); + _dnsServer.WriteLog("Advanced Blocking app read adblock list file (" + (allowedDomains.Count + blockedDomains.Count) + " domains) from: " + listUrl.AbsoluteUri); } catch (Exception ex) { - _dnsServer.WriteLog("Advance Blocking app failed to read adblock list from: " + listUrl.AbsoluteUri + "\r\n" + ex.ToString()); + _dnsServer.WriteLog("Advanced Blocking app failed to read adblock list from: " + listUrl.AbsoluteUri + "\r\n" + ex.ToString()); } } @@ -762,7 +758,7 @@ namespace AdvancedBlocking if (loadRegexBlockList) group.LoadRegexBlockListZone(allRegexBlockListQueues); - _dnsServer.WriteLog("Advance Blocking app loaded all zones successfully for group: " + group.Name); + _dnsServer.WriteLog("Advanced Blocking app loaded all zones successfully for group: " + group.Name); } private static bool ListsEquals(IReadOnlyList list1, IReadOnlyList list2) @@ -811,42 +807,14 @@ namespace AdvancedBlocking Directory.CreateDirectory(_localCacheFolder); + _soaRecord = new DnsSOARecord(_dnsServer.ServerDomain, "hostadmin." + _dnsServer.ServerDomain, 1, 14400, 3600, 604800, 60); + _nsRecord = new DnsNSRecord(_dnsServer.ServerDomain); + dynamic jsonConfig = JsonConvert.DeserializeObject(config); _enableBlocking = jsonConfig.enableBlocking.Value; - _allowTxtBlockingReport = jsonConfig.allowTxtBlockingReport.Value; - _blockAsNxDomain = jsonConfig.blockAsNxDomain.Value; _blockListUrlUpdateIntervalHours = Convert.ToInt32(jsonConfig.blockListUrlUpdateIntervalHours.Value); - { - List aRecords = new List(); - List aaaaRecords = new List(); - - foreach (dynamic jsonBlockingAddress in jsonConfig.blockingAddresses) - { - string strAddress = jsonBlockingAddress.Value; - - if (IPAddress.TryParse(strAddress, out IPAddress address)) - { - switch (address.AddressFamily) - { - case AddressFamily.InterNetwork: - aRecords.Add(new DnsARecord(address)); - break; - - case AddressFamily.InterNetworkV6: - aaaaRecords.Add(new DnsAAAARecord(address)); - break; - } - } - } - - _aRecords = aRecords; - _aaaaRecords = aaaaRecords; - _soaRecord = new DnsSOARecord(dnsServer.ServerDomain, "hostadmin." + dnsServer.ServerDomain, 1, 14400, 3600, 604800, 60); - _nsRecord = new DnsNSRecord(dnsServer.ServerDomain); - } - { Dictionary networkGroupMap = new Dictionary(); @@ -900,7 +868,11 @@ namespace AdvancedBlocking if (loadFlags > 0) updatedGroups.Add(existingGroup, loadFlags); - existingGroup.Enabled = group.Enabled; + existingGroup.EnableBlocking = group.EnableBlocking; + existingGroup.AllowTxtBlockingReport = group.AllowTxtBlockingReport; + existingGroup.BlockAsNxDomain = group.BlockAsNxDomain; + existingGroup.ARecords = group.ARecords; + existingGroup.AAAARecords = group.AAAARecords; existingGroup.Allowed = group.Allowed; existingGroup.Blocked = group.Blocked; @@ -996,7 +968,7 @@ namespace AdvancedBlocking } } - if ((groupName is null) || !_groups.TryGetValue(groupName, out Group group) || !group.Enabled) + if ((groupName is null) || !_groups.TryGetValue(groupName, out Group group) || !group.EnableBlocking) return Task.FromResult(null); DnsQuestionRecord question = request.Question[0]; @@ -1005,7 +977,7 @@ namespace AdvancedBlocking if (blockListUrls is null) return Task.FromResult(null); - if (_allowTxtBlockingReport && (question.Type == DnsResourceRecordType.TXT)) + if (group.AllowTxtBlockingReport && (question.Type == DnsResourceRecordType.TXT)) { //return meta data DnsResourceRecord[] answer; @@ -1017,11 +989,11 @@ namespace AdvancedBlocking answer = new DnsResourceRecord[blockListUrls.Count]; for (int i = 0; i < answer.Length; i++) - answer[i] = new DnsResourceRecord(question.Name, DnsResourceRecordType.TXT, question.Class, 60, new DnsTXTRecord("source=advance-blocking-app; group=" + group.Name + "; blockListUrl=" + blockListUrls[i].AbsoluteUri + "; domain=" + blockedDomain)); + answer[i] = new DnsResourceRecord(question.Name, DnsResourceRecordType.TXT, question.Class, 60, new DnsTXTRecord("source=advanced-blocking-app; group=" + group.Name + "; blockListUrl=" + blockListUrls[i].AbsoluteUri + "; domain=" + blockedDomain)); } else { - answer = new DnsResourceRecord[] { new DnsResourceRecord(question.Name, DnsResourceRecordType.TXT, question.Class, 60, new DnsTXTRecord("source=advance-blocking-app; group=" + group.Name + "; domain=" + blockedDomain)) }; + answer = new DnsResourceRecord[] { new DnsResourceRecord(question.Name, DnsResourceRecordType.TXT, question.Class, 60, new DnsTXTRecord("source=advanced-blocking-app; group=" + group.Name + "; domain=" + blockedDomain)) }; } } else @@ -1031,11 +1003,11 @@ namespace AdvancedBlocking answer = new DnsResourceRecord[blockListUrls.Count]; for (int i = 0; i < answer.Length; i++) - answer[i] = new DnsResourceRecord(question.Name, DnsResourceRecordType.TXT, question.Class, 60, new DnsTXTRecord("source=advance-blocking-app; group=" + group.Name + "; regexBlockListUrl=" + blockListUrls[i].AbsoluteUri + "; regex=" + blockedRegex)); + answer[i] = new DnsResourceRecord(question.Name, DnsResourceRecordType.TXT, question.Class, 60, new DnsTXTRecord("source=advanced-blocking-app; group=" + group.Name + "; regexBlockListUrl=" + blockListUrls[i].AbsoluteUri + "; regex=" + blockedRegex)); } else { - answer = new DnsResourceRecord[] { new DnsResourceRecord(question.Name, DnsResourceRecordType.TXT, question.Class, 60, new DnsTXTRecord("source=advance-blocking-app; group=" + group.Name + "; regex=" + blockedRegex)) }; + answer = new DnsResourceRecord[] { new DnsResourceRecord(question.Name, DnsResourceRecordType.TXT, question.Class, 60, new DnsTXTRecord("source=advanced-blocking-app; group=" + group.Name + "; regex=" + blockedRegex)) }; } } @@ -1047,7 +1019,7 @@ namespace AdvancedBlocking IReadOnlyList answer = null; IReadOnlyList authority = null; - if (_blockAsNxDomain) + if (group.BlockAsNxDomain) { rcode = DnsResponseCode.NxDomain; @@ -1065,9 +1037,9 @@ namespace AdvancedBlocking { case DnsResourceRecordType.A: { - List rrList = new List(_aRecords.Count); + List rrList = new List(group.ARecords.Count); - foreach (DnsARecord record in _aRecords) + foreach (DnsARecord record in group.ARecords) rrList.Add(new DnsResourceRecord(question.Name, DnsResourceRecordType.A, question.Class, 60, record)); answer = rrList; @@ -1076,9 +1048,9 @@ namespace AdvancedBlocking case DnsResourceRecordType.AAAA: { - List rrList = new List(_aaaaRecords.Count); + List rrList = new List(group.AAAARecords.Count); - foreach (DnsAAAARecord record in _aaaaRecords) + foreach (DnsAAAARecord record in group.AAAARecords) rrList.Add(new DnsResourceRecord(question.Name, DnsResourceRecordType.AAAA, question.Class, 60, record)); answer = rrList; @@ -1119,7 +1091,12 @@ namespace AdvancedBlocking readonly App _app; readonly string _name; - bool _enabled; + bool _enableBlocking; + bool _allowTxtBlockingReport; + bool _blockAsNxDomain; + + IReadOnlyCollection _aRecords; + IReadOnlyCollection _aaaaRecords; IReadOnlyDictionary _allowed; IReadOnlyDictionary _blocked; @@ -1148,7 +1125,36 @@ namespace AdvancedBlocking _app = app; _name = jsonGroup.name.Value; - _enabled = jsonGroup.enabled.Value; + _enableBlocking = jsonGroup.enableBlocking.Value; + _allowTxtBlockingReport = jsonGroup.allowTxtBlockingReport.Value; + _blockAsNxDomain = jsonGroup.blockAsNxDomain.Value; + + { + List aRecords = new List(); + List aaaaRecords = new List(); + + foreach (dynamic jsonBlockingAddress in jsonGroup.blockingAddresses) + { + string strAddress = jsonBlockingAddress.Value; + + if (IPAddress.TryParse(strAddress, out IPAddress address)) + { + switch (address.AddressFamily) + { + case AddressFamily.InterNetwork: + aRecords.Add(new DnsARecord(address)); + break; + + case AddressFamily.InterNetworkV6: + aaaaRecords.Add(new DnsAAAARecord(address)); + break; + } + } + } + + _aRecords = aRecords; + _aaaaRecords = aaaaRecords; + } _allowed = ReadJsonDomainArray(jsonGroup.allowed); _blocked = ReadJsonDomainArray(jsonGroup.blocked); @@ -1444,10 +1450,34 @@ namespace AdvancedBlocking public string Name { get { return _name; } } - public bool Enabled + public bool EnableBlocking { - get { return _enabled; } - set { _enabled = value; } + get { return _enableBlocking; } + set { _enableBlocking = value; } + } + + public bool AllowTxtBlockingReport + { + get { return _allowTxtBlockingReport; } + set { _allowTxtBlockingReport = value; } + } + + public bool BlockAsNxDomain + { + get { return _blockAsNxDomain; } + set { _blockAsNxDomain = value; } + } + + public IReadOnlyCollection ARecords + { + get { return _aRecords; } + set { _aRecords = value; } + } + + public IReadOnlyCollection AAAARecords + { + get { return _aaaaRecords; } + set { _aaaaRecords = value; } } public IReadOnlyDictionary Allowed diff --git a/Apps/AdvancedBlockingApp/dnsApp.config b/Apps/AdvancedBlockingApp/dnsApp.config index 8d4c49c0..38d2c922 100644 --- a/Apps/AdvancedBlockingApp/dnsApp.config +++ b/Apps/AdvancedBlockingApp/dnsApp.config @@ -1,12 +1,6 @@ { "enableBlocking": true, - "allowTxtBlockingReport": true, - "blockAsNxDomain": false, "blockListUrlUpdateIntervalHours": 24, - "blockingAddresses": [ - "0.0.0.0", - "::" - ], "networkGroupMap": { "192.168.10.20": "kids", "0.0.0.0/0": "everyone" @@ -14,7 +8,13 @@ "groups": [ { "name": "everyone", - "enabled": true, + "enableBlocking": true, + "allowTxtBlockingReport": true, + "blockAsNxDomain": false, + "blockingAddresses": [ + "0.0.0.0", + "::" + ], "allowed": [], "blocked": [ "example.com" @@ -33,7 +33,13 @@ }, { "name": "kids", - "enabled": true, + "enableBlocking": true, + "allowTxtBlockingReport": true, + "blockAsNxDomain": false, + "blockingAddresses": [ + "0.0.0.0", + "::" + ], "allowed": [], "blocked": [], "allowListUrls": [],