mirror of
https://github.com/qdm12/gluetun.git
synced 2026-05-06 20:10:11 +02:00
fix(dns): skip blocking if block lists download fails
This commit is contained in:
Quentin McGaw
@@ -12,7 +12,7 @@ require (
|
|||||||
github.com/klauspost/pgzip v1.2.6
|
github.com/klauspost/pgzip v1.2.6
|
||||||
github.com/mdlayher/genetlink v1.3.2
|
github.com/mdlayher/genetlink v1.3.2
|
||||||
github.com/pelletier/go-toml/v2 v2.2.4
|
github.com/pelletier/go-toml/v2 v2.2.4
|
||||||
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260216144148-3f6b7de87740
|
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260216151239-36b3306f2205
|
||||||
github.com/qdm12/gosettings v0.4.4
|
github.com/qdm12/gosettings v0.4.4
|
||||||
github.com/qdm12/goshutdown v0.3.0
|
github.com/qdm12/goshutdown v0.3.0
|
||||||
github.com/qdm12/gosplash v0.2.0
|
github.com/qdm12/gosplash v0.2.0
|
||||||
|
|||||||
@@ -73,8 +73,8 @@ github.com/prometheus/common v0.60.1 h1:FUas6GcOw66yB/73KC+BOZoFJmbo/1pojoILArPA
|
|||||||
github.com/prometheus/common v0.60.1/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw=
|
github.com/prometheus/common v0.60.1/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw=
|
||||||
github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
|
github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
|
||||||
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
|
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
|
||||||
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260216144148-3f6b7de87740 h1:MJKaCmBFnmaX9uZUZYHB+kpxF+FRoDBY1Fx8CVaes6I=
|
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260216151239-36b3306f2205 h1:0ycKUDQ50cYb2QpeyGcEnvVs9HJmC9jsb/XZNC1z28c=
|
||||||
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260216144148-3f6b7de87740/go.mod h1:98foWgXJZ+g8gJIuO+fdO+oWpFei5WShMFTeN4Im2lE=
|
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260216151239-36b3306f2205/go.mod h1:98foWgXJZ+g8gJIuO+fdO+oWpFei5WShMFTeN4Im2lE=
|
||||||
github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978 h1:TRGpCU1l0lNwtogEUSs5U+RFceYxkAJUmrGabno7J5c=
|
github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978 h1:TRGpCU1l0lNwtogEUSs5U+RFceYxkAJUmrGabno7J5c=
|
||||||
github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978/go.mod h1:D1Po4CRQLYjccnAR2JsVlN1sBMgQrcNLONbvyuzcdTg=
|
github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978/go.mod h1:D1Po4CRQLYjccnAR2JsVlN1sBMgQrcNLONbvyuzcdTg=
|
||||||
github.com/qdm12/gosettings v0.4.4 h1:SM6tOZDf6k8qbjWU8KWyBF4mWIixfsKCfh9DGRLHlj4=
|
github.com/qdm12/gosettings v0.4.4 h1:SM6tOZDf6k8qbjWU8KWyBF4mWIixfsKCfh9DGRLHlj4=
|
||||||
|
|||||||
@@ -2,7 +2,6 @@ package dns
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"errors"
|
|
||||||
|
|
||||||
"github.com/qdm12/dns/v2/pkg/nameserver"
|
"github.com/qdm12/dns/v2/pkg/nameserver"
|
||||||
"github.com/qdm12/gluetun/internal/constants"
|
"github.com/qdm12/gluetun/internal/constants"
|
||||||
@@ -53,11 +52,6 @@ func (l *Loop) Run(ctx context.Context, done chan<- struct{}) {
|
|||||||
if ctx.Err() != nil {
|
if ctx.Err() != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if !errors.Is(err, errUpdateBlockLists) {
|
|
||||||
const fallback = true
|
|
||||||
l.useUnencryptedDNS(fallback)
|
|
||||||
}
|
|
||||||
l.logAndWait(ctx, err)
|
l.logAndWait(ctx, err)
|
||||||
settings = l.GetSettings()
|
settings = l.GetSettings()
|
||||||
}
|
}
|
||||||
|
|||||||
+10
-6
@@ -2,24 +2,28 @@ package dns
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"errors"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
|
|
||||||
"github.com/qdm12/dns/v2/pkg/check"
|
"github.com/qdm12/dns/v2/pkg/check"
|
||||||
|
"github.com/qdm12/dns/v2/pkg/middlewares/filter/update"
|
||||||
"github.com/qdm12/dns/v2/pkg/nameserver"
|
"github.com/qdm12/dns/v2/pkg/nameserver"
|
||||||
"github.com/qdm12/dns/v2/pkg/server"
|
"github.com/qdm12/dns/v2/pkg/server"
|
||||||
)
|
)
|
||||||
|
|
||||||
var errUpdateBlockLists = errors.New("cannot update filter block lists")
|
|
||||||
|
|
||||||
func (l *Loop) setupServer(ctx context.Context) (runError <-chan error, err error) {
|
func (l *Loop) setupServer(ctx context.Context) (runError <-chan error, err error) {
|
||||||
err = l.updateFiles(ctx)
|
settings := l.GetSettings()
|
||||||
|
var updateSettings update.Settings
|
||||||
|
updateSettings.SetRebindingProtectionExempt(settings.Blacklist.RebindingProtectionExemptHostnames)
|
||||||
|
err = l.filter.Update(updateSettings)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("%w: %w", errUpdateBlockLists, err)
|
return nil, fmt.Errorf("updating filter for rebinding protection: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
settings := l.GetSettings()
|
err = l.updateFiles(ctx, settings)
|
||||||
|
if err != nil {
|
||||||
|
l.logger.Warn("downloading block lists failed, skipping: " + err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
serverSettings, err := buildServerSettings(settings, l.filter, l.localResolvers, l.logger)
|
serverSettings, err := buildServerSettings(settings, l.filter, l.localResolvers, l.logger)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@@ -28,12 +28,12 @@ func (l *Loop) RunRestartTicker(ctx context.Context, done chan<- struct{}) {
|
|||||||
return
|
return
|
||||||
case <-timer.C:
|
case <-timer.C:
|
||||||
lastTick = l.timeNow()
|
lastTick = l.timeNow()
|
||||||
|
settings := l.GetSettings()
|
||||||
if l.GetStatus() == constants.Running {
|
if l.GetStatus() == constants.Running {
|
||||||
if err := l.updateFiles(ctx); err != nil {
|
if err := l.updateFiles(ctx, settings); err != nil {
|
||||||
l.logger.Warn("updating block lists failed, skipping: " + err.Error())
|
l.logger.Warn("updating block lists failed, skipping: " + err.Error())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
settings := l.GetSettings()
|
|
||||||
timer.Reset(*settings.UpdatePeriod)
|
timer.Reset(*settings.UpdatePeriod)
|
||||||
case <-l.updateTicker:
|
case <-l.updateTicker:
|
||||||
if !timer.Stop() {
|
if !timer.Stop() {
|
||||||
|
|||||||
@@ -6,11 +6,10 @@ import (
|
|||||||
|
|
||||||
"github.com/qdm12/dns/v2/pkg/blockbuilder"
|
"github.com/qdm12/dns/v2/pkg/blockbuilder"
|
||||||
"github.com/qdm12/dns/v2/pkg/middlewares/filter/update"
|
"github.com/qdm12/dns/v2/pkg/middlewares/filter/update"
|
||||||
|
"github.com/qdm12/gluetun/internal/configuration/settings"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (l *Loop) updateFiles(ctx context.Context) (err error) {
|
func (l *Loop) updateFiles(ctx context.Context, settings settings.DNS) (err error) {
|
||||||
settings := l.GetSettings()
|
|
||||||
|
|
||||||
l.logger.Info("downloading hostnames and IP block lists")
|
l.logger.Info("downloading hostnames and IP block lists")
|
||||||
blacklistSettings := settings.Blacklist.ToBlockBuilderSettings(l.client)
|
blacklistSettings := settings.Blacklist.ToBlockBuilderSettings(l.client)
|
||||||
|
|
||||||
@@ -37,7 +36,6 @@ func (l *Loop) updateFiles(ctx context.Context) (err error) {
|
|||||||
IPPrefixes: result.BlockedIPPrefixes,
|
IPPrefixes: result.BlockedIPPrefixes,
|
||||||
}
|
}
|
||||||
updateSettings.BlockHostnames(result.BlockedHostnames)
|
updateSettings.BlockHostnames(result.BlockedHostnames)
|
||||||
updateSettings.SetRebindingProtectionExempt(settings.Blacklist.RebindingProtectionExemptHostnames)
|
|
||||||
err = l.filter.Update(updateSettings)
|
err = l.filter.Update(updateSettings)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("updating filter: %w", err)
|
return fmt.Errorf("updating filter: %w", err)
|
||||||
|
|||||||
Reference in New Issue
Block a user