feat(dns): resolve network-local names (#2970)
This commit is contained in:
Quentin McGaw
@@ -4,6 +4,7 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"net/netip"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/qdm12/dns/v2/pkg/middlewares/filter/mapfilter"
|
"github.com/qdm12/dns/v2/pkg/middlewares/filter/mapfilter"
|
||||||
@@ -20,6 +21,7 @@ type Loop struct {
|
|||||||
state *state.State
|
state *state.State
|
||||||
server *server.Server
|
server *server.Server
|
||||||
filter *mapfilter.Filter
|
filter *mapfilter.Filter
|
||||||
|
localResolvers []netip.AddrPort
|
||||||
resolvConf string
|
resolvConf string
|
||||||
client *http.Client
|
client *http.Client
|
||||||
logger Logger
|
logger Logger
|
||||||
|
|||||||
@@ -4,12 +4,15 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"errors"
|
"errors"
|
||||||
|
|
||||||
|
"github.com/qdm12/dns/v2/pkg/nameserver"
|
||||||
"github.com/qdm12/gluetun/internal/constants"
|
"github.com/qdm12/gluetun/internal/constants"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (l *Loop) Run(ctx context.Context, done chan<- struct{}) {
|
func (l *Loop) Run(ctx context.Context, done chan<- struct{}) {
|
||||||
defer close(done)
|
defer close(done)
|
||||||
|
|
||||||
|
l.localResolvers = nameserver.GetPrivateDNSServers()
|
||||||
|
|
||||||
if *l.GetSettings().KeepNameserver {
|
if *l.GetSettings().KeepNameserver {
|
||||||
l.logger.Warn("⚠️⚠️⚠️ keeping the default container nameservers, " +
|
l.logger.Warn("⚠️⚠️⚠️ keeping the default container nameservers, " +
|
||||||
"this will likely leak DNS traffic outside the VPN " +
|
"this will likely leak DNS traffic outside the VPN " +
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ package dns
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"net/netip"
|
||||||
|
|
||||||
"github.com/qdm12/dns/v2/pkg/doh"
|
"github.com/qdm12/dns/v2/pkg/doh"
|
||||||
"github.com/qdm12/dns/v2/pkg/dot"
|
"github.com/qdm12/dns/v2/pkg/dot"
|
||||||
@@ -10,6 +11,7 @@ import (
|
|||||||
"github.com/qdm12/dns/v2/pkg/middlewares/cache/lru"
|
"github.com/qdm12/dns/v2/pkg/middlewares/cache/lru"
|
||||||
filtermiddleware "github.com/qdm12/dns/v2/pkg/middlewares/filter"
|
filtermiddleware "github.com/qdm12/dns/v2/pkg/middlewares/filter"
|
||||||
"github.com/qdm12/dns/v2/pkg/middlewares/filter/mapfilter"
|
"github.com/qdm12/dns/v2/pkg/middlewares/filter/mapfilter"
|
||||||
|
"github.com/qdm12/dns/v2/pkg/middlewares/localdns"
|
||||||
"github.com/qdm12/dns/v2/pkg/plain"
|
"github.com/qdm12/dns/v2/pkg/plain"
|
||||||
"github.com/qdm12/dns/v2/pkg/provider"
|
"github.com/qdm12/dns/v2/pkg/provider"
|
||||||
"github.com/qdm12/dns/v2/pkg/server"
|
"github.com/qdm12/dns/v2/pkg/server"
|
||||||
@@ -25,7 +27,8 @@ func (l *Loop) SetSettings(ctx context.Context, settings settings.DNS) (
|
|||||||
}
|
}
|
||||||
|
|
||||||
func buildServerSettings(settings settings.DNS,
|
func buildServerSettings(settings settings.DNS,
|
||||||
filter *mapfilter.Filter, logger Logger) (
|
filter *mapfilter.Filter, localResolvers []netip.AddrPort,
|
||||||
|
logger Logger) (
|
||||||
serverSettings server.Settings, err error,
|
serverSettings server.Settings, err error,
|
||||||
) {
|
) {
|
||||||
serverSettings.Logger = logger
|
serverSettings.Logger = logger
|
||||||
@@ -101,5 +104,17 @@ func buildServerSettings(settings settings.DNS,
|
|||||||
}
|
}
|
||||||
serverSettings.Middlewares = append(serverSettings.Middlewares, filterMiddleware)
|
serverSettings.Middlewares = append(serverSettings.Middlewares, filterMiddleware)
|
||||||
|
|
||||||
|
localDNSMiddleware, err := localdns.New(localdns.Settings{
|
||||||
|
Resolvers: localResolvers, // auto-detected at container start only
|
||||||
|
Logger: logger,
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return server.Settings{}, fmt.Errorf("creating local DNS middleware: %w", err)
|
||||||
|
}
|
||||||
|
// Place after cache middleware, since we want to avoid caching for local
|
||||||
|
// hostnames that may change regularly.
|
||||||
|
// Place after filter middleware to avoid conflicts with the rebinding protection.
|
||||||
|
serverSettings.Middlewares = append(serverSettings.Middlewares, localDNSMiddleware)
|
||||||
|
|
||||||
return serverSettings, nil
|
return serverSettings, nil
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -21,7 +21,7 @@ func (l *Loop) setupServer(ctx context.Context) (runError <-chan error, err erro
|
|||||||
|
|
||||||
settings := l.GetSettings()
|
settings := l.GetSettings()
|
||||||
|
|
||||||
serverSettings, err := buildServerSettings(settings, l.filter, l.logger)
|
serverSettings, err := buildServerSettings(settings, l.filter, l.localResolvers, l.logger)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("building server settings: %w", err)
|
return nil, fmt.Errorf("building server settings: %w", err)
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user