diff --git a/blacklist.go b/blacklist.go index ab99104..01b5995 100644 --- a/blacklist.go +++ b/blacklist.go @@ -3,12 +3,18 @@ package main import ( "io/ioutil" "log" + "net" "net/http" "regexp" "github.com/miekg/dns" ) +const blockTTL uint32 = 300 + +var nullIPv4 = net.IPv4(0, 0, 0, 0) +var nullIPv6 = net.ParseIP("::/0") + func loadBlacklist(config []configBlacklist) map[string]bool { list := make([]string, 0) for _, element := range config { @@ -77,3 +83,33 @@ func parseRawBlacklist(blacklist configBlacklist, raw string) []string { return finalList } + +func handleBlockedDomain(w dns.ResponseWriter, r *dns.Msg) { + q := r.Question[0] + + m := new(dns.Msg) + m.SetReply(r) + if q.Qtype == dns.TypeA { + m.Answer = append(m.Answer, &dns.A{ + Hdr: dns.RR_Header{ + Name: q.Name, + Rrtype: dns.TypeA, + Class: dns.ClassINET, + Ttl: blockTTL, + }, + A: nullIPv4, + }) + } else if q.Qtype == dns.TypeAAAA { + m.Answer = append(m.Answer, &dns.AAAA{ + Hdr: dns.RR_Header{ + Name: q.Name, + Rrtype: dns.TypeAAAA, + Class: dns.ClassINET, + Ttl: blockTTL, + }, + AAAA: nullIPv6, + }) + } + + w.WriteMsg(m) +} diff --git a/coolDns.go b/coolDns.go index 9548053..80ccc6d 100644 --- a/coolDns.go +++ b/coolDns.go @@ -205,33 +205,7 @@ func createServer(zones zoneMap, config config, aclList map[string]*net.IPNet, b } if _, ok := blacklist[r.Question[0].Name]; ok { - // Domain is blocked - m := new(dns.Msg) - m.SetReply(r) - if r.Question[0].Qtype == dns.TypeA { - m.Answer = append(m.Answer, &dns.A{ - Hdr: dns.RR_Header{ - Name: r.Question[0].Name, - Rrtype: dns.TypeA, - Class: dns.ClassINET, - Ttl: 1000, - }, - A: net.IPv4(0, 0, 0, 0), - }) - } else if r.Question[0].Qtype == dns.TypeAAAA { - m.Answer = append(m.Answer, &dns.AAAA{ - Hdr: dns.RR_Header{ - Name: r.Question[0].Name, - Rrtype: dns.TypeA, - Class: dns.ClassINET, - Ttl: 1000, - }, - AAAA: net.ParseIP("::/0"), - }) - } - - w.WriteMsg(m) - + handleBlockedDomain(w, r) } else { // Forward request in, _, err := c.Exchange(r, config.Forward.Server)