vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-02 18:49:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Save blocked DNS queries

Browse source
This commit is contained in:
Daniel 2020-04-08 14:07:59 +02:00
parent 249261a3da
commit 7da9e64c27
3 changed files with 12 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
nameserver/nameserver.go
View file

@ -195,11 +195,11 @@ func handleRequest(ctx context.Context, w dns.ResponseWriter, query *dns.Msg) er
case network.VerdictBlock: case network.VerdictBlock:
tracer.Infof("nameserver: %s blocked, returning nxdomain", conn) tracer.Infof("nameserver: %s blocked, returning nxdomain", conn)
returnNXDomain(w, query) returnNXDomain(w, query)
// FIXME: save denied dns connection conn.Save() // save blocked request
return nil return nil
case network.VerdictDrop: case network.VerdictDrop:
tracer.Infof("nameserver: %s dropped, not replying", conn) tracer.Infof("nameserver: %s dropped, not replying", conn)
// FIXME: save denied dns connection conn.Save() // save dropped request
return nil return nil
} }
@ -218,7 +218,7 @@ func handleRequest(ctx context.Context, w dns.ResponseWriter, query *dns.Msg) er
if rrCache == nil { if rrCache == nil {
tracer.Infof("nameserver: %s implicitly denied by filtering the dns response, returning nxdomain", conn) tracer.Infof("nameserver: %s implicitly denied by filtering the dns response, returning nxdomain", conn)
returnNXDomain(w, query) returnNXDomain(w, query)
// FIXME: save denied dns connection conn.Save() // save blocked request
return nil return nil
} }
@ -265,5 +265,8 @@ func handleRequest(ctx context.Context, w dns.ResponseWriter, query *dns.Msg) er
_ = w.WriteMsg(m) _ = w.WriteMsg(m)
tracer.Debugf("nameserver: returning response %s%s to %s", q.FQDN, q.QType, conn.Process()) tracer.Debugf("nameserver: returning response %s%s to %s", q.FQDN, q.QType, conn.Process())
// save dns request as open
network.SaveOpenDNSRequest(conn)
return nil return nil
} }

7
network/connection.go
View file

@ -71,7 +71,6 @@ func NewConnectionFromDNSRequest(ctx context.Context, fqdn string, ip net.IP, po
Started: timestamp, Started: timestamp,
Ended: timestamp, Ended: timestamp,
} }
saveOpenDNSRequest(dnsConn)
return dnsConn return dnsConn
} }
@ -218,8 +217,8 @@ func (conn *Connection) SaveWhenFinished() {
conn.saveWhenFinished = true conn.saveWhenFinished = true
} }
// save saves the link object in the storage and propagates the change. // Save saves the connection in the storage and propagates the change through the database system.
func (conn *Connection) save() { func (conn *Connection) Save() {
if conn.ID == "" { if conn.ID == "" {
// dns request // dns request
@ -336,7 +335,7 @@ func (conn *Connection) packetHandler() {
// must not be locked, will deadlock with cleaner functions // must not be locked, will deadlock with cleaner functions
if conn.saveWhenFinished { if conn.saveWhenFinished {
conn.saveWhenFinished = false conn.saveWhenFinished = false
conn.save() conn.Save()
} }
// submit trace logs // submit trace logs
log.Tracer(pkt.Ctx()).Submit() log.Tracer(pkt.Ctx()).Submit()

5
network/dns.go
View file

@ -26,7 +26,8 @@ func removeOpenDNSRequest(pid int, fqdn string) {
delete(openDNSRequests, key) delete(openDNSRequests, key)
} }
func saveOpenDNSRequest(conn *Connection) { // SaveOpenDNSRequest saves a dns request connection that was allowed to proceed.
func SaveOpenDNSRequest(conn *Connection) {
openDNSRequestsLock.Lock() openDNSRequestsLock.Lock()
defer openDNSRequestsLock.Unlock() defer openDNSRequestsLock.Unlock()
@ -65,7 +66,7 @@ func writeOpenDNSRequestsToDB() {
for id, conn := range openDNSRequests { for id, conn := range openDNSRequests {
conn.Lock() conn.Lock()
if conn.Ended < threshold { if conn.Ended < threshold {
conn.save() conn.Save()
delete(openDNSRequests, id) delete(openDNSRequests, id)
} }
conn.Unlock() conn.Unlock()