From 471fbf7b629586c6633646a27de8ed7c67b0581b Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 18 Jan 2021 14:57:42 +0100 Subject: [PATCH] Use blocked property in API code. Make query->upstreamID = -1 the new default to differentiate easily what was forwarded (ID will be >= 0) and what not (ID == -1). Store the upstream server also for other query types that were forwarded (like queries blocked during CNAME inspection). Signed-off-by: DL6ER --- src/api/api.c | 45 +++++++++++--------------------------- src/database/query-table.c | 20 +++++------------ src/datastructure.h | 1 - src/dnsmasq_interface.c | 5 +++-- 4 files changed, 22 insertions(+), 49 deletions(-) diff --git a/src/api/api.c b/src/api/api.c index 86a5a0179..a86442aeb 100644 --- a/src/api/api.c +++ b/src/api/api.c @@ -891,19 +891,12 @@ void getAllQueries(const char *client_message, const int *sock) if(query->status == QUERY_UNKNOWN && !(showpermitted && showblocked)) continue; - // 1 = gravity.list, 4 = wildcard, 5 = black.list - if((query->status == QUERY_GRAVITY || - query->status == QUERY_REGEX || - query->status == QUERY_BLACKLIST || - query->status == QUERY_GRAVITY_CNAME || - query->status == QUERY_REGEX_CNAME || - query->status == QUERY_BLACKLIST_CNAME) && !showblocked) + // Skip blocked queries when asked to + if(query->flags.blocked && !showblocked) continue; - // 2 = forwarded, 3 = cached - if((query->status == QUERY_FORWARDED || - query->status == QUERY_CACHE || - query->status == QUERY_RETRIED || - query->status == QUERY_RETRIED_DNSSEC) && !showpermitted) + + // Skip permitted queries when asked to + if(!query->flags.blocked && !showpermitted) continue; // Skip those entries which so not meet the requested timeframe @@ -921,10 +914,7 @@ void getAllQueries(const char *client_message, const int *sock) // If the domain of this query did not match, the CNAME // domain may still match - we have to check it in // addition if this query is of CNAME blocked type - else if((query->status == QUERY_GRAVITY_CNAME || - query->status == QUERY_BLACKLIST_CNAME || - query->status == QUERY_REGEX_CNAME) && - query->CNAME_domainID == domainid) + else if(query->CNAME_domainID > -1) { // Get this query } @@ -959,13 +949,8 @@ void getAllQueries(const char *client_message, const int *sock) if(filterforwarddest) { - // Does the user want to see queries answered from blocking lists? - if(forwarddestid == -2 && query->status != QUERY_GRAVITY - && query->status != QUERY_REGEX - && query->status != QUERY_BLACKLIST - && query->status != QUERY_GRAVITY_CNAME - && query->status != QUERY_REGEX_CNAME - && query->status != QUERY_BLACKLIST_CNAME) + // Skip if not from the virtual blocking "upstream" server + if(forwarddestid == -2 && !query->flags.blocked) continue; // Does the user want to see queries answered from local cache? else if(forwarddestid == -1 && query->status != QUERY_CACHE) @@ -1017,7 +1002,7 @@ void getAllQueries(const char *client_message, const int *sock) // Get IP of upstream destination, if applicable in_port_t upstream_port = 0; const char *upstream_name = "N/A"; - if(query->status == QUERY_FORWARDED) + if(query->upstreamID > -1) { const upstreamsData *upstream = getUpstream(query->upstreamID, true); if(upstream != NULL) @@ -1104,15 +1089,8 @@ void getRecentBlocked(const char *client_message, const int *sock) if(query == NULL) continue; - if(query->status == QUERY_GRAVITY || - query->status == QUERY_REGEX || - query->status == QUERY_BLACKLIST || - query->status == QUERY_GRAVITY_CNAME || - query->status == QUERY_REGEX_CNAME || - query->status == QUERY_BLACKLIST_CNAME) + if(query->flags.blocked) { - found++; - // Ask subroutine for domain. It may return "hidden" depending on // the privacy settings at the time the query was made const char *domain = getDomainString(query); @@ -1123,6 +1101,9 @@ void getRecentBlocked(const char *client_message, const int *sock) ssend(*sock,"%s\n", domain); else if(!pack_str32(*sock, domain)) return; + + // Only count when sent succesfully + found++; } if(found >= num) diff --git a/src/database/query-table.c b/src/database/query-table.c index 4f450998e..c15cf23c7 100644 --- a/src/database/query-table.c +++ b/src/database/query-table.c @@ -148,7 +148,7 @@ void DB_save_queries(void) sqlite3_bind_text(stmt, 5, client, -1, SQLITE_STATIC); // FORWARD - if(query->flags.forwarded && query->upstreamID > -1) + if(query->upstreamID > -1) { // Get forward pointer const upstreamsData* upstream = getUpstream(query->upstreamID, true); @@ -387,19 +387,13 @@ void DB_read_queries(void) continue; } - const char *upstream = (const char *)sqlite3_column_text(stmt, 6); - int upstreamID = 0; + const char *upstream = NULL; + int upstreamID = -1; // Default if not forwarded // Determine upstreamID only when status == 2 (forwarded) as the // field need not to be filled for other query status types - if(status == QUERY_FORWARDED) + if(sqlite3_column_bytes(stmt, 6) > 0 && + (upstream = (const char *)sqlite3_column_text(stmt, 6)) != NULL) { - if(upstream == NULL) - { - logg("WARN (during database import): FORWARD should not be NULL with status QUERY_FORWARDED (timestamp: %lli), skipping entry", - (long long)queryTimeStamp); - continue; - } - // Get IP address and port of upstream destination char serv_addr[INET6_ADDRSTRLEN] = { 0 }; unsigned int serv_port = 53; @@ -452,7 +446,6 @@ void DB_read_queries(void) // Initialize flags query->flags.complete = true; // Mark as all information is available query->flags.blocked = false; - query->flags.forwarded = false; query->flags.whitelisted = false; // Set lastQuery timer for network table @@ -479,7 +472,7 @@ void DB_read_queries(void) status == QUERY_REGEX_CNAME || status == QUERY_BLACKLIST_CNAME) { - // QUERY_*_CNAME: Getdomain causing the blocking + // QUERY_*_CNAME: Get domain causing the blocking const char *CNAMEdomain = (const char *)sqlite3_column_text(stmt, 7); if(CNAMEdomain != NULL && strlen(CNAMEdomain) > 0) { @@ -530,7 +523,6 @@ void DB_read_queries(void) case QUERY_FORWARDED: // Forwarded counters->forwarded++; - query->flags.forwarded = true; // Update overTime data structure overTime[timeidx].forwarded++; break; diff --git a/src/datastructure.h b/src/datastructure.h index 295267a7f..e8e77f68a 100644 --- a/src/datastructure.h +++ b/src/datastructure.h @@ -47,7 +47,6 @@ typedef struct { bool whitelisted :1; bool complete :1; bool blocked :1; - bool forwarded :1; } flags; } queriesData; diff --git a/src/dnsmasq_interface.c b/src/dnsmasq_interface.c index 8c99e2d72..f4faac65b 100644 --- a/src/dnsmasq_interface.c +++ b/src/dnsmasq_interface.c @@ -643,9 +643,11 @@ bool _FTL_new_query(const unsigned int flags, const char *name, query->CNAME_domainID = -1; // This query is not yet known ad forwarded or blocked query->flags.blocked = false; - query->flags.forwarded = false; query->flags.whitelisted = false; + // Indicator that this query was not forwarded so far + query->upstreamID = -1; + // Check and apply possible privacy level rules // The currently set privacy level (at the time the query is // generated) is stored in the queries structure @@ -914,7 +916,6 @@ void _FTL_forwarded(const unsigned int flags, const char *name, const struct ser // from above as otherwise this check will always // be negative query->status = QUERY_FORWARDED; - query->flags.forwarded = true; // Update overTime data overTime[timeidx].forwarded++;