Add support for blocked replies with NOERROR code and empty answer#8245
Open
agross wants to merge 1 commit intoAdguardTeam:masterfrom
Open
Add support for blocked replies with NOERROR code and empty answer#8245agross wants to merge 1 commit intoAdguardTeam:masterfrom
agross wants to merge 1 commit intoAdguardTeam:masterfrom
Conversation
![windsurf-bot[bot]](https://avatars.githubusercontent.com/in/1066231?s=60&v=4){kind=small}
| filtering.BlockingModeDefault, | ||
| filtering.BlockingModeNXDOMAIN, | ||
| filtering.BlockingModeREFUSED, | ||
| filtering.BlockingModeNOERROR, |
There was a problem hiding this comment.
The PR adds filtering.BlockingModeNOERROR to the list of valid blocking modes, but I don't see a corresponding implementation in the filtering package. Make sure this mode is properly implemented in the filtering package to handle blocked domains with NOERROR responses without answer sections.
Author
There was a problem hiding this comment.
This is a new approach to responding to filtered queries, not a new method for filtering.
agross
force-pushed
the
fix-8024
branch
2 times, most recently
from
4deb43d to
f53fdba
Compare
github-actions
Bot
force-pushed
the
fix-8024
branch
3 times, most recently
from
8793a81 to
524f303
Compare
github-actions
Bot
force-pushed
the
fix-8024
branch
3 times, most recently
from
3d04800 to
2576ed7
Compare
github-actions
Bot
force-pushed
the
fix-8024
branch
5 times, most recently
from
63d944c to
3c7d59d
Compare
github-actions
Bot
force-pushed
the
fix-8024
branch
6 times, most recently
from
791c59e to
d303033
Compare
github-actions
Bot
force-pushed
the
fix-8024
branch
4 times, most recently
from
a6a6155 to
d1cec80
Compare
github-actions
Bot
force-pushed
the
fix-8024
branch
3 times, most recently
from
de66c70 to
7098c29
Compare
github-actions
Bot
force-pushed
the
fix-8024
branch
2 times, most recently
from
255facd to
cfa0982
Compare
github-actions
Bot
force-pushed
the
fix-8024
branch
from
cfa0982 to
3d46be4
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Hello,
I'm not a Go developer by trade and not a DNS expert; please be gentle.
I found #8024 is affecting me.
The default behavior of returning the null address makes localhost reachable under blocked names. This causes errors and unwanted behavior, like being able to ping blocked hosts (by talking to localhost).
Returning NXDOMAIN or REFUSED, on the other hand, will cause extra DNS queries with the search domain appended, i.e.,
blocked.example.combecomesblocked.example.com.local.domain.com.By returning NOERROR without an answer section, these problems go away.
With this patch, AdGuard will return a response similar to resolving a non-existing name, i.e., asking a question but not getting an answer:
If NOERROR is selected and a blocked name is requested, it looks like this:
Closes #8024