Improve and fix dns requests saving
This commit is contained in:
Daniel
@@ -151,7 +151,7 @@ func handleRequest(ctx context.Context, w dns.ResponseWriter, request *dns.Msg)
|
|||||||
// that will happen later anyway.
|
// that will happen later anyway.
|
||||||
case network.VerdictUndecided, network.VerdictAccept:
|
case network.VerdictUndecided, network.VerdictAccept:
|
||||||
// Save the request as open, as we don't know if there will be a connection or not.
|
// Save the request as open, as we don't know if there will be a connection or not.
|
||||||
network.SaveOpenDNSRequest(conn, uint16(q.QType))
|
network.SaveOpenDNSRequest(q, rrCache, conn)
|
||||||
firewall.UpdateIPsAndCNAMEs(q, rrCache, conn)
|
firewall.UpdateIPsAndCNAMEs(q, rrCache, conn)
|
||||||
|
|
||||||
default:
|
default:
|
||||||
|
|||||||
@@ -11,6 +11,7 @@ import (
|
|||||||
"github.com/safing/portbase/log"
|
"github.com/safing/portbase/log"
|
||||||
"github.com/safing/portmaster/nameserver/nsutil"
|
"github.com/safing/portmaster/nameserver/nsutil"
|
||||||
"github.com/safing/portmaster/process"
|
"github.com/safing/portmaster/process"
|
||||||
|
"github.com/safing/portmaster/resolver"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@@ -49,28 +50,36 @@ func removeOpenDNSRequest(pid int, fqdn string) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// SaveOpenDNSRequest saves a dns request connection that was allowed to proceed.
|
// SaveOpenDNSRequest saves a dns request connection that was allowed to proceed.
|
||||||
func SaveOpenDNSRequest(conn *Connection, qType uint16) {
|
func SaveOpenDNSRequest(q *resolver.Query, rrCache *resolver.RRCache, conn *Connection) {
|
||||||
openDNSRequestsLock.Lock()
|
// Only save requests that actually went out to reduce clutter.
|
||||||
defer openDNSRequestsLock.Unlock()
|
if rrCache.ServedFromCache {
|
||||||
|
|
||||||
// Only save open A and AAAA requests.
|
|
||||||
switch qType {
|
|
||||||
case dns.TypeA, dns.TypeAAAA:
|
|
||||||
default:
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
key := getDNSRequestCacheKey(conn.process.Pid, conn.Entity.Domain, qType)
|
// Try to "merge" A and AAAA requests into the resulting connection.
|
||||||
|
// Save others immediately.
|
||||||
|
switch uint16(q.QType) {
|
||||||
|
case dns.TypeA, dns.TypeAAAA:
|
||||||
|
default:
|
||||||
|
conn.Save()
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
openDNSRequestsLock.Lock()
|
||||||
|
defer openDNSRequestsLock.Unlock()
|
||||||
|
|
||||||
|
// Check if there is an existing open DNS requests for the same domain/type.
|
||||||
|
// If so, save it now and replace it with the new request.
|
||||||
|
key := getDNSRequestCacheKey(conn.process.Pid, conn.Entity.Domain, uint16(q.QType))
|
||||||
if existingConn, ok := openDNSRequests[key]; ok {
|
if existingConn, ok := openDNSRequests[key]; ok {
|
||||||
// End previous request and save it.
|
// End previous request and save it.
|
||||||
existingConn.Lock()
|
existingConn.Lock()
|
||||||
existingConn.Ended = conn.Started
|
existingConn.Ended = conn.Started
|
||||||
existingConn.Unlock()
|
existingConn.Unlock()
|
||||||
existingConn.Save()
|
existingConn.Save()
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Save to open dns requests.
|
||||||
openDNSRequests[key] = conn
|
openDNSRequests[key] = conn
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user