Rename intel to resolver
This commit is contained in:
155
resolver/config.go
Normal file
155
resolver/config.go
Normal file
@@ -0,0 +1,155 @@
|
||||
package resolver
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/safing/portbase/config"
|
||||
"github.com/safing/portmaster/status"
|
||||
)
|
||||
|
||||
var (
|
||||
configuredNameServers config.StringArrayOption
|
||||
defaultNameServers = []string{
|
||||
// "dot://9.9.9.9:853?verify=dns.quad9.net&", // Quad9
|
||||
// "dot|149.112.112.112:853|dns.quad9.net", // Quad9
|
||||
// "dot://[2620:fe::fe]:853?verify=dns.quad9.net&name=Quad9" // Quad9
|
||||
// "dot://[2620:fe::9]:853?verify=dns.quad9.net&name=Quad9" // Quad9
|
||||
|
||||
"dot|1.1.1.1:853|cloudflare-dns.com", // Cloudflare
|
||||
"dot|1.0.0.1:853|cloudflare-dns.com", // Cloudflare
|
||||
"dns|9.9.9.9:53", // Quad9
|
||||
"dns|149.112.112.112:53", // Quad9
|
||||
"dns|1.1.1.1:53", // Cloudflare
|
||||
"dns|1.0.0.1:53", // Cloudflare
|
||||
// "doh|cloudflare-dns.com/dns-query", // DoH still experimental
|
||||
}
|
||||
|
||||
nameserverRetryRate config.IntOption
|
||||
doNotUseMulticastDNS status.SecurityLevelOption
|
||||
doNotUseAssignedNameservers status.SecurityLevelOption
|
||||
doNotUseInsecureProtocols status.SecurityLevelOption
|
||||
doNotResolveSpecialDomains status.SecurityLevelOption
|
||||
doNotResolveTestDomains status.SecurityLevelOption
|
||||
)
|
||||
|
||||
func prepConfig() error {
|
||||
err := config.Register(&config.Option{
|
||||
Name: "Nameservers (DNS)",
|
||||
Key: "intel/nameservers",
|
||||
Description: "Nameserver to use for resolving DNS requests.",
|
||||
OptType: config.OptTypeStringArray,
|
||||
ExpertiseLevel: config.ExpertiseLevelExpert,
|
||||
ReleaseLevel: config.ReleaseLevelStable,
|
||||
DefaultValue: defaultNameServers,
|
||||
ValidationRegex: "^(dns|tcp|tls|https)|[a-z0-9\\.|-]+$",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
configuredNameServers = config.Concurrent.GetAsStringArray("intel/nameservers", defaultNameServers)
|
||||
|
||||
err = config.Register(&config.Option{
|
||||
Name: "Nameserver Retry Rate",
|
||||
Key: "intel/nameserverRetryRate",
|
||||
Description: "Rate at which to retry failed nameservers, in seconds.",
|
||||
OptType: config.OptTypeInt,
|
||||
ExpertiseLevel: config.ExpertiseLevelExpert,
|
||||
ReleaseLevel: config.ReleaseLevelStable,
|
||||
DefaultValue: 600,
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
nameserverRetryRate = config.Concurrent.GetAsInt("intel/nameserverRetryRate", 0)
|
||||
|
||||
err = config.Register(&config.Option{
|
||||
Name: "Do not use Multicast DNS",
|
||||
Key: "intel/doNotUseMulticastDNS",
|
||||
Description: "Multicast DNS queries other devices in the local network",
|
||||
OptType: config.OptTypeInt,
|
||||
ExpertiseLevel: config.ExpertiseLevelExpert,
|
||||
ReleaseLevel: config.ReleaseLevelStable,
|
||||
ExternalOptType: "security level",
|
||||
DefaultValue: 6,
|
||||
ValidationRegex: "^(7|6|4)$",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
doNotUseMulticastDNS = status.ConfigIsActiveConcurrent("intel/doNotUseMulticastDNS")
|
||||
|
||||
err = config.Register(&config.Option{
|
||||
Name: "Do not use assigned Nameservers",
|
||||
Key: "intel/doNotUseAssignedNameservers",
|
||||
Description: "that were acquired by the network (dhcp) or system",
|
||||
OptType: config.OptTypeInt,
|
||||
ExpertiseLevel: config.ExpertiseLevelExpert,
|
||||
ReleaseLevel: config.ReleaseLevelStable,
|
||||
ExternalOptType: "security level",
|
||||
DefaultValue: 4,
|
||||
ValidationRegex: "^(7|6|4)$",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
doNotUseAssignedNameservers = status.ConfigIsActiveConcurrent("intel/doNotUseAssignedNameservers")
|
||||
|
||||
err = config.Register(&config.Option{
|
||||
Name: "Do not resolve insecurely",
|
||||
Key: "intel/doNotUseInsecureProtocols",
|
||||
Description: "Do not resolve domains with insecure protocols, ie. plain DNS",
|
||||
OptType: config.OptTypeInt,
|
||||
ExpertiseLevel: config.ExpertiseLevelExpert,
|
||||
ReleaseLevel: config.ReleaseLevelStable,
|
||||
ExternalOptType: "security level",
|
||||
DefaultValue: 4,
|
||||
ValidationRegex: "^(7|6|4)$",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
doNotUseInsecureProtocols = status.ConfigIsActiveConcurrent("intel/doNotUseInsecureProtocols")
|
||||
|
||||
err = config.Register(&config.Option{
|
||||
Name: "Do not resolve special domains",
|
||||
Key: "intel/doNotResolveSpecialDomains",
|
||||
Description: fmt.Sprintf("Do not resolve the special top level domains %s", formatScopeList(specialServiceScopes)),
|
||||
OptType: config.OptTypeInt,
|
||||
ExpertiseLevel: config.ExpertiseLevelExpert,
|
||||
ReleaseLevel: config.ReleaseLevelStable,
|
||||
ExternalOptType: "security level",
|
||||
DefaultValue: 7,
|
||||
ValidationRegex: "^(7|6|4)$",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
doNotResolveSpecialDomains = status.ConfigIsActiveConcurrent("intel/doNotResolveSpecialDomains")
|
||||
|
||||
err = config.Register(&config.Option{
|
||||
Name: "Do not resolve test domains",
|
||||
Key: "intel/doNotResolveTestDomains",
|
||||
Description: fmt.Sprintf("Do not resolve the special testing top level domains %s", formatScopeList(localTestScopes)),
|
||||
OptType: config.OptTypeInt,
|
||||
ExpertiseLevel: config.ExpertiseLevelExpert,
|
||||
ReleaseLevel: config.ReleaseLevelStable,
|
||||
ExternalOptType: "security level",
|
||||
DefaultValue: 6,
|
||||
ValidationRegex: "^(7|6|4)$",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
doNotResolveTestDomains = status.ConfigIsActiveConcurrent("intel/doNotResolveTestDomains")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func formatScopeList(list []string) string {
|
||||
formatted := make([]string, 0, len(list))
|
||||
for _, domain := range list {
|
||||
formatted = append(formatted, strings.Trim(domain, "."))
|
||||
}
|
||||
return strings.Join(formatted, ", ")
|
||||
}
|
||||
Reference in New Issue
Block a user