Rewrite answers matching CIDR

AdguardTeam / AdGuardHome

Network-wide ads & trackers blocking DNS server

https://adguard.com/adguard-home.html

GNU General Public License v3.0

25.02k stars 1.8k forks source link

Rewrite answers matching CIDR #5401

Open fernvenue opened 1 year ago

fernvenue commented 1 year ago

Prerequisites

[X] I have checked the Wiki and Discussions and found no answer
[X] I have searched other issues and found no duplicates
[X] I want to request a feature or enhancement and not ask a question

Description

What problem are you trying to solve?

Hi, in some kind of Private Network and CDN use cases, we always want to use the routing server address or the best CDN address, so I think maybe we can define a CIDR rule, and rewrite all domains matching the rule to the routing server or the best CDN edge server.

Proposed solution

Add a new type like CIDR to dnstype, allow user to rewrite all domains matching the given CIDR. That will look like this:

10.0.0.0/8$dnstype=CIDR,dnsrewrite=NOERROR;A;10.0.0.1

Alternatives considered

Add a new additional rewrite option to DNS rewrites.

Additional information

If AdGuardHome already have this feature, please tell me how I can do this, thanks.

ainar-g commented 1 year ago

I don't quite get what “all domains matching the rule” would mean here. Can you provide an example of what kind of query would match this rule?

fernvenue commented 1 year ago

Hi @ainar-g, if we have 10.0.0.0/8 as the rule, then this rule will include all domains that resolved to any IP address in this range. Another example, if we have CDN IP ranges like Cloudflare IP Ranges or something like that, then the rule will include all domains that using this CDN provider, in this case, we don't need to collect domain lists, it will be a great help for cases where it is difficult to collect a complete list of domains.

ainar-g commented 1 year ago

I see, thanks. I feel like the existing dnsrewrite covers most such cases, as if you want, say, www.cdn.example to always return 1.2.3.4, you can just:

|www.cdn.example^$dnstype=A,dnsrewrite=NOERROR;A;1.2.3.4

This may get tricker if the CDN domain contains other stuff, but that can be dealt with using regular expressions and/or additional rules, I feel.

fernvenue commented 1 year ago

Most of CDN providers allow user to use their own domains, so something like /cdn.cloudflare.net/ will not match domains using this CDN, actually.

And for some kind of Private Network, like our lab, other departments, they resolve their domain on university gateway only, it might be .edu, .lan or something, so if we can match domain by CIDR, that will be so cool, we don't even need a domains list or update it.