search

TechnitiumSoftware / DnsServer

Technitium DNS Server
https://technitium.com/dns/
GNU General Public License v3.0
4.25k stars 418 forks source link

Feature Request: return blockList TXT response for blocked reference values #149

Closed shawnkhall closed 4 years ago

shawnkhall commented 4 years ago

With 5.0.1 I'm trying to track down issues with blocklists that are having issues. For example, I'm having problems with "code.jquery.com" right now. This is the current response for queries to my Technitium DNS server for "code.jquery.com": "Answer": [ { "Name": "cds.s5x3j6q5.hwcdn.net", "Type": "A", "Class": "IN", "TTL": "60 (1 min)", "RDLENGTH": "4 bytes", "RDATA": { "IPAddress": "0.0.0.0" } } ],

If I want to see which blocklist is causing this I usually use a TXT lookup from a command line. On direct blocks this works perfectly, but on stuff like this it only returns a reference to the alias instead of the blockList record:

"Answer": [ { "Name": "code.jquery.com", "Type": "CNAME", "Class": "IN", "TTL": "25 (25 sec)", "RDLENGTH": "24 bytes", "RDATA": { "Domain": "cds.s5x3j6q5.hwcdn.net" } } ], "Authority": [ { "Name": "hwcdn.net", "Type": "SOA", "Class": "IN", "TTL": "300 (5 mins)", "RDLENGTH": "42 bytes", "RDATA": { "PrimaryNameServer": "ns1.hwcdn.net", "ResponsiblePerson": "noc.highwinds.com", "Serial": 1594510425, "Refresh": 14400, "Retry": 900, "Expire": 604800, "Minimum": 300 } } ],

To get the correct blocklist I then have to manually parse the RDATA Domain and query the TXT record for that, which finally returns the TXT records I'm after:

"Answer": [ { "Name": "cds.s5x3j6q5.hwcdn.net", "Type": "TXT", "Class": "IN", "TTL": "60 (1 min)", "RDLENGTH": "41 bytes", "RDATA": { "Text": "blockList=https://example.com/malware.txt" } }, { "Name": "cds.s5x3j6q5.hwcdn.net", "Type": "TXT", "Class": "IN", "TTL": "60 (1 min)", "RDLENGTH": "45 bytes", "RDATA": { "Text": "blockList=https://example.com/malware-ext.txt" } } ],

My preferred behavior would be to automatically include the blockList TXT record when querying TXT results for a domain that's being blocked by alias. I don't expect to see any other TXT records - just the blockList values, but it would be far easier for me to have this information immediately than to have to keep digging for it.

It would be even better if the blockList value referenced the specific rule that was actually being broken. For example, "Text": "blockList=https://example.com/malware-ext.txt; hwcdn.net" instead of simply "Text": "blockList=https://example.com/malware-ext.txt

ShreyasZare commented 4 years ago

Thanks for the feedback. This is due to the new CNAME cloaking feature that was added. Will update the code soon.

ShreyasZare commented 4 years ago

Version 5.0.2 is now available which adds the domain name in the TXT record. Do check and open the issue again if needed.