search

lixingcong / dnsmasq-regex

dnsmasq with regex match module(libpcre v8.45, the older version)
66 stars 15 forks source link

Regex bug #13

Closed elyahw closed 8 months ago

elyahw commented 8 months ago

I think I found a bug in regular expression matching:

The rule:

address=/:^[a-z]{4,4}[0-9]{2,2}$:/

Will not match abcd11.com.

~Neither will: address=/:[a-z]{4,4}[0-9]{2,2}:/ address=/:[a-z]{4,4}[0-9]{2,2}$:/~

lixingcong commented 8 months ago

Cannot reproduce your problem.

My config:

# /tmp/dnsmasq_my_config.conf
port=30000
address=/:[a-z]{4,4}[0-9]{2,2}:/127.0.0.1

Run dnsmasq in terminal A:

./dnsmasq/src/dnsmasq  -d -C /tmp/dnsmasq_my_config.conf -q

Run dig in terminal B:

$ dig @localhost -p30000 abcd11.com

; <<>> DiG 9.18.12-0ubuntu0.22.04.2-Ubuntu <<>> @localhost -p30000 abcd11.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6941
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;abcd11.com.                    IN      A

;; ANSWER SECTION:
abcd11.com.             0       IN      A       127.0.0.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#30000(localhost) (UDP)
;; WHEN: Thu Mar 14 08:46:07 CST 2024
;; MSG SIZE  rcvd: 55

The terminal A outputs like this:

$ ./dnsmasq/src/dnsmasq  -d -C /tmp/dnsmasq_regex_example.conf -q
dnsmasq: started, version 2.90deb2 cachesize 150
dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n regex no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset no-nftset auth no-cryptohash no-DNSSEC loop-detect inotify dumpfile
dnsmasq: reading /etc/resolv.conf
dnsmasq: using nameserver 127.0.0.53#53
dnsmasq: read /etc/hosts - 11 names
dnsmasq: query[A] abcd11.com from 127.0.0.1
dnsmasq: config abcd11.com is 127.0.0.1
elyahw commented 8 months ago

Thanks for your reply.

Apologies I made a mistake (I retracted two lines above).

Indeed, you rule works: address=/:[a-z]{4,4}[0-9]{2,2}:/127.0.0.1

But this rule will also match microsoft365.com. I need it to match strictly the websites of the form abcd12.com. For exmaple to block: https://www.soft36.com/ and https://soft36.com/ but not: https://www.microsoft36.com/

So when I change it to: address=/:^[a-z]{4,4}[0-9]{2,2}$:/127.0.0.1

It stops working..

elyahw commented 8 months ago

Update:

If I do: address=/:^[a-z]{4,4}[0-9]{2,2}\.:/127.0.0.1 (replace $ with \.)

The rules works as expected. This probably means that the $ symbol is not working?

lixingcong commented 8 months ago

The caret ^ and dollar $ have special meaning in a regex. They are called “anchors”.

The caret ^ matches at the beginning of the text, and the dollar $ – at the end.

elyahw commented 8 months ago

I see. So in this case the '$' means the end of .com and not microsoft365.

Thank you very much.