Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blocking DNS requests by type #384

Closed
gUstrx opened this issue Mar 4, 2024 · 3 comments
Closed

Blocking DNS requests by type #384

gUstrx opened this issue Mar 4, 2024 · 3 comments
Labels
question Further information is requested

Comments

@gUstrx
Copy link

gUstrx commented Mar 4, 2024

Thanks for the software, it's the best!

Please add a function for blocking DNS requests by type. DNS blocking type 65 (https) is very necessary.

analog ||*^$dnstype=HTTPS adguard home
@ameshkov ameshkov added the question Further information is requested label Mar 5, 2024
@ameshkov
Copy link
Member

ameshkov commented Mar 5, 2024

Hi, our approach is the following: dnsproxy is just a DNS forwarder and we intend to keep it this way.
All kinds of advanced filtering is available in AdGuard Home which is built on top of dnsproxy.

@ameshkov ameshkov closed this as completed Mar 5, 2024
@gUstrx
Copy link
Author

gUstrx commented Mar 7, 2024

Hi, our approach is the following: dnsproxy is just a DNS forwarder and we intend to keep it this way. All kinds of advanced filtering is available in AdGuard Home which is built on top of dnsproxy.

But you are already blocking the "ANY" type, I just ask you to expand the list.

Blocking just two types AAAA and Type65 reduces unnecessary requests by 66% and increases responsiveness without using the large adguardhome package.

dnsproxy is used much more often than adguardhome.

#[feature request]

@ameshkov
Copy link
Member

ameshkov commented Mar 9, 2024

Well, refuse_any is a part of a DNS amplification protection feature list, kind of a must have for any DNS server.

Anyways, I'd say the real feature request here is moving the filtering features from AdGuard Home to dnsproxy.

Maybe at some point we'll decide to change the current approach, but at the moment duplicating functionality seems like an overkill. Why wouldn't you use AGH instead of dnsproxy? It can be configured to work as a pure no-UI DNS filtering solution.

adguard pushed a commit that referenced this issue Dec 23, 2024
@schzhn
Pull request #384: AGDNS-2622-fix-race
d80a8e3 
Merge in GO/dnsproxy from AGDNS-2622-fix-race to master

Squashed commit of the following:

commit 59243bc
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Fri Dec 20 20:20:37 2024 +0300

    all: imp code

commit c222940
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Fri Dec 20 19:00:49 2024 +0300

    all: fix race
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ameshkov @gUstrx