Pull request 1983: 5720-wildcard-ignored-domains

Updates #5720. Squashed commit of the following: commit e8093c9 Merge: df5413e 28fefaf Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Sep 5 15:06:33 2023 +0300 Merge branch 'master' into 5720-wildcard-ignored-domains commit df5413e Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Sep 5 14:49:05 2023 +0300 confmigrate: imp docs commit 1644d99 Merge: 9542ee1 1e45178 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Sep 5 14:23:42 2023 +0300 Merge branch 'master' into 5720-wildcard-ignored-domains commit 9542ee1 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Sep 5 12:48:48 2023 +0300 all: upd chlog commit 183f84a Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Fri Sep 1 17:11:31 2023 +0300 all: imp chlog commit a704325 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Thu Aug 31 18:59:52 2023 +0300 all: imp code commit fe99c3b Merge: 7f11e94 0182b9e Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Thu Aug 31 18:43:09 2023 +0300 Merge branch 'master' into 5720-wildcard-ignored-domains commit 7f11e94 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Aug 30 19:57:51 2023 +0300 aghnet: add tests commit f10f919 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Aug 30 18:32:07 2023 +0300 all: add conf migration commit a53c14d Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Aug 30 13:37:30 2023 +0300 all: add ignore engine
AdguardTeam · Sep 5, 2023 · 42291cd · 42291cd
1 parent 28fefaf
commit 42291cd
Show file tree

Hide file tree

Showing 22 changed files with 577 additions and 64 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -25,6 +25,8 @@ NOTE: Add new changes BELOW THIS COMMENT.
 
 ### Added
 
+- AdBlock-style syntax support for ignored domains in logs and statistics
+  ([#5720]).
 - [`Strict-Transport-Security`][hsts] header in the HTTP API and DNS-over-HTTPS
   responses when HTTPS is forced ([#2998]).  See [RFC 6979][rfc6797].
 - UI for the schedule of the service-blocking pause ([#951]).
@@ -50,7 +52,11 @@ NOTE: Add new changes BELOW THIS COMMENT.
 
 #### Configuration Changes
 
-In this release, the schema version has changed from 24 to 26.
+In this release, the schema version has changed from 24 to 27.
+
+- Ignore rules blocking `.` in `querylog.…` and `stats.…` have been migrated to
+  AdBlock syntax (`|.^`).  To rollback this change, restore the rules  and
+  change the `schema_version` back to `26`.
 
 - Filtering-related settings have been moved from `dns` section of the YAML
   configuration file to the new section `filtering`:
@@ -156,6 +162,7 @@ In this release, the schema version has changed from 24 to 26.
 [#1453]: https://github.com/AdguardTeam/AdGuardHome/issues/1453
 [#2998]: https://github.com/AdguardTeam/AdGuardHome/issues/2998
 [#3701]: https://github.com/AdguardTeam/AdGuardHome/issues/3701
+[#5720]: https://github.com/AdguardTeam/AdGuardHome/issues/5720
 [#5793]: https://github.com/AdguardTeam/AdGuardHome/issues/5793
 [#5948]: https://github.com/AdguardTeam/AdGuardHome/issues/5948
 [#6020]: https://github.com/AdguardTeam/AdGuardHome/issues/6020

diff --git a/client/src/__locales/en.json b/client/src/__locales/en.json
@@ -537,8 +537,8 @@
     "statistics_enable": "Enable statistics",
     "ignore_domains": "Ignored domains (separated by newline)",
     "ignore_domains_title": "Ignored domains",
-    "ignore_domains_desc_stats": "Queries for these domains are not written to the statistics",
-    "ignore_domains_desc_query": "Queries for these domains are not written to the query log",
+    "ignore_domains_desc_stats": "Queries matching these rules are not written to the statistics",
+    "ignore_domains_desc_query": "Queries matching these rules are not written to the query log",
     "interval_hours": "{{count}} hour",
     "interval_hours_plural": "{{count}} hours",
     "filters_configuration": "Filters configuration",

diff --git a/internal/aghnet/ignore.go b/internal/aghnet/ignore.go
@@ -0,0 +1,56 @@
+package aghnet
+
+import (
+	"strings"
+
+	"github.com/AdguardTeam/urlfilter"
+	"github.com/AdguardTeam/urlfilter/filterlist"
+	"golang.org/x/exp/slices"
+)
+
+// IgnoreEngine contains the list of rules for ignoring hostnames and matches
+// them.
+//
+// TODO(s.chzhen):  Move all urlfilter stuff to aghfilter.
+type IgnoreEngine struct {
+	// engine is the filtering engine that can match rules for ignoring
+	// hostnames.
+	engine *urlfilter.DNSEngine
+
+	// ignored is the list of rules for ignoring hostnames.
+	ignored []string
+}
+
+// NewIgnoreEngine creates a new instance of the IgnoreEngine and stores the
+// list of rules for ignoring hostnames.
+func NewIgnoreEngine(ignored []string) (e *IgnoreEngine, err error) {
+	ruleList := &filterlist.StringRuleList{
+		RulesText:      strings.ToLower(strings.Join(ignored, "\n")),
+		IgnoreCosmetic: true,
+	}
+	ruleStorage, err := filterlist.NewRuleStorage([]filterlist.RuleList{ruleList})
+	if err != nil {
+		return nil, err
+	}
+
+	return &IgnoreEngine{
+		engine:  urlfilter.NewDNSEngine(ruleStorage),
+		ignored: ignored,
+	}, nil
+}
+
+// Has returns true if IgnoreEngine matches the host.
+func (e *IgnoreEngine) Has(host string) (ignore bool) {
+	if e == nil {
+		return false
+	}
+
+	_, ignore = e.engine.Match(host)
+
+	return ignore
+}
+
+// Values returns a copy of list of rules for ignoring hostnames.
+func (e *IgnoreEngine) Values() (ignored []string) {
+	return slices.Clone(e.ignored)
+}
diff --git a/internal/aghnet/ignore_test.go b/internal/aghnet/ignore_test.go
@@ -0,0 +1,46 @@
+package aghnet_test
+
+import (
+	"testing"
+
+	"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
+	"github.com/stretchr/testify/require"
+)
+
+func TestIgnoreEngine_Has(t *testing.T) {
+	hostnames := []string{
+		"*.example.com",
+		"example.com",
+		"|.^",
+	}
+
+	engine, err := aghnet.NewIgnoreEngine(hostnames)
+	require.NotNil(t, engine)
+	require.NoError(t, err)
+
+	testCases := []struct {
+		name   string
+		host   string
+		ignore bool
+	}{{
+		name:   "basic",
+		host:   "example.com",
+		ignore: true,
+	}, {
+		name:   "root",
+		host:   ".",
+		ignore: true,
+	}, {
+		name:   "wildcard",
+		host:   "www.example.com",
+		ignore: true,
+	}, {
+		name:   "not_ignored",
+		host:   "something.com",
+		ignore: false,
+	}}
+
+	for _, tc := range testCases {
+		require.Equal(t, tc.ignore, engine.Has(tc.host))
+	}
+}
diff --git a/internal/confmigrate/migrations_test.go b/internal/confmigrate/migrations_test.go
@@ -1563,3 +1563,86 @@ func TestUpgradeSchema25to26(t *testing.T) {
 		})
 	}
 }
+
+func TestUpgradeSchema26to27(t *testing.T) {
+	const newSchemaVer = 27
+
+	testCases := []struct {
+		in   yobj
+		want yobj
+		name string
+	}{{
+		name: "empty",
+		in:   yobj{},
+		want: yobj{
+			"schema_version": newSchemaVer,
+		},
+	}, {
+		name: "single_dot",
+		in: yobj{
+			"querylog": yobj{
+				"ignored": yarr{
+					".",
+				},
+			},
+			"statistics": yobj{
+				"ignored": yarr{
+					".",
+				},
+			},
+		},
+		want: yobj{
+			"querylog": yobj{
+				"ignored": yarr{
+					"|.^",
+				},
+			},
+			"statistics": yobj{
+				"ignored": yarr{
+					"|.^",
+				},
+			},
+			"schema_version": newSchemaVer,
+		},
+	}, {
+		name: "mixed",
+		in: yobj{
+			"querylog": yobj{
+				"ignored": yarr{
+					".",
+					"example.com",
+				},
+			},
+			"statistics": yobj{
+				"ignored": yarr{
+					".",
+					"example.org",
+				},
+			},
+		},
+		want: yobj{
+			"querylog": yobj{
+				"ignored": yarr{
+					"|.^",
+					"example.com",
+				},
+			},
+			"statistics": yobj{
+				"ignored": yarr{
+					"|.^",
+					"example.org",
+				},
+			},
+			"schema_version": newSchemaVer,
+		},
+	}}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			err := migrateTo27(tc.in)
+			require.NoError(t, err)
+
+			assert.Equal(t, tc.want, tc.in)
+		})
+	}
+}
diff --git a/internal/confmigrate/migrator.go b/internal/confmigrate/migrator.go
@@ -10,7 +10,7 @@ import (
 )
 
 // LastSchemaVersion is the most recent schema version.
-const LastSchemaVersion uint = 26
+const LastSchemaVersion uint = 27
 
 // Config is a the configuration for initializing a [Migrator].
 type Config struct {
@@ -122,6 +122,7 @@ func (m *Migrator) upgradeConfigSchema(current, target uint, diskConf yobj) (err
 		23: migrateTo24,
 		24: migrateTo25,
 		25: migrateTo26,
+		26: migrateTo27,
 	}
 
 	for i, migrate := range upgrades[current:target] {

diff --git a/internal/confmigrate/migrator_test.go b/internal/confmigrate/migrator_test.go
@@ -181,6 +181,10 @@ func TestMigrateConfig_Migrate(t *testing.T) {
 		yamlEqFunc:    require.YAMLEq,
 		name:          "v26",
 		targetVersion: 26,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v27",
+		targetVersion: 27,
 	}}
 
 	for _, tc := range testCases {

diff --git a/internal/confmigrate/testdata/TestMigrateConfig_Migrate/v27/input.yml b/internal/confmigrate/testdata/TestMigrateConfig_Migrate/v27/input.yml
@@ -0,0 +1,123 @@
+http:
+  address: 127.0.0.1:3000
+  session_ttl: 3h
+  pprof:
+    enabled: true
+    port: 6060
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  parental_sensitivity: 0
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filtering:
+  filtering_enabled: true
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  protection_enabled: true
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+  blocked_response_ttl: 10
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 26
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored:
+  - '.'
+statistics:
+  enabled: true
+  interval: 240h
+  ignored:
+  - '.'
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''
+log:
+  file: ""
+  max_backups: 0
+  max_size: 100
+  max_age: 3
+  compress: true
+  local_time: false
+  verbose: true