Simple DNS proxy with DoH, DoT, DoQ and DNSCrypt support
quic-go
dependency has been updated due to issues with QUIC and HTTP/3 upstreams on older Linux kernel versions.SOA
and NS
requests containing ARPA domains implying private IP addresses are now treated as private requests, as was previously the case only for PTR
requests.proxy.DNSContext.RequestedPrivateRDNS
is now set for SOA
and NS
requests, as was previously the case only for PTR
requests.proxy.BeforeRequestError
API. See documentation.[!TIP] Consider wrapping each returned error with
proxy.BeforeRequestError
with aSERVFAIL
response.
proxy.BeforeRequestError
type for the errors containing a custom DNS response. See proxy.BeforeRequestHandler
for usage.quic-go
dependency has been updated to v0.42.0
.proxy.BeforeRequestHandler
is now an interface instead of a callback, and its the only method also differs in signature.proxy.UModeFastestAddr
.proxy.Config.PrivateSubnets
used to determine if the address of a client or the address requested via PTR is considered private. The netutil.IsLocallyServed
is used by default.proxy.Config.UsePrivateRDNS
controls if the requests considered private should be resolved via proxy.Config.PrivateRDNSUpstreamConfig
. Such requests answered with NXDOMAIN
otherwise.proxy.DNSContext.IsPrivateClient
which determines if the client's address is considered private.proxy.DNSContext.RequestedPrivateRDNS
containing the prefix parsed from a requested ARPA domain, if the request itself is PTR for a private address and came from a private client.proxy.ValidatePrivateConfig
function to validate if an proxy.UpstreamConfig
may be used for private RDNS.NXDOMAIN
if proxy.Config.UseDNS64
is set to true, but proxy.Config.UsePrivateRDNS
is not.NXDOMAIN
before proxy.RequestHandler
.proxy.New
now requires proxy.Config.PrivateRDNSUpstreamConfig
to be valid as per proxy.ValidatePrivateConfig
if proxy.Config.UsePrivateRDNS
is set to true.proxy.Config.MessageConstructor
field of the new proxy.MessageConstructor
type that is used to build DNS messages. The default legacy implementation is used in case of nil
.proxy.UpstreamConfig.SubdomainExclusions
field type is now *container.MapSet
.[!WARNING] Previously released
v0.66.1
has been removed as it contains breaking changes.
proxy.New
constructor for proxy.Proxy
structure.proxy.Proxy.Start
method now accepts a context.proxy.Proxy.Stop
method has been renamed to proxy.Proxy.Shutdown
and now accepts a context.proxy.Proxy.Init
method. Use proxy.New
instead.upstream.CachingResolver
caching algorithm, which removed certain resource records within an RR set (AdguardTeam/AdGuardHome#6723).[!IMPORTANT] Release v0.65.1 hasn't been released. This release only differs from v0.65.1 in testing code.