Dnsproxy Versions Save

Fixed

• Ignored wildcard specifications for top-level domains.

Fixed

• The quic-go dependency has been updated due to issues with QUIC and HTTP/3 upstreams on older Linux kernel versions.
• Domain specifications for top-level domains now considered when routing the requests for unqualified names.

Changed

• SOA and NS requests containing ARPA domains implying private IP addresses are now treated as private requests, as was previously the case only for PTR requests.
• proxy.DNSContext.RequestedPrivateRDNS is now set for SOA and NS requests, as was previously the case only for PTR requests.

Fixed

• Error-prone proxy.BeforeRequestError API. See documentation.

[!TIP] Consider wrapping each returned error with proxy.BeforeRequestError with a SERVFAIL response.

Fixed

• Validations in proxy.New performed with the default values, not the ones from configuration.

Added

• New proxy.BeforeRequestError type for the errors containing a custom DNS response. See proxy.BeforeRequestHandler for usage.

Changed

• The quic-go dependency has been updated to v0.42.0.
• proxy.BeforeRequestHandler is now an interface instead of a callback, and its the only method also differs in signature.

Fixed

• Unspecified IP addresses no more checked when using proxy.UModeFastestAddr.

Added

• The field proxy.Config.PrivateSubnets used to determine if the address of a client or the address requested via PTR is considered private. The netutil.IsLocallyServed is used by default.
• The field proxy.Config.UsePrivateRDNS controls if the requests considered private should be resolved via proxy.Config.PrivateRDNSUpstreamConfig. Such requests answered with NXDOMAIN otherwise.
• The field proxy.DNSContext.IsPrivateClient which determines if the client's address is considered private.
• The field proxy.DNSContext.RequestedPrivateRDNS containing the prefix parsed from a requested ARPA domain, if the request itself is PTR for a private address and came from a private client.
• The proxy.ValidatePrivateConfig function to validate if an proxy.UpstreamConfig may be used for private RDNS.

Changed

• PTR requests for domains containing DNS64 prefixes are now answered with NXDOMAIN if proxy.Config.UseDNS64 is set to true, but proxy.Config.UsePrivateRDNS is not.
• Fallback servers aren't used for the aforementioned requests, as well as for all private RDNS requests.
• All the private RDNS requests coming from external (non-private) client are now answered with NXDOMAIN before proxy.RequestHandler.
• proxy.New now requires proxy.Config.PrivateRDNSUpstreamConfig to be valid as per proxy.ValidatePrivateConfig if proxy.Config.UsePrivateRDNS is set to true.

Added

• The new proxy.Config.MessageConstructor field of the new proxy.MessageConstructor type that is used to build DNS messages. The default legacy implementation is used in case of nil.

Changed

• The proxy.UpstreamConfig.SubdomainExclusions field type is now *container.MapSet.

[!WARNING] Previously released v0.66.1 has been removed as it contains breaking changes.

Added

• The new proxy.New constructor for proxy.Proxy structure.

Changed

• The proxy.Proxy.Start method now accepts a context.
• The proxy.Proxy.Stop method has been renamed to proxy.Proxy.Shutdown and now accepts a context.

Deprecated

• The proxy.Proxy.Init method. Use proxy.New instead.

Fixed

• The upstream.CachingResolver caching algorithm, which removed certain resource records within an RR set (AdguardTeam/AdGuardHome#6723).

[!IMPORTANT] Release v0.65.1 hasn't been released. This release only differs from v0.65.1 in testing code.