CalvinBackup/ctrld
1
0
Fork 0
mirror of https://github.com/Control-D-Inc/ctrld.git synced 2026-02-03 22:18:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

internal/router: report error if DNS shield is enabled in UniFi OS

Browse Source
This commit is contained in:
Cuong Manh Le
2024-01-18 18:55:42 +07:00
committed by Cuong Manh Le
parent 251255c746
commit 28984090e5
2 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
internal/router/edgeos/edgeos.go
View File

@@ -20,11 +20,15 @@ const (
usgDNSMasqConfigPath = "/etc/dnsmasq.conf"
usgDNSMasqBackupConfigPath = "/etc/dnsmasq.conf.bak"
toggleContentFilteringLink = "https://community.ui.com/questions/UDM-Pro-disable-enable-DNS-filtering/e2cc4060-e56a-4139-b200-62d7f773ff8f"
toggleDnsShieldLink = "https://community.ui.com/questions/UniFi-OS-3-2-7-DNS-Shield-Missing/d3a85905-4ce0-4fe4-8bf0-6cb04f21371d"
)
var ErrContentFilteringEnabled = fmt.Errorf(`the "Content Filtering" feature" is enabled, which is conflicted with ctrld.\n
To disable it, folowing instruction here: %s`, toggleContentFilteringLink)
var ErrDnsShieldEnabled = fmt.Errorf(`the "DNS Shield" feature" is enabled, which is conflicted with ctrld.\n
To disable it, folowing screenshot here: %s`, toggleDnsShieldLink)
type EdgeOS struct {
cfg *ctrld.Config
isUSG bool
@@ -50,6 +54,11 @@ func (e *EdgeOS) Install(_ *service.Config) error {
if ContentFilteringEnabled() {
return ErrContentFilteringEnabled
}
// If "DNS Shield" is enabled, UniFi OS will spawn dnscrypt-proxy process, and route all DNS queries to it. So
// reporting an error and guiding users to disable the feature using UniFi OS web UI.
if DnsShieldEnabled() {
return ErrDnsShieldEnabled
}
return nil
}
@@ -169,6 +178,16 @@ func ContentFilteringEnabled() bool {
return err == nil && !st.IsDir()
}
// DnsShieldEnabled reports whether DNS Shield is enabled.
// See: https://community.ui.com/releases/UniFi-OS-Dream-Machines-3-2-7/251dfc1e-f4dd-4264-a080-3be9d8b9e02b
func DnsShieldEnabled() bool {
buf, err := os.ReadFile("/var/run/dnsmasq.conf.d/dns.conf")
if err != nil {
return false
}
return bytes.Contains(buf, []byte("server=127.0.0.1#5053"))
}
func LeaseFileDir() string {
if checkUSG() {
return ""

4
internal/router/ubios/ubios.go
View File

@@ -36,6 +36,10 @@ func (u *Ubios) Install(config *service.Config) error {
if edgeos.ContentFilteringEnabled() {
return edgeos.ErrContentFilteringEnabled
}
// See comment in (*edgeos.EdgeOS).Install method.
if edgeos.DnsShieldEnabled() {
return edgeos.ErrDnsShieldEnabled
}
return nil
}