Configure ad and tracker blocking DNS on tunnel interface

author: David Lönnhager <david.l@mullvad.net> 2021-05-07 11:58:57 +0200
committer: David Lönnhager <david.l@mullvad.net> 2021-05-12 16:21:53 +0200
commit: 77f93ace1a011cd6c8294ae1ee167a4726bbe895 (patch)
tree: d4aa0f2dcc76e15483cb7cef3af31bf526c780ca
parent: 891fe64c04e7bd03690d56ea9af8849025dab4b5 (diff)
download: mullvadvpn-77f93ace1a011cd6c8294ae1ee167a4726bbe895.tar.xz
mullvadvpn-77f93ace1a011cd6c8294ae1ee167a4726bbe895.zip
2 files changed, 42 insertions, 12 deletions
diff --git a/mullvad-cli/src/cmds/dns.rs b/mullvad-cli/src/cmds/dns.rs
index 69d260a813..4dc06c855e 100644
--- a/mullvad-cli/src/cmds/dns.rs
+++ b/mullvad-cli/src/cmds/dns.rs
@@ -26,11 +26,13 @@ impl Command for Dns {
                             .arg(
                                 clap::Arg::with_name("block ads")
                                     .long("block-ads")
+                                    .takes_value(false)
                                     .help("Block domain names used for ads"),
                             )
                             .arg(
                                 clap::Arg::with_name("block trackers")
                                     .long("block-trackers")
+                                    .takes_value(false)
                                     .help("Block domain names used for tracking"),
                             ),
                     )
@@ -50,7 +52,13 @@ impl Command for Dns {
     async fn run(&self, matches: &clap::ArgMatches<'_>) -> Result<()> {
         match matches.subcommand() {
             ("set", Some(matches)) => match matches.subcommand() {
-                ("default", _) => self.set_default().await,
+                ("default", Some(matches)) => {
+                    self.set_default(
+                        matches.is_present("block ads"),
+                        matches.is_present("block trackers"),
+                    )
+                    .await
+                }
                 ("custom", Some(matches)) => {
                     self.set_custom(matches.values_of_lossy("servers")).await
                 }
@@ -63,13 +71,13 @@ impl Command for Dns {
 }
 
 impl Dns {
-    async fn set_default(&self) -> Result<()> {
+    async fn set_default(&self, block_ads: bool, block_trackers: bool) -> Result<()> {
         let mut rpc = new_rpc_client().await?;
         rpc.set_dns_options(types::DnsOptions {
             r#type: Some(types::dns_options::Type::Default(
                 types::DefaultDnsOptions {
-                    block_ads: false,
-                    block_trackers: false,
+                    block_ads,
+                    block_trackers,
                 },
             )),
         })
diff --git a/mullvad-daemon/src/lib.rs b/mullvad-daemon/src/lib.rs
index f5e4e71016..01635186cd 100644
--- a/mullvad-daemon/src/lib.rs
+++ b/mullvad-daemon/src/lib.rs
@@ -80,6 +80,12 @@ const FIRST_KEY_PUSH_TIMEOUT: Duration = Duration::from_secs(5);
 /// Delay between generating a new WireGuard key and reconnecting
 const WG_RECONNECT_DELAY: Duration = Duration::from_secs(4 * 60);
 
+lazy_static::lazy_static! {
+    static ref DNS_AD_BLOCKING_SERVERS: [IpAddr; 1] = ["100.64.0.1".parse().unwrap()];
+    static ref DNS_TRACKER_BLOCKING_SERVERS: [IpAddr; 1] = ["100.64.0.2".parse().unwrap()];
+    static ref DNS_AD_TRACKER_BLOCKING_SERVERS: [IpAddr; 1] = ["100.64.0.3".parse().unwrap()];
+}
+
 pub type ResponseTx<T, E> = oneshot::Sender<Result<T, E>>;
 
 #[derive(err_derive::Error, Debug)]
@@ -629,7 +635,7 @@ where
         let tunnel_command_tx = tunnel_state_machine::spawn(
             settings.allow_lan,
             settings.block_when_disconnected,
-            Self::get_custom_resolvers(&settings.tunnel_options.dns_options),
+            Self::get_dns_resolvers(&settings.tunnel_options.dns_options),
             initial_api_endpoint,
             tunnel_parameters_generator,
             log_dir,
@@ -694,11 +700,28 @@ where
         Ok(daemon)
     }
 
-    fn get_custom_resolvers(dns_options: &DnsOptions) -> Option<Vec<IpAddr>> {
-        if let DnsOptions::Custom(options) = dns_options {
-            Some(options.addresses.clone())
-        } else {
-            None
+    fn get_dns_resolvers(dns_options: &DnsOptions) -> Option<Vec<IpAddr>> {
+        match dns_options {
+            DnsOptions::Default(options) => {
+                if options.block_ads {
+                    if options.block_trackers {
+                        Some(DNS_AD_TRACKER_BLOCKING_SERVERS.to_vec())
+                    } else {
+                        Some(DNS_AD_BLOCKING_SERVERS.to_vec())
+                    }
+                } else if options.block_trackers {
+                    Some(DNS_TRACKER_BLOCKING_SERVERS.to_vec())
+                } else {
+                    None
+                }
+            }
+            DnsOptions::Custom(options) => {
+                if options.addresses.is_empty() {
+                    None
+                } else {
+                    Some(options.addresses.clone())
+                }
+            }
         }
     }
 
@@ -1854,8 +1877,7 @@ where
                 Self::oneshot_send(tx, Ok(()), "set_dns_options response");
                 if settings_changed {
                     let settings = self.settings.to_settings();
-                    let resolvers =
-                        Self::get_custom_resolvers(&settings.tunnel_options.dns_options);
+                    let resolvers = Self::get_dns_resolvers(&settings.tunnel_options.dns_options);
                     self.event_listener.notify_settings(settings);
                     self.send_tunnel_command(TunnelCommand::Dns(resolvers));
                 }
author	David Lönnhager <david.l@mullvad.net>	2021-05-07 11:58:57 +0200
committer	David Lönnhager <david.l@mullvad.net>	2021-05-12 16:21:53 +0200
commit	77f93ace1a011cd6c8294ae1ee167a4726bbe895 (patch)
tree	d4aa0f2dcc76e15483cb7cef3af31bf526c780ca
parent	891fe64c04e7bd03690d56ea9af8849025dab4b5 (diff)
download	mullvadvpn-77f93ace1a011cd6c8294ae1ee167a4726bbe895.tar.xz mullvadvpn-77f93ace1a011cd6c8294ae1ee167a4726bbe895.zip