Documentation ¶
Overview ¶
Package filtering allows to implement self-censorship. We expose proxies implementing filtering policies for DNS, TLS, and HTTP.
Index ¶
Constants ¶
const ( // DNSActionNXDOMAIN replies with NXDOMAIN. DNSActionNXDOMAIN = DNSAction("nxdomain") // DNSActionRefused replies with Refused. DNSActionRefused = DNSAction("refused") // DNSActionLocalHost replies with `127.0.0.1` and `::1`. DNSActionLocalHost = DNSAction("localhost") // DNSActionNoAnswer returns an empty reply. DNSActionNoAnswer = DNSAction("no-answer") // DNSActionTimeout never replies to the query. DNSActionTimeout = DNSAction("timeout") // DNSActionCache causes the server to check the cache. If there // are entries, they are returned. Otherwise, NXDOMAIN is returned. DNSActionCache = DNSAction("cache") // DNSActionLocalHostPlusCache combines the LocalHost and // Cache actions returning first a localhost response followed // by a subsequent response obtained using the cache. DNSActionLocalHostPlusCache = DNSAction("localhost+cache") )
const ( // HTTPActionReset resets the connection. HTTPActionReset = HTTPAction("reset") // HTTPActionTimeout causes the connection to timeout. HTTPActionTimeout = HTTPAction("timeout") // HTTPActionEOF causes the connection to EOF. HTTPActionEOF = HTTPAction("eof") // HTTPAction451 causes the proxy to return a 451 error. HTTPAction451 = HTTPAction("451") // HTTPActionDoH causes the proxy to return a sensible reply // with static IP addresses if the request is DoH. HTTPActionDoH = HTTPAction("doh") )
const ( // TLSActionReset resets the connection. TLSActionReset = TLSAction("reset") // TLSActionTimeout causes the connection to timeout. TLSActionTimeout = TLSAction("timeout") // TLSActionEOF closes the connection. TLSActionEOF = TLSAction("eof") // TLSActionAlertInternalError sends an internal error // alert message to the TLS client. TLSActionAlertInternalError = TLSAction("internal-error") // TLSActionAlertUnrecognizedName tells the client that // it's handshaking with an unknown SNI. TLSActionAlertUnrecognizedName = TLSAction("alert-unrecognized-name") // TLSActionBlockText returns a static piece of text // to the client saying this website is blocked. TLSActionBlockText = TLSAction("block-text") )
Variables ¶
var HTTPBlockpage451 = []byte(`<html><head>
<title>451 Unavailable For Legal Reasons</title>
</head><body>
<center><h1>451 Unavailable For Legal Reasons</h1></center>
<p>This content is not available in your jurisdiction.</p>
</body></html>
`)
HTTPBlockPage451 is the block page returned along with status 451
Functions ¶
This section is empty.
Types ¶
type DNSAction ¶
type DNSAction string
DNSAction is a DNS filtering action that a DNSServer should take.
type DNSListener ¶
DNSListener is the interface returned by DNSServer.Start.
type DNSServer ¶ added in v3.16.0
type DNSServer struct { // Cache is the OPTIONAL DNS cache. Note that the keys of the map // must be FQDNs (i.e., including the final `.`). Cache map[string][]string // OnQuery is the MANDATORY hook called whenever we // receive a query for the given domain. OnQuery func(domain string) DNSAction // contains filtered or unexported fields }
DNSServer is a DNS server implementing filtering policies.
type HTTPAction ¶ added in v3.14.0
type HTTPAction string
HTTPAction is an HTTP filtering action that this server should take.
type HTTPServer ¶ added in v3.16.0
type HTTPServer struct {
// contains filtered or unexported fields
}
HTTPServer is a server that implements filtering policies.
func NewHTTPServerCleartext ¶ added in v3.16.0
func NewHTTPServerCleartext(action HTTPAction) *HTTPServer
NewHTTPServerCleartext creates a new HTTPServer using cleartext HTTP.
func NewHTTPServerTLS ¶ added in v3.16.0
func NewHTTPServerTLS(action HTTPAction) *HTTPServer
NewHTTPServerTLS creates a new HTTP server using HTTPS.
func (*HTTPServer) Close ¶ added in v3.16.0
func (p *HTTPServer) Close() error
Close closes the server ASAP.
func (*HTTPServer) ServeHTTP ¶ added in v3.16.0
func (p *HTTPServer) ServeHTTP(w http.ResponseWriter, r *http.Request)
ServeHTTP serves HTTP requests
func (*HTTPServer) TLSConfig ¶ added in v3.16.0
func (p *HTTPServer) TLSConfig() *tls.Config
TLSConfig returns a suitable base TLS config for the client.
func (*HTTPServer) URL ¶ added in v3.16.0
func (p *HTTPServer) URL() *url.URL
URL returns the server's URL
type TLSAction ¶
type TLSAction string
TLSAction is a TLS filtering action that this proxy should take.
type TLSServer ¶ added in v3.16.0
type TLSServer struct {
// contains filtered or unexported fields
}
TLSServer is a TLS server implementing filtering policies.
func NewTLSServer ¶ added in v3.16.0
NewTLSServer creates and starts a new TLSServer that executes the given action during the TLS handshake.