filtering

package
v3.17.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 16, 2023 License: GPL-3.0 Imports: 14 Imported by: 0

Documentation

Overview

Package filtering allows to implement self-censorship. We expose proxies implementing filtering policies for DNS, TLS, and HTTP.

Index

Constants

View Source
const (
	// DNSActionNXDOMAIN replies with NXDOMAIN.
	DNSActionNXDOMAIN = DNSAction("nxdomain")

	// DNSActionRefused replies with Refused.
	DNSActionRefused = DNSAction("refused")

	// DNSActionLocalHost replies with `127.0.0.1` and `::1`.
	DNSActionLocalHost = DNSAction("localhost")

	// DNSActionNoAnswer returns an empty reply.
	DNSActionNoAnswer = DNSAction("no-answer")

	// DNSActionTimeout never replies to the query.
	DNSActionTimeout = DNSAction("timeout")

	// DNSActionCache causes the server to check the cache. If there
	// are entries, they are returned. Otherwise, NXDOMAIN is returned.
	DNSActionCache = DNSAction("cache")

	// DNSActionLocalHostPlusCache combines the LocalHost and
	// Cache actions returning first a localhost response followed
	// by a subsequent response obtained using the cache.
	DNSActionLocalHostPlusCache = DNSAction("localhost+cache")
)
View Source
const (
	// HTTPActionReset resets the connection.
	HTTPActionReset = HTTPAction("reset")

	// HTTPActionTimeout causes the connection to timeout.
	HTTPActionTimeout = HTTPAction("timeout")

	// HTTPActionEOF causes the connection to EOF.
	HTTPActionEOF = HTTPAction("eof")

	// HTTPAction451 causes the proxy to return a 451 error.
	HTTPAction451 = HTTPAction("451")

	// HTTPActionDoH causes the proxy to return a sensible reply
	// with static IP addresses if the request is DoH.
	HTTPActionDoH = HTTPAction("doh")
)
View Source
const (
	// TLSActionReset resets the connection.
	TLSActionReset = TLSAction("reset")

	// TLSActionTimeout causes the connection to timeout.
	TLSActionTimeout = TLSAction("timeout")

	// TLSActionEOF closes the connection.
	TLSActionEOF = TLSAction("eof")

	// TLSActionAlertInternalError sends an internal error
	// alert message to the TLS client.
	TLSActionAlertInternalError = TLSAction("internal-error")

	// TLSActionAlertUnrecognizedName tells the client that
	// it's handshaking with an unknown SNI.
	TLSActionAlertUnrecognizedName = TLSAction("alert-unrecognized-name")

	// TLSActionBlockText returns a static piece of text
	// to the client saying this website is blocked.
	TLSActionBlockText = TLSAction("block-text")
)

Variables

View Source
var HTTPBlockpage451 = []byte(`<html><head>
  <title>451 Unavailable For Legal Reasons</title>
</head><body>
  <center><h1>451 Unavailable For Legal Reasons</h1></center>
  <p>This content is not available in your jurisdiction.</p>
</body></html>
`)

HTTPBlockPage451 is the block page returned along with status 451

Functions

This section is empty.

Types

type DNSAction

type DNSAction string

DNSAction is a DNS filtering action that a DNSServer should take.

type DNSListener

type DNSListener interface {
	io.Closer
	LocalAddr() net.Addr
}

DNSListener is the interface returned by DNSServer.Start.

type DNSServer added in v3.16.0

type DNSServer struct {
	// Cache is the OPTIONAL DNS cache. Note that the keys of the map
	// must be FQDNs (i.e., including the final `.`).
	Cache map[string][]string

	// OnQuery is the MANDATORY hook called whenever we
	// receive a query for the given domain.
	OnQuery func(domain string) DNSAction
	// contains filtered or unexported fields
}

DNSServer is a DNS server implementing filtering policies.

func (*DNSServer) Start added in v3.16.0

func (p *DNSServer) Start(address string) (DNSListener, error)

Start starts this server.

type HTTPAction added in v3.14.0

type HTTPAction string

HTTPAction is an HTTP filtering action that this server should take.

type HTTPServer added in v3.16.0

type HTTPServer struct {
	// contains filtered or unexported fields
}

HTTPServer is a server that implements filtering policies.

func NewHTTPServerCleartext added in v3.16.0

func NewHTTPServerCleartext(action HTTPAction) *HTTPServer

NewHTTPServerCleartext creates a new HTTPServer using cleartext HTTP.

func NewHTTPServerTLS added in v3.16.0

func NewHTTPServerTLS(action HTTPAction) *HTTPServer

NewHTTPServerTLS creates a new HTTP server using HTTPS.

func (*HTTPServer) Close added in v3.16.0

func (p *HTTPServer) Close() error

Close closes the server ASAP.

func (*HTTPServer) ServeHTTP added in v3.16.0

func (p *HTTPServer) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP serves HTTP requests

func (*HTTPServer) TLSConfig added in v3.16.0

func (p *HTTPServer) TLSConfig() *tls.Config

TLSConfig returns a suitable base TLS config for the client.

func (*HTTPServer) URL added in v3.16.0

func (p *HTTPServer) URL() *url.URL

URL returns the server's URL

type TLSAction

type TLSAction string

TLSAction is a TLS filtering action that this proxy should take.

type TLSServer added in v3.16.0

type TLSServer struct {
	// contains filtered or unexported fields
}

TLSServer is a TLS server implementing filtering policies.

func NewTLSServer added in v3.16.0

func NewTLSServer(action TLSAction) *TLSServer

NewTLSServer creates and starts a new TLSServer that executes the given action during the TLS handshake.

func (*TLSServer) CertPool added in v3.16.0

func (p *TLSServer) CertPool() *x509.CertPool

CertPool returns the internal CA as a cert pool.

func (*TLSServer) Close added in v3.16.0

func (p *TLSServer) Close() error

Close closes this server as soon as possible.

func (*TLSServer) Endpoint added in v3.16.0

func (p *TLSServer) Endpoint() string

Endpoint returns the endpoint where the server is listening.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL