From 6de6de741855423a3ea28aa42d0122ece273f85c Mon Sep 17 00:00:00 2001
From: buffermet <29265684+buffermet@users.noreply.github.com>
Date: Sat, 12 Oct 2024 22:05:29 +0200
Subject: [PATCH] Allow wildcard in blacklist.

---
 modules/dns_proxy/dns_proxy.go      | 2 +-
 modules/dns_proxy/dns_proxy_base.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/dns_proxy/dns_proxy.go b/modules/dns_proxy/dns_proxy.go
index 76de6db9..482e3aeb 100644
--- a/modules/dns_proxy/dns_proxy.go
+++ b/modules/dns_proxy/dns_proxy.go
@@ -113,7 +113,7 @@ func NewDnsProxy(s *session.Session) *DnsProxy {
 		"Address to bind the DNS proxy to."))
 
 	mod.AddParam(session.NewStringParameter("dns.proxy.blacklist", "", "",
-		"Comma separated list of client IPs to skip while proxying."))
+		"Comma separated list of client IPs to skip while proxying (wildcard allowed)."))
 
 	mod.AddParam(session.NewStringParameter("dns.proxy.whitelist", "", "",
 		"Comma separated list of client IPs to proxy if the blacklist is used."))
diff --git a/modules/dns_proxy/dns_proxy_base.go b/modules/dns_proxy/dns_proxy_base.go
index ac637bf3..f8c17445 100644
--- a/modules/dns_proxy/dns_proxy_base.go
+++ b/modules/dns_proxy/dns_proxy_base.go
@@ -51,7 +51,7 @@ func (p *DNSProxy) shouldProxy(clientIP string) bool {
 
 	// check if this client is in the blacklist
 	for _, ip := range p.Blacklist {
-		if clientIP == ip {
+		if ip == "*" || clientIP == ip {
 			return false
 		}
 	}