advoid
diff --git a/‎CHANGELOG.md‎
Lines changed: 5 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎client/src/__locales/en.json‎
Lines changed: 4 additions & 0 deletions b/‎client/src/__locales/en.json‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎client/src/components/Filters/Check/index.tsx‎
Lines changed: 54 additions & 16 deletions b/‎client/src/components/Filters/Check/index.tsx‎
Lines changed: 54 additions & 16 deletions
diff --git a/‎client/src/components/Filters/CustomRules.tsx‎
Lines changed: 13 additions & 3 deletions b/‎client/src/components/Filters/CustomRules.tsx‎
Lines changed: 13 additions & 3 deletions
diff --git a/‎client/src/helpers/constants.ts‎
Lines changed: 9 additions & 0 deletions b/‎client/src/helpers/constants.ts‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎internal/client/storage.go‎
Lines changed: 36 additions & 0 deletions b/‎internal/client/storage.go‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎internal/dnsforward/config.go‎
Lines changed: 0 additions & 4 deletions b/‎internal/dnsforward/config.go‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎internal/dnsforward/dnsforward_internal_test.go‎
Lines changed: 38 additions & 11 deletions b/‎internal/dnsforward/dnsforward_internal_test.go‎
Lines changed: 38 additions & 11 deletions
diff --git a/‎internal/dnsforward/filter.go‎
Lines changed: 1 addition & 3 deletions b/‎internal/dnsforward/filter.go‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎internal/dnsforward/filter_internal_test.go‎
Lines changed: 4 additions & 2 deletions b/‎internal/dnsforward/filter_internal_test.go‎
Lines changed: 4 additions & 2 deletions
@@ -22,6 +22,11 @@ NOTE: Add new changes BELOW THIS COMMENT.
 
 - Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in [1.24.1][go-1.24.1].
 
+### Added
+
+- The ability to check filtering rules for host names using an optional query type and optional ClientID or client IP address.
+- Optional `client` and `qtype` URL query parameters to the `GET /control/check_host` HTTP API.
+
 ### Fixed
 
 - Clearing the DNS cache on the *DNS settings* page now includes both global cache and custom client cache.
 
@@ -620,6 +620,10 @@
     "check_cname": "CNAME: {{cname}}",
     "check_reason": "Reason: {{reason}}",
     "check_service": "Service name: {{service}}",
+    "check_hostname": "Hostname or domain name",
+    "check_client_id": "Client identifier (ClientID or IP address)",
+    "check_enter_client_id": "Enter client identifier",
+    "check_dns_record": "Select DNS record type",
     "service_name": "Service name",
     "check_not_found": "Not found in your filter lists",
     "client_confirm_block": "Are you sure you want to block the client \"{{ip}}\"?",
 
@@ -9,13 +9,17 @@ import Info from './Info';
 import { RootState } from '../../../initialState';
 import { validateRequiredValue } from '../../../helpers/validators';
 import { Input } from '../../ui/Controls/Input';
+import { DNS_RECORD_TYPES } from '../../../helpers/constants';
+import { Select } from '../../ui/Controls/Select';
 
-interface FormValues {
+export type FilteringCheckFormValues = {
     name: string;
+    client?: string;
+    qtype?: string;
 }
 
 type Props = {
-    onSubmit?: (data: FormValues) => void;
+    onSubmit?: (data: FilteringCheckFormValues) => void;
 };
 
 const Check = ({ onSubmit }: Props) => {
@@ -27,11 +31,13 @@ const Check = ({ onSubmit }: Props) => {
     const {
         control,
         handleSubmit,
-        formState: { isDirty, isValid },
-    } = useForm<FormValues>({
+        formState: { isValid },
+    } = useForm<FilteringCheckFormValues>({
         mode: 'onBlur',
         defaultValues: {
             name: '',
+            client: '',
+            qtype: DNS_RECORD_TYPES[0],
         },
     });
 
@@ -48,24 +54,56 @@ const Check = ({ onSubmit }: Props) => {
                                 <Input
                                     {...field}
                                     type="text"
+                                    label={t('check_hostname')}
                                     data-testid="check_domain_name"
-                                    placeholder={t('form_enter_host')}
+                                    placeholder="example.com"
                                     error={fieldState.error?.message}
-                                    rightAddon={
-                                        <span className="input-group-append">
-                                            <button
-                                                className="btn btn-success btn-standard btn-large"
-                                                type="submit"
-                                                data-testid="check_domain_submit"
-                                                disabled={!isDirty || !isValid || processingCheck}>
-                                                {t('check')}
-                                            </button>
-                                        </span>
-                                    }
                                 />
                             )}
                         />
 
+                        <Controller
+                            name="client"
+                            control={control}
+                            render={({ field, fieldState }) => (
+                                <Input
+                                    {...field}
+                                    type="text"
+                                    data-testid="check_client_id"
+                                    label={t('check_client_id')}
+                                    placeholder={t('check_enter_client_id')}
+                                    error={fieldState.error?.message}
+                                />
+                            )}
+                        />
+
+                        <Controller
+                            name="qtype"
+                            control={control}
+                            render={({ field }) => (
+                                <Select
+                                    {...field}
+                                    label={t('check_dns_record')}
+                                    data-testid="check_dns_record_type"
+                                >
+                                    {DNS_RECORD_TYPES.map((type) => (
+                                        <option key={type} value={type}>
+                                            {type}
+                                        </option>
+                                    ))}
+                                </Select>
+                            )}
+                        />
+
+                        <button
+                            className="btn btn-success btn-standard btn-large"
+                            type="submit"
+                            data-testid="check_domain_submit"
+                            disabled={!isValid || processingCheck}
+                        >
+                            {t('check')}
+                        </button>
+
                         {hostname && (
                             <>
                                 <hr />
 
@@ -7,7 +7,7 @@ import PageTitle from '../ui/PageTitle';
 
 import Examples from './Examples';
 
-import Check from './Check';
+import Check, { FilteringCheckFormValues } from './Check';
 
 import { getTextareaCommentsHighlight, syncScroll } from '../../helpers/highlightTextareaComments';
 import { COMMENT_LINE_DEFAULT_TOKEN } from '../../helpers/constants';
@@ -48,8 +48,18 @@ class CustomRules extends Component<CustomRulesProps> {
         this.props.setRules(this.props.filtering.userRules);
     };
 
-    handleCheck = (values: any) => {
-        this.props.checkHost(values);
+    handleCheck = (values: FilteringCheckFormValues) => {
+        const params: FilteringCheckFormValues = { name: values.name };
+
+        if (values.client) {
+            params.client = values.client;
+        }
+
+        if (values.qtype) {
+            params.qtype = values.qtype;
+        }
+
+        this.props.checkHost(params);
     };
 
     onScroll = (e: any) => syncScroll(e, this.ref);
 
@@ -523,3 +523,12 @@ export const TIME_UNITS = {
     HOURS: 'hours',
     DAYS: 'days',
 };
+
+export const DNS_RECORD_TYPES = [
+    "A", "AAAA", "AFSDB", "APL", "CAA", "CDNSKEY", "CDS", "CERT", "CNAME",
+    "CSYNC", "DHCID", "DLV", "DNAME", "DNSKEY", "DS", "EUI48", "EUI64",
+    "HINFO", "HIP", "HTTPS", "IPSECKEY", "KEY", "KX", "LOC", "MX", "NAPTR",
+    "NS", "NSEC", "NSEC3", "NSEC3PARAM", "OPENPGPKEY", "PTR", "RP", "RRSIG",
+    "SIG", "SMIMEA", "SOA", "SRV", "SSHFP", "SVCB", "TA", "TKEY",
+    "TLSA", "TSIG", "TXT", "URI", "ZONEMD"
+];
@@ -12,6 +12,7 @@ import (
 
 	"github.com/AdguardTeam/AdGuardHome/internal/arpdb"
 	"github.com/AdguardTeam/AdGuardHome/internal/dhcpsvc"
+	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/AdGuardHome/internal/whois"
 	"github.com/AdguardTeam/dnsproxy/proxy"
 	"github.com/AdguardTeam/golibs/errors"
@@ -671,3 +672,38 @@ func (s *Storage) ClearUpstreamCache() {
 
 	s.upstreamManager.clearUpstreamCache()
 }
+
+// ApplyClientFiltering retrieves persistent client information using the
+// ClientID or client IP address, and applies it to the filtering settings.
+func (s *Storage) ApplyClientFiltering(id string, addr netip.Addr, setts *filtering.Settings) {
+	c, ok := s.index.findByClientID(id)
+	if !ok {
+		c, ok = s.index.findByIP(addr)
+	}
+
+	if !ok {
+		s.logger.Debug("no client filtering settings found", "clientid", id, "addr", addr)
+
+		return
+	}
+
+	s.logger.Debug("applying custom client filtering settings", "client_name", c.Name)
+
+	setts.ClientIP = addr
+
+	if c.UseOwnBlockedServices {
+		setts.BlockedServices = c.BlockedServices.Clone()
+	}
+
+	setts.ClientName = c.Name
+	setts.ClientTags = slices.Clone(c.Tags)
+	if !c.UseOwnSettings {
+		return
+	}
+
+	setts.FilteringEnabled = c.FilteringEnabled
+	setts.SafeSearchEnabled = c.SafeSearchConf.Enabled
+	setts.ClientSafeSearch = c.SafeSearch
+	setts.SafeBrowsingEnabled = c.SafeBrowsingEnabled
+	setts.ParentalEnabled = c.ParentalEnabled
+}
@@ -16,7 +16,6 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghtls"
 	"github.com/AdguardTeam/AdGuardHome/internal/client"
-	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/dnsproxy/proxy"
 	"github.com/AdguardTeam/dnsproxy/upstream"
 	"github.com/AdguardTeam/golibs/container"
@@ -34,9 +33,6 @@ import (
 type Config struct {
 	// Callbacks for other modules
 
-	// FilterHandler is an optional additional filtering callback.
-	FilterHandler func(cliAddr netip.Addr, clientID string, settings *filtering.Settings) `yaml:"-"`
-
 	// ClientsContainer stores the information about special handling of some
 	// DNS clients.
 	ClientsContainer ClientsContainer `yaml:"-"`
 
@@ -27,6 +27,7 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering/hashprefix"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering/safesearch"
+	"github.com/AdguardTeam/AdGuardHome/internal/schedule"
 	"github.com/AdguardTeam/dnsproxy/proxy"
 	"github.com/AdguardTeam/dnsproxy/upstream"
 	"github.com/AdguardTeam/golibs/logutil/slogutil"
@@ -106,6 +107,21 @@ func startDeferStop(t *testing.T, s *Server) {
 	testutil.CleanupAndRequireSuccess(t, s.Stop)
 }
 
+// applyEmptyClientFiltering is a helper function for tests with
+// [filtering.Config] that does nothing.
+func applyEmptyClientFiltering(_ string, _ netip.Addr, _ *filtering.Settings) {}
+
+// emptyFilteringBlockedServices is a helper function that returns an empty
+// filtering blocked services for tests.
+func emptyFilteringBlockedServices() (bsvc *filtering.BlockedServices) {
+	return &filtering.BlockedServices{
+		Schedule: schedule.EmptyWeekly(),
+	}
+}
+
+// createTestServer is a helper function that returns a properly initialized
+// *Server for use in tests, given the provided parameters.  It also populates
+// the filtering configuration with default parameters.
 func createTestServer(
 	t *testing.T,
 	filterConf *filtering.Config,
@@ -123,6 +139,12 @@ func createTestServer(
 		Data: []byte(rules),
 	}}
 
+	filterConf.BlockedServices = cmp.Or(filterConf.BlockedServices, emptyFilteringBlockedServices())
+
+	if filterConf.ApplyClientFiltering == nil {
+		filterConf.ApplyClientFiltering = applyEmptyClientFiltering
+	}
+
 	f, err := filtering.New(filterConf, filters)
 	require.NoError(t, err)
 
@@ -926,9 +948,6 @@ func TestClientRulesForCNAMEMatching(t *testing.T) {
 		UDPListenAddrs: []*net.UDPAddr{{}},
 		TCPListenAddrs: []*net.TCPAddr{{}},
 		Config: Config{
-			FilterHandler: func(_ netip.Addr, _ string, settings *filtering.Settings) {
-				settings.FilteringEnabled = false
-			},
 			UpstreamMode: UpstreamModeLoadBalance,
 			EDNSClientSubnet: &EDNSClientSubnet{
 				Enabled: false,
@@ -1020,10 +1039,12 @@ func TestBlockedCustomIP(t *testing.T) {
 	}}
 
 	f, err := filtering.New(&filtering.Config{
-		ProtectionEnabled: true,
-		BlockingMode:      filtering.BlockingModeCustomIP,
-		BlockingIPv4:      netip.Addr{},
-		BlockingIPv6:      netip.Addr{},
+		ProtectionEnabled:    true,
+		ApplyClientFiltering: applyEmptyClientFiltering,
+		BlockedServices:      emptyFilteringBlockedServices(),
+		BlockingMode:         filtering.BlockingModeCustomIP,
+		BlockingIPv4:         netip.Addr{},
+		BlockingIPv6:         netip.Addr{},
 	}, filters)
 	require.NoError(t, err)
 
@@ -1176,7 +1197,9 @@ func TestBlockedBySafeBrowsing(t *testing.T) {
 
 func TestRewrite(t *testing.T) {
 	c := &filtering.Config{
-		BlockingMode: filtering.BlockingModeDefault,
+		ApplyClientFiltering: applyEmptyClientFiltering,
+		BlockedServices:      emptyFilteringBlockedServices(),
+		BlockingMode:         filtering.BlockingModeDefault,
 		Rewrites: []*filtering.LegacyRewrite{{
 			Domain: "test.com",
 			Answer: "1.2.3.4",
@@ -1322,7 +1345,9 @@ func TestPTRResponseFromDHCPLeases(t *testing.T) {
 	const localDomain = "lan"
 
 	flt, err := filtering.New(&filtering.Config{
-		BlockingMode: filtering.BlockingModeDefault,
+		ApplyClientFiltering: applyEmptyClientFiltering,
+		BlockedServices:      emptyFilteringBlockedServices(),
+		BlockingMode:         filtering.BlockingModeDefault,
 	}, nil)
 	require.NoError(t, err)
 
@@ -1411,8 +1436,10 @@ func TestPTRResponseFromHosts(t *testing.T) {
 	})
 
 	flt, err := filtering.New(&filtering.Config{
-		BlockingMode: filtering.BlockingModeDefault,
-		EtcHosts:     hc,
+		ApplyClientFiltering: applyEmptyClientFiltering,
+		BlockedServices:      emptyFilteringBlockedServices(),
+		BlockingMode:         filtering.BlockingModeDefault,
+		EtcHosts:             hc,
 	}, nil)
 	require.NoError(t, err)
 
 
@@ -17,9 +17,7 @@ import (
 func (s *Server) clientRequestFilteringSettings(dctx *dnsContext) (setts *filtering.Settings) {
 	setts = s.dnsFilter.Settings()
 	setts.ProtectionEnabled = dctx.protectionEnabled
-	if s.conf.FilterHandler != nil {
-		s.conf.FilterHandler(dctx.proxyCtx.Addr.Addr(), dctx.clientID, setts)
-	}
+	s.dnsFilter.ApplyAdditionalFiltering(dctx.proxyCtx.Addr.Addr(), dctx.clientID, setts)
 
 	return setts
 }
 
@@ -45,8 +45,10 @@ func TestHandleDNSRequest_handleDNSRequest(t *testing.T) {
 	}}
 
 	f, err := filtering.New(&filtering.Config{
-		ProtectionEnabled: true,
-		BlockingMode:      filtering.BlockingModeDefault,
+		ProtectionEnabled:    true,
+		ApplyClientFiltering: applyEmptyClientFiltering,
+		BlockedServices:      emptyFilteringBlockedServices(),
+		BlockingMode:         filtering.BlockingModeDefault,
 	}, filters)
 	require.NoError(t, err)
 	f.SetEnabled(true)