Merge pull request #8 from HotCakeX/WinSecureDNSMgr-update-v0.0.6

WinSecureDNSMgr Update v0.0.6
HotCakeX · Jul 8, 2024 · d4a61f3 · d4a61f3
2 parents 1297a9b + 135ba03
commit d4a61f3
Show file tree

Hide file tree

Showing 9 changed files with 202 additions and 113 deletions.
diff --git a/WinSecureDNSMgr/Module/Main/Reset-DoHSettings.psm1 b/WinSecureDNSMgr/Module/Main/Reset-DoHSettings.psm1
@@ -7,10 +7,17 @@ Function Reset-DoHSettings {
     # Importing the $PSDefaultParameterValues to the current session, prior to everything else
     . "$WinSecureDNSMgrModuleRootPath\MainExt\PSDefaultParameterValues.ps1"
 
+    # This service shouldn't be disabled
+    # https://github.com/HotCakeX/WinSecureDNSMgr/issues/7
+    if (!((Get-Service -Name 'Dnscache').StartType -ne 'Disabled')) {
+        throw 'The DNS Client service status is disabled. Please start the service and try again.'
+    }
+
     Write-Verbose -Message 'Displaying non-system DoH templates.'
-    Get-DnsClientDohServerAddress | Where-Object -FilterScript { $_.DohTemplate -notin $BuiltInDoHTemplatesReference.Values.Values.Values } |
-    ForEach-Object -Process {
-        Write-Verbose -Message "Non-System DoH template with the Server Address $($_.ServerAddress) and Domain $($_.DohTemplate) detected."
+    foreach ($DNSAddr in Get-DnsClientDohServerAddress) {
+        if ($DNSAddr.DohTemplate -notin $BuiltInDoHTemplatesReference.Values.Values.Values) {
+            Write-Verbose -Message "Non-System DoH template with the Server Address $($_.ServerAddress) and Domain $($_.DohTemplate) detected."
+        }
     }
 
     Write-Verbose -Message 'Resetting the DNS server IP addresses of all network adapters to the default values'
@@ -19,8 +26,8 @@ Function Reset-DoHSettings {
     }
 
     Write-Verbose -Message 'Removing all DoH templates from the system.'
-    Get-DnsClientDohServerAddress | ForEach-Object -Process {
-        Remove-DnsClientDohServerAddress -InputObject $_
+    foreach ($Item in Get-DnsClientDohServerAddress) {
+        Remove-DnsClientDohServerAddress -InputObject $Item
     }
 
     Write-Verbose -Message 'Restoring the default Windows DoH templates.'
@@ -31,7 +38,7 @@ Function Reset-DoHSettings {
 
             # Loop over each IPv4 address and its DoH domain
             foreach ($IPv4 in $IPv4s.Value.GetEnumerator()) {
-                Add-DnsClientDohServerAddress -AllowFallbackToUdp $false -AutoUpgrade $True -ServerAddress $IPv4.Name -DohTemplate $IPv4.Value | Out-Null
+                $null = Add-DnsClientDohServerAddress -AllowFallbackToUdp $false -AutoUpgrade $True -ServerAddress $IPv4.Name -DohTemplate $IPv4.Value
             }
         }
 
@@ -40,7 +47,7 @@ Function Reset-DoHSettings {
 
             # Loop over each IPv6 address and its DoH domain
             foreach ($IPv6 in $IPv6s.Value.GetEnumerator()) {
-                Add-DnsClientDohServerAddress -AllowFallbackToUdp $false -AutoUpgrade $True -ServerAddress $IPv6.Name -DohTemplate $IPv6.Value | Out-Null
+                $null = Add-DnsClientDohServerAddress -AllowFallbackToUdp $false -AutoUpgrade $True -ServerAddress $IPv6.Name -DohTemplate $IPv6.Value
             }
         }
     }

diff --git a/WinSecureDNSMgr/Module/Main/Set-BuiltInWinSecureDNS.psm1 b/WinSecureDNSMgr/Module/Main/Set-BuiltInWinSecureDNS.psm1
@@ -3,12 +3,12 @@ Function Set-BuiltInWinSecureDNS {
     [CmdletBinding()]
     [OutputType([System.String], [Microsoft.Management.Infrastructure.CimInstance])]
     param (
-        [ValidateSet('Cloudflare', 'Google', 'Quad9', ErrorMessage = 'The selected DNS over HTTPS provider is not supported by Windows. Please select a different provider or use the Set-CustomWinSecureDNS cmdlet.')]
+        [ValidateSet('Cloudflare', 'CloudFlareFamily', 'CloudFlareAntiMalware', 'Quad9' , 'Quad9MalwareBlocking', 'Google', ErrorMessage = 'The selected DNS over HTTPS provider is not supported by Windows. Please select a different provider or use the Set-CustomWinSecureDNS cmdlet.')]
         [Parameter(Mandatory = $false)][System.String]$DoHProvider = 'Cloudflare'
     )
     begin {
         # Detecting if Verbose switch is used
-        $PSBoundParameters.Verbose.IsPresent ? ([System.Boolean]$Verbose = $true) : ([System.Boolean]$Verbose = $false) | Out-Null
+        [System.Boolean]$Verbose = $PSBoundParameters.Verbose.IsPresent ? $true : $false
 
         # Importing the $PSDefaultParameterValues to the current session, prior to everything else
         . "$WinSecureDNSMgrModuleRootPath\MainExt\PSDefaultParameterValues.ps1"
@@ -18,6 +18,12 @@ Function Set-BuiltInWinSecureDNS {
         Import-Module -Name "$WinSecureDNSMgrModuleRootPath\Shared\Get-ManualNetworkAdapterWinSecureDNS.psm1" -Force
         Import-Module -Name "$WinSecureDNSMgrModuleRootPath\Shared\Select-Option.psm1" -Force
 
+        # This service shouldn't be disabled
+        # https://github.com/HotCakeX/WinSecureDNSMgr/issues/7
+        if (!((Get-Service -Name 'Dnscache').StartType -ne 'Disabled')) {
+            throw 'The DNS Client service status is disabled. Please start the service and try again.'
+        }
+
         # Get the DoH domain from the hashtable - Since all of the DoH domains are identical for the same provider, only getting the first item in the array
         [System.String]$DetectedDoHTemplate = ($BuiltInDoHTemplatesReference.GetEnumerator() | Where-Object { $_.Key -eq $DoHProvider }).Value.Values.Values[0]
 
@@ -60,39 +66,105 @@ Function Set-BuiltInWinSecureDNS {
         # delete all other previous DoH settings for ALL Interface - Windows behavior in settings when changing DoH settings is to delete all DoH settings for the interface we are modifying
         # but we need to delete all DoH settings for ALL interfaces in here because every time we virtualize a network adapter with external switch of Hyper-V,
         # Hyper-V assigns a new GUID to it, so it's better not to leave any leftover in the registry and clean up after ourselves
-        Remove-Item -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\*' -Recurse | Out-Null
+        $null = Remove-Item -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\*' -Recurse
+
+        # Define empty arrays to store IPv4 and IPv6 addresses
+        [System.String[]]$DoHIPs = @()
+        [System.String[]]$IPV4s = @()
+        [System.String[]]$IPV6s = @()
+        [System.Boolean]$IsExtraProvider = $false
+
+        # If using a provider that is not available by default in Windows then get its IP addresses from the JSON file
+        if ($DoHProvider -in 'CloudFlareFamily', 'CloudFlareAntiMalware', 'Quad9MalwareBlocking') {
+
+            $IsExtraProvider = $true
+
+            [System.String[]]$DoHIPs = foreach ($Item in $BuiltInDoHTemplatesReference.GetEnumerator()) {
+                if ($Item.Key -eq $DoHProvider) {
+                    $Item.Value.Values.Keys
+                }
+            }
+
+            # Detect version of each IP address and store them in the appropriate array
+            foreach ($IP in $DoHIPs) {
+                if (([System.Net.IPAddress]$IP).AddressFamily -eq 'InterNetwork') {
+                    $IPV4s += $IP
+                }
+                elseif (([System.Net.IPAddress]$IP).AddressFamily -eq 'InterNetworkV6') {
+                    $IPV6s += $IP
+                }
+            }
 
-        [System.String[]]$DoHIPs = (Get-DnsClientDohServerAddress | Where-Object -FilterScript { $_.DohTemplate -eq $DetectedDoHTemplate }).ServerAddress
+            # check if there is any IP address already associated with $DetectedDoHTemplate and if so, delete them
+            foreach ($Item in Get-DnsClientDohServerAddress) {
+                if ($Item.dohTemplate -eq $DetectedDoHTemplate) {
+                    foreach ($OldIP in $Item.ServerAddress) {
+                        Remove-DnsClientDohServerAddress -ServerAddress $OldIP
+                    }
+                }
+            }
 
-        $DoHIPs | ForEach-Object -Process {
+            Write-Verbose -Message 'Checking if the IP addresses of the currently selected DoH domain already exist and then deleting them'
+            foreach ($Item in Get-DnsClientDohServerAddress) {
+                if ($Item.ServerAddress -in $DoHIPs) {
+                    Remove-DnsClientDohServerAddress -ServerAddress $Item.ServerAddress
+                }
+            }
 
-            # Use the IPAddress type so we can get AddressFamily property
-            $IP = [System.Net.IPAddress]$_
+        }
+        else {
+            # Get the IP addresses associated with the built-in DOH servers
+            [System.String[]]$DoHIPs = foreach ($Item in Get-DnsClientDohServerAddress) {
+                if ($Item.DohTemplate -eq $DetectedDoHTemplate) {
+                    $Item.ServerAddress
+                }
+            }
 
-            if ($IP.AddressFamily -eq 'InterNetwork') {
+            # Detect version of each IP address and store them in the appropriate array
+            foreach ($IP in $DoHIPs) {
+                if (([System.Net.IPAddress]$IP).AddressFamily -eq 'InterNetwork') {
+                    $IPV4s += $IP
+                }
+                elseif (([System.Net.IPAddress]$IP).AddressFamily -eq 'InterNetworkV6') {
+                    $IPV6s += $IP
+                }
+            }
+        }
 
-                # defining registry path for DoH settings of the $ActiveNetworkInterface based on its GUID for IPv4
-                [System.String]$PathV4 = "Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$($ActiveNetworkInterface.InterfaceGuid)\DohInterfaceSettings\Doh\$_"
+        foreach ($IPV4 in $IPV4s) {
+            # defining registry path for DoH settings of the $ActiveNetworkInterface based on its GUID for IPv4
+            [System.String]$PathV4 = "Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$($ActiveNetworkInterface.InterfaceGuid)\DohInterfaceSettings\Doh\$IPV4"
 
-                # add DoH settings for the specified Network adapter based on its GUID in registry
-                # value 1 for DohFlags key means use automatic template for DoH, 2 means manual template, since we add our template to Windows, it's predefined so we use value 1
-                New-Item -Path $PathV4 -Force | Out-Null
-                New-ItemProperty -Path $PathV4 -Name 'DohFlags' -Value 1 -PropertyType 'Qword' -Force | Out-Null
+            # add DoH settings for the specified Network adapter based on its GUID in registry
+            # value 1 for DohFlags key means use automatic template for DoH, 2 means manual template, since we add our template to Windows, it's predefined so we use value 1
+            $null = New-Item -Path $PathV4 -Force
+            $null = New-ItemProperty -Path $PathV4 -Name 'DohFlags' -Value 1 -PropertyType 'Qword' -Force
 
-                Set-DnsClientDohServerAddress -ServerAddress $_ -DohTemplate $DetectedDoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True
+            if (!$IsExtraProvider) {
+                Set-DnsClientDohServerAddress -ServerAddress $IPV4 -DohTemplate $DetectedDoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True
+            }
+            else {
+                Write-Verbose -Message 'Associating the new IPv4s with the selected DoH template in Windows DoH template predefined list'
+                $null = Add-DnsClientDohServerAddress -ServerAddress $IPV4 -DohTemplate $DetectedDoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True
             }
+        }
 
-            elseif ($IP.AddressFamily -eq 'InterNetworkV6') {
+        foreach ($IPV6 in $IPV6s) {
 
-                # defining registry path for DoH settings of the $ActiveNetworkInterface based on its GUID for IPv6
-                [System.String]$PathV6 = "Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$($ActiveNetworkInterface.InterfaceGuid)\DohInterfaceSettings\Doh6\$_"
+            # defining registry path for DoH settings of the $ActiveNetworkInterface based on its GUID for IPv6
+            [System.String]$PathV6 = "Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$($ActiveNetworkInterface.InterfaceGuid)\DohInterfaceSettings\Doh6\$IPV6"
 
-                # add DoH settings for the specified Network adapter based on its GUID in registry
-                # value 1 for DohFlags key means use automatic template for DoH, 2 means manual template, since we already added our template to Windows, it's considered predefined, so we use value 1
-                New-Item -Path $PathV6 -Force | Out-Null
-                New-ItemProperty -Path $PathV6 -Name 'DohFlags' -Value 1 -PropertyType 'Qword' -Force | Out-Null
+            # add DoH settings for the specified Network adapter based on its GUID in registry
+            # value 1 for DohFlags key means use automatic template for DoH, 2 means manual template, since we already added our template to Windows, it's considered predefined, so we use value 1
+            $null = New-Item -Path $PathV6 -Force
+            $null = New-ItemProperty -Path $PathV6 -Name 'DohFlags' -Value 1 -PropertyType 'Qword' -Force
 
-                Set-DnsClientDohServerAddress -ServerAddress $_ -DohTemplate $DetectedDoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True
+            if (!$IsExtraProvider) {
+                Set-DnsClientDohServerAddress -ServerAddress $IPV6 -DohTemplate $DetectedDoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True
+            }
+            else {
+                Write-Verbose -Message 'Associating the new IPv4s with the selected DoH template in Windows DoH template predefined list'
+                $null = Add-DnsClientDohServerAddress -ServerAddress $IPV6 -DohTemplate $DetectedDoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True
             }
         }
 

diff --git a/WinSecureDNSMgr/Module/Main/Set-CustomWinSecureDNS.psm1 b/WinSecureDNSMgr/Module/Main/Set-CustomWinSecureDNS.psm1
@@ -13,32 +13,40 @@ function Set-CustomWinSecureDNS {
     )
     begin {
         # Detecting if Verbose switch is used
-        $PSBoundParameters.Verbose.IsPresent ? ([System.Boolean]$Verbose = $true) : ([System.Boolean]$Verbose = $false) | Out-Null
+        [System.Boolean]$Verbose = $PSBoundParameters.Verbose.IsPresent ? $true : $false
 
         # Importing the $PSDefaultParameterValues to the current session, prior to everything else
         . "$WinSecureDNSMgrModuleRootPath\MainExt\PSDefaultParameterValues.ps1"
 
         # Importing the required sub-modules
-        Import-Module -Name "$WinSecureDNSMgrModuleRootPath\Shared\Get-ActiveNetworkAdapterWinSecureDNS.psm1" -Force
-        Import-Module -Name "$WinSecureDNSMgrModuleRootPath\Shared\Get-ManualNetworkAdapterWinSecureDNS.psm1" -Force
-        Import-Module -Name "$WinSecureDNSMgrModuleRootPath\Shared\Select-Option.psm1" -Force
-        Import-Module -Name "$WinSecureDNSMgrModuleRootPath\Shared\Get-IPv6DoHServerIPAddressWinSecureDNSMgr.psm1" -Force
-        Import-Module -Name "$WinSecureDNSMgrModuleRootPath\Shared\Get-IPv4DoHServerIPAddressWinSecureDNSMgr.psm1" -Force
+        Import-Module -Force -FullyQualifiedName @(
+            "$WinSecureDNSMgrModuleRootPath\Shared\Get-ActiveNetworkAdapterWinSecureDNS.psm1",
+            "$WinSecureDNSMgrModuleRootPath\Shared\Get-ManualNetworkAdapterWinSecureDNS.psm1",
+            "$WinSecureDNSMgrModuleRootPath\Shared\Select-Option.psm1",
+            "$WinSecureDNSMgrModuleRootPath\Shared\Get-IPv6DoHServerIPAddressWinSecureDNSMgr.psm1",
+            "$WinSecureDNSMgrModuleRootPath\Shared\Get-IPv4DoHServerIPAddressWinSecureDNSMgr.psm1"
+        )
 
         [System.Boolean]$AutoDetectDoHIPs = $false
 
+        # This service shouldn't be disabled
+        # https://github.com/HotCakeX/WinSecureDNSMgr/issues/7
+        if (!((Get-Service -Name 'Dnscache').StartType -ne 'Disabled')) {
+            throw 'The DNS Client service status is disabled. Please start the service and try again.'
+        }
+
         # If IP addresses were provided manually by user, verify their version
         if ($IPV4s) {
-            $IPV4s | ForEach-Object -Process {
-                if ($_.AddressFamily -ne 'InterNetwork') {
-                    throw "The IP address $_ is not a valid IPv4 address."
+            foreach ($Item in $IPV4s) {
+                if ($Item.AddressFamily -ne 'InterNetwork') {
+                    throw "The IP address $Item is not a valid IPv4 address."
                 }
             }
         }
         if ($IPV6s) {
-            $IPV6s | ForEach-Object -Process {
-                if ($_.AddressFamily -ne 'InterNetworkV6') {
-                    throw "The IP address $_ is not a valid IPv6 address."
+            foreach ($Item in $IPV6s) {
+                if ($Item.AddressFamily -ne 'InterNetworkV6') {
+                    throw "The IP address $Item is not a valid IPv6 address."
                 }
             }
         }
@@ -139,12 +147,12 @@ function Set-CustomWinSecureDNS {
                 [System.String]$PathV4 = "Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$($ActiveNetworkInterface.InterfaceGuid)\DohInterfaceSettings\Doh\$_"
 
                 Write-Verbose -Message 'Associating the new IPv4s with the selected DoH template in Windows DoH template predefined list'
-                Add-DnsClientDohServerAddress -ServerAddress $_ -DohTemplate $DoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True | Out-Null
+                $null = Add-DnsClientDohServerAddress -ServerAddress $_ -DohTemplate $DoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True
 
                 # add DoH settings for the specified Network adapter based on its GUID in registry
                 # value 1 for DohFlags key means use automatic template for DoH, 2 means manual template, since we add our template to Windows, it's predefined so we use value 1
-                New-Item -Path $PathV4 -Force | Out-Null
-                New-ItemProperty -Path $PathV4 -Name 'DohFlags' -Value '1' -PropertyType 'Qword' -Force | Out-Null
+                $null = New-Item -Path $PathV4 -Force
+                $null = New-ItemProperty -Path $PathV4 -Name 'DohFlags' -Value '1' -PropertyType 'Qword' -Force
             }
         }
 
@@ -158,12 +166,12 @@ function Set-CustomWinSecureDNS {
                 [System.String]$PathV6 = "Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$($ActiveNetworkInterface.InterfaceGuid)\DohInterfaceSettings\Doh6\$_"
 
                 Write-Verbose -Message 'Associating the new IPv6s with the selected DoH template in Windows DoH template predefined list'
-                Add-DnsClientDohServerAddress -ServerAddress $_ -DohTemplate $DoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True | Out-Null
+                $null = Add-DnsClientDohServerAddress -ServerAddress $_ -DohTemplate $DoHTemplate -AllowFallbackToUdp $False -AutoUpgrade $True
 
                 # add DoH settings for the specified Network adapter based on its GUID in registry
                 # value 1 for DohFlags key means use automatic template for DoH, 2 means manual template, since we already added our template to Windows, it's considered predefined, so we use value 1
-                New-Item -Path $PathV6 -Force | Out-Null
-                New-ItemProperty -Path $PathV6 -Name 'DohFlags' -Value '1' -PropertyType 'Qword' -Force | Out-Null
+                $null = New-Item -Path $PathV6 -Force
+                $null = New-ItemProperty -Path $PathV6 -Name 'DohFlags' -Value '1' -PropertyType 'Qword' -Force
             }
         }