feat(proxy): Block services

[MaciejTe]

PR type

What kind of change does this PR introduce?

• Bugfix
• Feature
• Code style update
• Refactoring (no functional changes, no api changes)
• Build related changes
• Documentation content changes
• Other... Please describe:

[Copilot]

Pull request overview

This PR introduces a new tiered decision system for filtering DNS requests, replacing the previous binary status-based approach. The changes enable concurrent filtering stages to produce decisions (none/allow/block) with associated tiers, which are then aggregated deterministically to resolve conflicts—allowing "allow" to win over "block" within the same tier and higher tiers to take precedence overall.

Changes:

• Introduced StageResult and Decision types to replace direct FilterResult usage in filtering stages
• Implemented tier-based aggregation logic that prioritizes "allow" over "block" and respects tier hierarchy
• Refactored IP filtering to correctly handle allow-vs-block precedence across multiple answer records

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
proxy/model/stage_result.go	Defines the new Decision enum and StageResult struct with tier and reasons
proxy/filter/aggregate.go	Implements tier-based aggregation logic and reason deduplication
proxy/filter/aggregate_test.go	Tests the new aggregation logic for various tier and decision scenarios
proxy/filter/ip_custom_rules_precedence_test.go	Tests that IP-based allow rules override block rules in custom filtering
proxy/requestcontext/request_context.go	Updates PartialFilteringResults field to use StageResult instead of FilterResult
proxy/filter/ip.go	Updates IP filter to return StageResult and use the new aggregation approach
proxy/filter/domain.go	Updates domain filter to return StageResult and removes old aggregation function
proxy/filter/custom_rules.go	Refactors custom rules to return StageResult and properly handle IP allow/block precedence
proxy/filter/default_rule.go	Updates default rule to return StageResult with appropriate tier
proxy/filter/blocklists.go	Updates blocklist filtering to return StageResult with appropriate tier
proxy/filter/custom_rules_test.go	Updates tests to expect StageResult with decision and tier fields
proxy/filter/blocklists_test.go	Updates tests to expect StageResult with decision and tier fields

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 70 out of 78 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.