More funkensturm stuff
This commit is contained in:
parent
ba42adbfcc
commit
285c450fa8
8
TODO
8
TODO
|
@ -27,3 +27,11 @@ Issues:
|
|||
- FormErr pkt
|
||||
- for new(RR*)
|
||||
- nsupdate
|
||||
|
||||
Funkensturm:
|
||||
* add some generic functions that can be used
|
||||
matching functions should be go-like and just hook into the exported
|
||||
field from package dns.
|
||||
actions are defined in calling functions from funkensturm:
|
||||
- sign(RRSET, privKEY), how do you specify WHAT gets signed
|
||||
if rr.Header().Name == "miek.nl." -> sign header -> add sig
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
# license that can be found in the LICENSE file.
|
||||
include $(GOROOT)/src/Make.inc
|
||||
TARG=funkensturm
|
||||
GOFILES=funkensturm.go
|
||||
GOFILES=funkensturm.go\
|
||||
config.go\
|
||||
|
||||
DEPS=../../
|
||||
include $(GOROOT)/src/Make.cmd
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Funkensturm
|
||||
* Funkensturm
|
||||
* Miek Gieben <miek@miek.nl>
|
||||
*/
|
||||
|
||||
|
@ -7,30 +7,57 @@ package main
|
|||
|
||||
import (
|
||||
"net"
|
||||
_ "fmt"
|
||||
"fmt"
|
||||
"dns"
|
||||
_ "strconv"
|
||||
"dns/resolver"
|
||||
"dns/responder"
|
||||
"runtime"
|
||||
"os/signal"
|
||||
)
|
||||
|
||||
// Strip the Addtional section of a pkt
|
||||
func stripExtra(m *dns.Msg) *dns.Msg {
|
||||
m.Extra = []dns.RR{}
|
||||
return m
|
||||
// Where does the packet come from?
|
||||
// IN: initial packet received by the Responder
|
||||
// any modifications here will reflect what kind of
|
||||
// pkt is sent through. Normally there is no modification here.
|
||||
// OUT: pkt as received back. Modifications here will reflect
|
||||
// how the packet is send back to the original requester.
|
||||
const (
|
||||
IN = iota
|
||||
OUT
|
||||
|
||||
OR
|
||||
AND
|
||||
)
|
||||
|
||||
// A Match function is let loose on a DNS packet and
|
||||
// returns (a possibly modified) DNS packet. It should
|
||||
// return true when the packets matches the criteria in
|
||||
// the function.
|
||||
// Op is used in chaining Match-structures together
|
||||
type Match struct {
|
||||
Op int // boolean op: OR, AND
|
||||
Func func(*dns.Msg, int) (*dns.Msg, bool)
|
||||
}
|
||||
|
||||
// Strip the Authority section of a pkt
|
||||
func stripNs(m *dns.Msg) *dns.Msg {
|
||||
m.Ns = []dns.RR{}
|
||||
return m
|
||||
// An action is something that is done with a packet. Funkensturm
|
||||
// does not impose any restriction on what this can be.
|
||||
type Action struct {
|
||||
Func func(in *dns.Msg) (*dns.Msg, bool)
|
||||
}
|
||||
|
||||
// A complete config for Funkensturm. All matches in the Matches slice are
|
||||
// chained together: Match[0] -> dns.Msg -> Match[1] -> dns.Msg -> ...
|
||||
// The dns.Msg output of Match[n] is the input for Match[n+1].
|
||||
// The final outcome (does a packet match or not?) is calculated as follows:
|
||||
// true Match[0].Op Match[0].Func() Match[1].Op Match[1].Func()
|
||||
// If the final result is true the action(s) are called. Note that
|
||||
// at least one of these action functions should send the actual message!
|
||||
type Funkensturm struct {
|
||||
Matches []Match
|
||||
Actions []Action
|
||||
}
|
||||
|
||||
type server responder.Server
|
||||
|
||||
func reply(a net.Addr, in []byte, tcp bool) *dns.Msg {
|
||||
func reply(a net.Addr, in []byte) *dns.Msg {
|
||||
inmsg := new(dns.Msg)
|
||||
if !inmsg.Unpack(in) {
|
||||
println("Unpacking failed")
|
||||
|
@ -39,44 +66,52 @@ func reply(a net.Addr, in []byte, tcp bool) *dns.Msg {
|
|||
if inmsg.MsgHdr.Response == true {
|
||||
return nil // Don't answer responses
|
||||
}
|
||||
|
||||
// it's valid mesg, return it
|
||||
return inmsg
|
||||
}
|
||||
|
||||
func (s *server) ResponderUDP(c *net.UDPConn, a net.Addr, i []byte) {
|
||||
m := reply(a, i, false)
|
||||
if m == nil {
|
||||
pkt := reply(a, i)
|
||||
if pkt == nil {
|
||||
return
|
||||
}
|
||||
// okay, send it using the resolver
|
||||
qr <- resolver.Msg{m, nil, nil}
|
||||
in := <-qr
|
||||
// here I need to call funkensturm
|
||||
matches := getMatches()
|
||||
|
||||
in.Dns = stripExtra(in.Dns)
|
||||
// in.Dns = stripNs(in.Dns)
|
||||
ok, ok1 := true, true
|
||||
pkt1 := pkt
|
||||
for _, m := range matches {
|
||||
pkt1, ok1 = m.Func(pkt1, IN)
|
||||
switch m.Op {
|
||||
case AND:
|
||||
ok = ok && ok1
|
||||
case OR:
|
||||
ok = ok || ok1
|
||||
}
|
||||
}
|
||||
|
||||
// in may be nil
|
||||
if !ok {
|
||||
fmt.Println("We doen niks")
|
||||
return
|
||||
}
|
||||
println("uitkomst: ", ok)
|
||||
fmt.Printf("%v\n", pkt1)
|
||||
|
||||
/*
|
||||
out, ok := in.Dns.Pack()
|
||||
if !ok {
|
||||
println("Failed to pack")
|
||||
return
|
||||
}
|
||||
responder.SendUDP(out, c, a)
|
||||
*/
|
||||
}
|
||||
|
||||
func (s *server) ResponderTCP(c *net.TCPConn, in []byte) {
|
||||
}
|
||||
|
||||
var qr chan resolver.Msg
|
||||
|
||||
func main() {
|
||||
runtime.GOMAXPROCS(5)
|
||||
|
||||
r := new(resolver.Resolver)
|
||||
r.Servers = []string{"127.0.0.1"}
|
||||
r.Port = "53"
|
||||
qr = r.NewQuerier()
|
||||
// Start the stuff the needs started, call init()
|
||||
Funkinit()
|
||||
|
||||
s := new(responder.Server)
|
||||
s.Address = "127.0.0.1"
|
||||
|
|
Loading…
Reference in New Issue