Slightly better, cleanup must still be done
This commit is contained in:
parent
5ba0733e31
commit
e05cc84207
|
@ -3,7 +3,6 @@ package main
|
|||
// This is a transparant proxy config. All recevied pkt are just forwarded to the
|
||||
// nameserver, hardcoded to 127.0.0.1 and then return to the original querier
|
||||
import (
|
||||
"fmt"
|
||||
"dns"
|
||||
"dns/resolver"
|
||||
)
|
||||
|
@ -12,7 +11,6 @@ func match(m *dns.Msg, d int) (*dns.Msg, bool) {
|
|||
// Matching criteria
|
||||
switch d {
|
||||
case IN:
|
||||
fmt.Printf("%v\n", m)
|
||||
// nothing
|
||||
case OUT:
|
||||
// Note that when sending back only the mangling is important
|
||||
|
@ -30,14 +28,14 @@ func match(m *dns.Msg, d int) (*dns.Msg, bool) {
|
|||
return m, true
|
||||
}
|
||||
|
||||
func send(m *dns.Msg, ok bool) (*dns.Msg, bool) {
|
||||
func send(m *dns.Msg, ok bool) *dns.Msg {
|
||||
switch ok {
|
||||
case true, false:
|
||||
qr <- resolver.Msg{m, nil, nil}
|
||||
in := <-qr
|
||||
return in.Dns, true
|
||||
return in.Dns
|
||||
}
|
||||
return nil, false // Bug in Go, yes BUG IN GO
|
||||
return nil
|
||||
}
|
||||
|
||||
// qr is global and started by Funkensturm. If you
|
||||
|
|
|
@ -1,25 +1,20 @@
|
|||
package main
|
||||
|
||||
// This is a transparant proxy config. All recevied pkt are just forwarded to the
|
||||
// nameserver, hardcoded to 127.0.0.1 and then return to the original querier
|
||||
// This proxy delays pkt that have the RD bit set.
|
||||
// NSECDELAY is now 1 * 1e9, which means 1 pkt/sec
|
||||
import (
|
||||
"dns"
|
||||
"time"
|
||||
"dns/resolver"
|
||||
)
|
||||
|
||||
const (
|
||||
DELAY = 0.5 * 1e9 // half second
|
||||
)
|
||||
const NSECDELAY = 1 * 1e9 // 1 second, meaning 1 qps
|
||||
var previous int64 // previous tick
|
||||
|
||||
var previous int64 // previous tick
|
||||
// Check the delay
|
||||
func checkDelay(nsecDelay int64) (ti int64, limitok bool) {
|
||||
func checkDelay() (ti int64, limitok bool) {
|
||||
current := time.Nanoseconds()
|
||||
tdiff := (current - previous)
|
||||
println("tdiff", tdiff)
|
||||
println("nsec", nsecDelay)
|
||||
if tdiff < nsecDelay {
|
||||
if tdiff < NSECDELAY {
|
||||
// too often
|
||||
return previous, false
|
||||
}
|
||||
|
@ -28,13 +23,13 @@ func checkDelay(nsecDelay int64) (ti int64, limitok bool) {
|
|||
|
||||
func match(m *dns.Msg, d int) (*dns.Msg, bool) {
|
||||
// Matching criteria
|
||||
var ok bool
|
||||
switch d {
|
||||
case IN:
|
||||
// nothing
|
||||
// only delay pkts with RD bit
|
||||
ok = m.MsgHdr.RecursionDesired == true
|
||||
case OUT:
|
||||
// Note that when sending back only the mangling is important
|
||||
// the actual return code of these function isn't checked by
|
||||
// funkensturm
|
||||
// nothing
|
||||
}
|
||||
|
||||
// Packet Mangling functions
|
||||
|
@ -44,30 +39,30 @@ func match(m *dns.Msg, d int) (*dns.Msg, bool) {
|
|||
case OUT:
|
||||
// nothing
|
||||
}
|
||||
return m, true
|
||||
return m, ok
|
||||
}
|
||||
|
||||
func delay(m *dns.Msg, ok bool) (*dns.Msg, bool) {
|
||||
var ok1 bool
|
||||
func delay(m *dns.Msg, ok bool) *dns.Msg {
|
||||
var ok1 bool
|
||||
switch ok {
|
||||
case true:
|
||||
previous, ok1 = checkDelay(DELAY)
|
||||
previous, ok1 = checkDelay()
|
||||
if !ok1 {
|
||||
println("dropping: too often")
|
||||
time.Sleep(DELAY)
|
||||
return nil, false
|
||||
println("Dropping: too often")
|
||||
time.Sleep(NSECDELAY)
|
||||
return nil
|
||||
} else {
|
||||
println("Ok: continue")
|
||||
qr <- resolver.Msg{m, nil, nil}
|
||||
in := <-qr
|
||||
return in.Dns, true
|
||||
println("Ok: continue")
|
||||
qr <- resolver.Msg{m, nil, nil}
|
||||
in := <-qr
|
||||
return in.Dns
|
||||
}
|
||||
case false:
|
||||
qr <- resolver.Msg{m, nil, nil}
|
||||
in := <-qr
|
||||
return in.Dns, true
|
||||
return in.Dns
|
||||
}
|
||||
return nil, false
|
||||
return nil
|
||||
}
|
||||
|
||||
// Return the configration
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
package main
|
||||
|
||||
// This is a transparant proxy config. All recevied pkt are just forwarded to the
|
||||
// nameserver, hardcoded to 127.0.0.1 and then return to the original querier
|
||||
// This is a transparant proxy config. All recevied pkts are forwarded to the
|
||||
// nameserver, hardcoded to 127.0.0.1 and then returned to the original querier
|
||||
import (
|
||||
"dns"
|
||||
"dns/resolver"
|
||||
|
@ -28,14 +28,14 @@ func match(m *dns.Msg, d int) (*dns.Msg, bool) {
|
|||
return m, true
|
||||
}
|
||||
|
||||
func send(m *dns.Msg, ok bool) (*dns.Msg, bool) {
|
||||
func send(m *dns.Msg, ok bool) *dns.Msg {
|
||||
switch ok {
|
||||
case true, false:
|
||||
qr <- resolver.Msg{m, nil, nil}
|
||||
in := <-qr
|
||||
return in.Dns, true
|
||||
return in.Dns
|
||||
}
|
||||
return nil, false // Bug in Go, yes BUG IN GO
|
||||
return nil
|
||||
}
|
||||
|
||||
// qr is global and started by Funkensturm. If you
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
package main
|
||||
|
||||
// This is a transparant proxy config. All recevied pkt are just forwarded to the
|
||||
// nameserver, hardcoded to 127.0.0.1 and then return to the original querier
|
||||
// This is a signing proxy.
|
||||
// Lots of hardcoded stuff, but stuff in the
|
||||
// answer section is signed with a key
|
||||
// the RRSIG is added to the pkt
|
||||
import (
|
||||
"dns"
|
||||
"dns/resolver"
|
||||
|
@ -55,21 +57,16 @@ func match(m *dns.Msg, d int) (*dns.Msg, bool) {
|
|||
return m, true
|
||||
}
|
||||
|
||||
func send(m *dns.Msg, ok bool) (*dns.Msg, bool) {
|
||||
func send(m *dns.Msg, ok bool) *dns.Msg {
|
||||
switch ok {
|
||||
case true, false:
|
||||
qr <- resolver.Msg{m, nil, nil}
|
||||
in := <-qr
|
||||
return in.Dns, true
|
||||
return in.Dns
|
||||
}
|
||||
return nil, false // Bug in Go, yes BUG IN GO
|
||||
return nil
|
||||
}
|
||||
|
||||
// qr is global and started by Funkensturm. If you
|
||||
// need 2 or more resolvers, you'll need to start
|
||||
// them yourself. This needs to be a global variable
|
||||
//var qr1 chan resolver.Msg
|
||||
|
||||
var pubkey *dns.RR_DNSKEY
|
||||
var privkey dns.PrivateKey
|
||||
|
||||
|
|
|
@ -41,7 +41,7 @@ type Match struct {
|
|||
// An action is something that is done with a packet. Funkensturm
|
||||
// does not impose any restriction on what this can be.
|
||||
type Action struct {
|
||||
Func func(*dns.Msg, bool) (*dns.Msg, bool)
|
||||
Func func(*dns.Msg, bool) *dns.Msg
|
||||
}
|
||||
|
||||
// A complete config for Funkensturm. All matches in the Matches slice are
|
||||
|
@ -83,9 +83,8 @@ func (s *server) ResponderUDP(c *net.UDPConn, a net.Addr, i []byte) {
|
|||
// We use 'ok' to signal what the above match did, true or false
|
||||
var resultpkt *dns.Msg
|
||||
for _, a := range f.Actions {
|
||||
resultpkt, ok1 = a.Func(pkt1, ok)
|
||||
resultpkt = a.Func(pkt1, ok)
|
||||
}
|
||||
// what to do with the bool??
|
||||
|
||||
// loop again for matching, but now with OUT, this is done
|
||||
// for some last minute packet changing. Note the boolean return
|
||||
|
|
Loading…
Reference in New Issue