Extremely basic, but functional, DNS proxying support (--dns option)

Limitations: - uses a hardcoded DNS server IP on both client and server - never expires request/response objects, so leaks memory and sockets - works only with iptables, not with ipfw
2025-08-09 15:54:56 +02:00 · 2011-01-26 02:00:19 -08:00
parent e7a19890aa
commit a2fcb08a2d
5 changed files with 89 additions and 15 deletions
--- a/server.py
+++ b/server.py
@ -106,6 +106,23 @@ class Hostwatch:
        self.sock = None


+class DnsProxy(Handler):
+    def __init__(self, mux, chan, request):
+        sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+        Handler.__init__(self, [sock])
+        self.sock = sock
+        self.mux = mux
+        self.chan = chan
+        self.sock.setsockopt(socket.SOL_IP, socket.IP_TTL, 42)
+        self.sock.connect(('192.168.42.1', 53))
+        self.sock.send(request)
+
+    def callback(self):
+        data = self.sock.recv(4096)
+        debug2('dns response: %d bytes\n' % len(data))
+        self.mux.send(self.chan, ssnet.CMD_DNS_RESPONSE, data)
+
+
 def main():
    if helpers.verbose >= 1:
        helpers.logprefix = ' s: '
@ -165,6 +182,14 @@ def main():
        handlers.append(Proxy(MuxWrapper(mux, channel), outwrap))
    mux.new_channel = new_channel

+    dnshandlers = {}
+    def dns_req(channel, data):
+        debug1('got dns request!\n')
+        h = DnsProxy(mux, channel, data)
+        handlers.append(h)
+        dnshandlers[channel] = h
+    mux.got_dns_req = dns_req
+
    while mux.ok:
        if hw.pid:
            assert(hw.pid > 0)