/* Technitium DNS Server Copyright (C) 2023 Shreyas Zare (shreyas@technitium.com) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ using DnsServerCore.ApplicationCommon; using System; using System.Collections.Generic; using System.IO; using System.Net; using System.Net.Sockets; using System.Text.Json; using System.Threading.Tasks; using TechnitiumLibrary; using TechnitiumLibrary.Net; using TechnitiumLibrary.Net.Dns; using TechnitiumLibrary.Net.Dns.ResourceRecords; namespace SplitHorizon { public class SimpleAddress : IDnsApplication, IDnsAppRecordRequestHandler { #region variables static IReadOnlyDictionary> _networks; #endregion #region IDisposable public void Dispose() { //do nothing } #endregion #region public public async Task InitializeAsync(IDnsServer dnsServer, string config) { if (string.IsNullOrEmpty(config) || config.StartsWith('#')) { //replace old config with default config config = """ { "networks": { "custom-networks": [ "172.16.1.0/24", "172.16.10.0/24", "172.16.2.1" ] }, "enableAddressTranslation": false, "networkGroupMap": { "10.0.0.0/8": "local1", "172.16.0.0/12": "local2", "192.168.0.0/16": "local3" }, "groups": [ { "name": "local1", "enabled": true, "translateReverseLookups": true, "externalToInternalTranslation": { "1.2.3.4": "10.0.0.4", "5.6.7.8": "10.0.0.5" } }, { "name": "local2", "enabled": true, "translateReverseLookups": true, "externalToInternalTranslation": { "1.2.3.4": "172.16.0.4", "5.6.7.8": "172.16.0.5" } }, { "name": "local3", "enabled": true, "translateReverseLookups": true, "externalToInternalTranslation": { "1.2.3.4": "192.168.0.4", "5.6.7.8": "192.168.0.5" } } ] } """; await File.WriteAllTextAsync(Path.Combine(dnsServer.ApplicationFolder, "dnsApp.config"), config); } using JsonDocument jsonDocument = JsonDocument.Parse(config); JsonElement jsonConfig = jsonDocument.RootElement; if (jsonConfig.TryGetProperty("networks", out JsonElement jsonNetworks)) { Dictionary> networks = new Dictionary>(); foreach (JsonProperty jsonProperty in jsonNetworks.EnumerateObject()) { string networkName = jsonProperty.Name; JsonElement jsonNetworkAddresses = jsonProperty.Value; if (jsonNetworkAddresses.ValueKind == JsonValueKind.Array) { List networkAddresses = new List(jsonNetworkAddresses.GetArrayLength()); foreach (JsonElement jsonNetworkAddress in jsonNetworkAddresses.EnumerateArray()) networkAddresses.Add(NetworkAddress.Parse(jsonNetworkAddress.GetString())); networks.TryAdd(networkName, networkAddresses); } } _networks = networks; } else { _networks = new Dictionary>(1); } } public Task ProcessRequestAsync(DnsDatagram request, IPEndPoint remoteEP, DnsTransportProtocol protocol, bool isRecursionAllowed, string zoneName, string appRecordName, uint appRecordTtl, string appRecordData) { DnsQuestionRecord question = request.Question[0]; if (!question.Name.Equals(appRecordName, StringComparison.OrdinalIgnoreCase)) return Task.FromResult(null); switch (question.Type) { case DnsResourceRecordType.A: case DnsResourceRecordType.AAAA: using (JsonDocument jsonDocument = JsonDocument.Parse(appRecordData)) { JsonElement jsonAppRecordData = jsonDocument.RootElement; JsonElement jsonAddresses = default; NetworkAddress selectedNetwork = null; foreach (JsonProperty jsonProperty in jsonAppRecordData.EnumerateObject()) { string name = jsonProperty.Name; if ((name == "public") || (name == "private")) continue; if (_networks.TryGetValue(name, out List networkAddresses)) { foreach (NetworkAddress networkAddress in networkAddresses) { if (networkAddress.Contains(remoteEP.Address)) { jsonAddresses = jsonProperty.Value; break; } } if (jsonAddresses.ValueKind != JsonValueKind.Undefined) break; } else if (NetworkAddress.TryParse(name, out NetworkAddress networkAddress)) { if (networkAddress.Contains(remoteEP.Address) && ((selectedNetwork is null) || (networkAddress.PrefixLength > selectedNetwork.PrefixLength))) { selectedNetwork = networkAddress; jsonAddresses = jsonProperty.Value; } } } if (jsonAddresses.ValueKind == JsonValueKind.Undefined) { if (NetUtilities.IsPrivateIP(remoteEP.Address)) { if (!jsonAppRecordData.TryGetProperty("private", out jsonAddresses)) return Task.FromResult(null); } else { if (!jsonAppRecordData.TryGetProperty("public", out jsonAddresses)) return Task.FromResult(null); } } List answers = new List(); switch (question.Type) { case DnsResourceRecordType.A: foreach (JsonElement jsonAddress in jsonAddresses.EnumerateArray()) { if (IPAddress.TryParse(jsonAddress.GetString(), out IPAddress address) && (address.AddressFamily == AddressFamily.InterNetwork)) answers.Add(new DnsResourceRecord(question.Name, DnsResourceRecordType.A, DnsClass.IN, appRecordTtl, new DnsARecordData(address))); } break; case DnsResourceRecordType.AAAA: foreach (JsonElement jsonAddress in jsonAddresses.EnumerateArray()) { if (IPAddress.TryParse(jsonAddress.GetString(), out IPAddress address) && (address.AddressFamily == AddressFamily.InterNetworkV6)) answers.Add(new DnsResourceRecord(question.Name, DnsResourceRecordType.AAAA, DnsClass.IN, appRecordTtl, new DnsAAAARecordData(address))); } break; } if (answers.Count == 0) return Task.FromResult(null); if (answers.Count > 1) answers.Shuffle(); return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers)); } default: return Task.FromResult(null); } } #endregion #region properties internal static IReadOnlyDictionary> Networks { get { return _networks; } } public string Description { get { return "Returns A or AAAA records with different set of IP addresses for clients querying over public, private, or other specified networks."; } } public string ApplicationRecordDataTemplate { get { return @"{ ""public"": [ ""1.1.1.1"", ""2.2.2.2"" ], ""private"": [ ""192.168.1.1"", ""::1"" ], ""custom-networks"": [ ""172.16.1.1"" ], ""10.0.0.0/8"": [ ""10.1.1.1"" ] }"; } } #endregion } }