def smart_route_dns_query(self):
xlog.info("Start testing SmartRouter DNS Query")
domain = "appsec.hicloud.com"
d = DNSRecord(DNSHeader(123))
d.add_question(DNSQuestion(domain, 1))
req4_pack = d.pack()
for port in [8053, 53]:
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(req4_pack, ("127.0.0.1", port))
sock.settimeout(5)
try:
response, server = sock.recvfrom(8192)
except Exception as e:
xlog.warn("recv fail for port:%s e:%r", port, e)
continue
p = DNSRecord.parse(response)
for r in p.rr:
ip = utils.to_bytes(str(r.rdata))
xlog.info("IP:%s" % ip)
self.assertEqual(utils.check_ip_valid(ip), True)
xlog.info("Finished testing SmartRouter DNS Query")
return
async def query(self, query_type: str, dns_query: str) -> None:
query = DNSRecord(q=DNSQuestion(dns_query, getattr(QTYPE, query_type)))
stream_id = self._quic.get_next_available_stream_id()
logger.debug(f"Stream ID: {stream_id}")
end_stream = False
self._quic.send_stream_data(stream_id, bytes(query.pack()), end_stream)
waiter = self._loop.create_future()
self._ack_waiter = waiter
self.transmit()
return await asyncio.shield(waiter)
def smart_route_dns_query(self):
xlog.info("Start testing SmartRouter DNS Query")
domain = "appsec.hicloud.com"
d = DNSRecord(DNSHeader(123))
d.add_question(DNSQuestion(domain, 1))
req4_pack = d.pack()
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(req4_pack, ("127.0.0.1", 53))
sock.sendto(req4_pack, ("127.0.0.1", 8053))
response, server = sock.recvfrom(8192)
p = DNSRecord.parse(response)
for r in p.rr:
ip = utils.to_bytes(str(r.rdata))
xlog.info("IP:%s" % ip)
self.assertEqual(utils.check_ip_valid(ip), True)
xlog.info("Finished testing SmartRouter DNS Query")
def pan_dig(domain):
import argparse, sys, time
p = argparse.ArgumentParser(description="DNS Client")
p.add_argument(
"--server",
"-s",
default="8.8.8.8",
metavar="<address:port>",
help="Server address:port (default:8.8.8.8:53) (port is optional)")
p.add_argument("--query",
action='store_true',
default=False,
help="Show query (default: False)")
p.add_argument("--hex",
action='store_true',
default=False,
help="Dump packet in hex (default: False)")
p.add_argument("--tcp",
action='store_true',
default=True,
help="Use TCP (default: UDP)")
p.add_argument(
"--noretry",
action='store_true',
default=False,
help="Don't retry query using TCP if truncated (default: false)")
p.add_argument(
"--diff",
default="",
help=
"Compare response from alternate nameserver (format: address:port / default: false)"
)
p.add_argument(
"--dig",
action='store_true',
default=False,
help=
"Compare result with DiG - if ---diff also specified use alternative nameserver for DiG request (default: false)"
)
p.add_argument("--short",
action='store_true',
default=True,
help="Short output - rdata only (default: false)")
p.add_argument("--debug",
action='store_true',
default=False,
help="Drop into CLI after request (default: false)")
p.add_argument("domain", metavar="<domain>", help="Query domain")
p.add_argument("qtype",
metavar="<type>",
default="A",
nargs="?",
help="Query type (default: A)")
args = p.parse_args(['--tcp', '--short', domain])
# Construct request
q = DNSRecord(q=DNSQuestion(args.domain, getattr(QTYPE, args.qtype)))
address, _, port = args.server.partition(':')
port = int(port or 53)
if args.query:
print(";; Sending%s:" % (" (TCP)" if args.tcp else ""))
if args.hex:
print(";; QUERY:", binascii.hexlify(q.pack()).decode())
print(q)
print()
a_pkt = q.send(address, port, tcp=args.tcp)
a = DNSRecord.parse(a_pkt)
if a.header.tc and args.noretry == False:
# Truncated - retry in TCP mode
a_pkt = q.send(address, port, tcp=True)
a = DNSRecord.parse(a_pkt)
if args.dig or args.diff:
if args.diff:
address, _, port = args.diff.partition(':')
port = int(port or 53)
if args.dig:
dig = getoutput("dig +qr -p %d %s %s @%s" %
(port, args.domain, args.qtype, address))
dig_reply = list(iter(DigParser(dig)))
# DiG might have retried in TCP mode so get last q/a
q_diff = dig_reply[-2]
a_diff = dig_reply[-1]
else:
q_diff = DNSRecord(header=DNSHeader(id=q.header.id),
q=DNSQuestion(args.domain,
getattr(QTYPE, args.qtype)))
q_diff = q
diff = q_diff.send(address, port, tcp=args.tcp)
a_diff = DNSRecord.parse(diff)
if a_diff.header.tc and args.noretry == False:
diff = q_diff.send(address, port, tcp=True)
a_diff = DNSRecord.parse(diff)
if args.short:
return a.short()
else:
print(";; Got answer:")
if args.hex:
print(";; RESPONSE:", binascii.hexlify(a_pkt).decode())
if args.diff and not args.dig:
print(";; DIFF :", binascii.hexlify(diff).decode())
print(a)
print()
if args.dig or args.diff:
if q != q_diff:
print(";;; ERROR: Diff Question differs")
for (d1, d2) in q.diff(q_diff):
if d1:
print(";; - %s" % d1)
if d2:
print(";; + %s" % d2)
if a != a_diff:
print(";;; ERROR: Diff Response differs")
for (d1, d2) in a.diff(a_diff):
if d1:
print(";; - %s" % d1)
if d2:
print(";; + %s" % d2)
if args.debug:
code.interact(local=locals())
return None
metavar="<type>",
default="A",
nargs="?",
help="Query type (default: A)")
args = p.parse_args()
# Construct request
q = DNSRecord(q=DNSQuestion(args.domain, getattr(QTYPE, args.qtype)))
address, _, port = args.server.partition(':')
port = int(port or 53)
if args.query:
print(";; Sending%s:" % (" (TCP)" if args.tcp else ""))
if args.hex:
print(";; QUERY:", binascii.hexlify(q.pack()).decode())
print(q)
print()
a_pkt = q.send(address, port, tcp=args.tcp)
a = DNSRecord.parse(a_pkt)
if a.header.tc and args.noretry == False:
# Truncated - retry in TCP mode
a_pkt = q.send(address, port, tcp=True)
a = DNSRecord.parse(a_pkt)
if args.dig or args.diff:
if args.diff:
address, _, port = args.diff.partition(':')
port = int(port or 53)
p.add_argument("domain",metavar="<domain>",
help="Query domain")
p.add_argument("qtype",metavar="<type>",default="A",nargs="?",
help="Query type (default: A)")
args = p.parse_args()
# Construct request
q = DNSRecord(q=DNSQuestion(args.domain,getattr(QTYPE,args.qtype)))
address,_,port = args.server.partition(':')
port = int(port or 53)
if args.query:
print(";; Sending%s:" % (" (TCP)" if args.tcp else ""))
if args.hex:
print(";; QUERY:",binascii.hexlify(q.pack()).decode())
print(q)
print()
a_pkt = q.send(address,port,tcp=args.tcp)
a = DNSRecord.parse(a_pkt)
if a.header.tc and args.noretry == False:
# Truncated - retry in TCP mode
a_pkt = q.send(address,port,tcp=True)
a = DNSRecord.parse(a_pkt)
if args.dig or args.diff:
if args.diff:
address,_,port = args.diff.partition(':')
port = int(port or 53)
