def dns_response_for_sending(self):
self.client_data_holder.parsed_dns_response.header.id = self.client_data_holder.parsed_dns_request.header.id
self.client_data_holder.raw_dns_response = DNSRecord.pack(
self.client_data_holder.parsed_dns_response)
logger.debug(
f"[Process: Packing Data For Sending], Request_Header_ID: [{self.client_data_holder.parsed_dns_request.header.id}], Response_Data: [{self.client_data_holder.raw_dns_response}]"
)
def fetch_from_cache(self):
raw_dns_response = web_category_cache.get_from_cache(
self.client_data_holder.unique_key)
logger.debug(
f"[Process: Fetching From Cache], Key: [{self.client_data_holder.unique_key}], Value: [{raw_dns_response}]"
)
self.client_data_holder.raw_dns_response = raw_dns_response
def clear_cache(self):
logger.debug(f"[Process: Clearing Cache], "
f"CurrentCacheSize: [{self.cache.currsize}], "
f"[MaxCacheSize: {self.cache.maxsize}], "
f"[CacheTTL: {self.cache.ttl}], "
f"[CacheTimer: {self.cache.timer}]")
self.cache.clear()
def start_server(self):
logger.debug(
f"Dns Service Running @ {self.DNS_SERVER_UDP_SOCKET.getsockname()} "
)
while True:
try:
dns_request, client_address = self.DNS_SERVER_UDP_SOCKET.recvfrom(
1024)
## Received Data from Socket
#self.validate_and_handle_client(uniq_id, dns_request, client_address); ## Single Threaded
handler_thread = Thread(
target=self.validate_and_handle_client,
args=(dns_request,
client_address)) ## Making it MultiThreaded
#handler_thread.setName(f"Dns-Query-Handler-Thread-{uniq_id}")
logger.debug(
f"[Process: Starting Thread: {handler_thread.getName()} with uniq_id: [{uniq_id}]]"
)
handler_thread.start()
## Start The Thread For Processing
except ConnectionResetError as conn_reset:
logger.error(
f"[Reason: ConnectionResetError]: [ERROR: {conn_reset}]")
except KeyboardInterrupt as key_cancel:
logger.error(
f"[Reason: KeyboardInterrupt]: [ERROR: {key_cancel}]")
self.stop_server()
except Exception as all_exception:
logger.error(
f"[Reason: Exception]: [All Exceptions are handled here][ERROR: {all_exception}]"
)
logger.error(traceback.print_exc())
self.stop_server()
def init_xml_content(self):
with open(self.config_file_name) as xml_config_file:
self.xml_content = xml_config_file.read()
logger.debug(
f"Processed Data From [File:{self.config_file_name}], XML CONTENT DATA: =>"
)
logger.debug(self.xml_content)
return self.xml_content
def process_policy_check_for_dns_response(cls, client_data_holder):
## No Implementation there ALLOW for all
client_data_holder.policy_status = "ALLOW"
client_data_holder.unique_key = client_data_holder.requested_domain + "_" + client_data_holder.requested_query_type + "_" + client_data_holder.policy_status
logger.debug(
f"[Process: Policy Checking(Response) & Unique Key Rewrite], Unique Key: [{client_data_holder.unique_key}] [Not Implemented]"
)
return client_data_holder
def send_response_to_client(self, client_address, raw_dns_response,
status_tag):
logger.debug(
f"[Reason:{status_tag}] Sending Response To [Client:{client_address}], "
f"By [Server:{self.DNS_SERVER_UDP_SOCKET}], "
f"[Data:{str(raw_dns_response)}]")
self.wfile.write(
raw_dns_response
) # Write Data To Client But is only Flushed when Finish is called
def init_bs4_parsed_xml_content(self):
parser_utility = 'html.parser'
bs4_parsed_xml_content = BeautifulSoup(self.xml_content,
parser_utility)
self.bs4_parsed_xml_content = bs4_parsed_xml_content
logger.debug(
f"Processed Data From [Parser_Utility:{parser_utility}], [Lib: BeatifulSoup(BS4) Parsed CONTENT DATA: =>"
)
logger.debug(self.bs4_parsed_xml_content)
return self.bs4_parsed_xml_content
def get_dns_request_question_details(self, ):
dns_question_1 = self.client_data_holder.parsed_dns_request.questions[
0]
dns_question_name = str(dns_question_1.qname)
dns_question_type = str(dns_question_1.qtype)
self.client_data_holder.requested_domain = dns_question_name
self.client_data_holder.requested_query_type = dns_question_type
logger.debug(
f"Dns Question Section, Question[0]: [{dns_question_1}] : With Question: [{dns_question_name}] & Type: [{dns_question_type}] "
)
def cache_check(self):
if web_category_cache.check_if_present(
self.client_data_holder.unique_key):
logger.debug(
f"[Process: Checking In Cache(FOUND)], Key: [{self.client_data_holder.unique_key}], Value: [NOT SHOWN(Check This)]"
)
self.client_data_holder.cache_status = True
else:
logger.debug(
f"[Process: Checking In Cache(NOT-FOUND)], Key: [{self.client_data_holder.unique_key}], Value: [NOT SHOWN(Check This)]"
)
self.client_data_holder.cache_status = False
def dns_request_extractor(self):
dns_request_header, dns_request_header_id, = self.get_dns_request_header_details(
self.client_data_holder.parsed_dns_request.header)
logger.debug(
f"Dns Header Section: of ID: {dns_request_header_id}, Data: [{dns_request_header}]"
)
self.client_data_holder.dns_header_id = dns_request_header_id
self.get_dns_request_question_details()
unique_key = self.generate_key(
self.client_data_holder.requested_domain,
self.client_data_holder.requested_query_type)
self.client_data_holder.unique_key = unique_key
def process_dns_response(self):
ip_list, cname_list, ptr_list = self.get_response_details(
self.client_data_holder.parsed_dns_response.rr)
logger.debug(
f"[Process: Getting IP_LIST/CNAME_LIST/PTR_LIST], "
f"Type: [{self.client_data_holder.requested_query_type}], "
f"Data: [IP(v4/v6):[{ip_list}]], [CNAME:[{cname_list}]], [PTR:[{ptr_list}]]"
)
if ip_list:
self.client_data_holder.response_ip_list = ','.join(ip_list)
if cname_list:
self.client_data_holder.response_cname_list = ','.join(cname_list)
if ptr_list:
self.client_data_holder.response_ptr_list = ','.join(ptr_list)
def start_server(self):
logger.debug(f"[Process: Starting Dns Server @ [{self.server_address}]");
print(f"[Process: Starting Dns Server @ [{self.server_address}]");
reason = None;
try:
self.serve_forever(); #Start The Server
except ConnectionResetError as conn_reset:
logger.error(f"[Reason: ConnectionResetError]: [ERROR: {conn_reset}]", exc_info=True); # Stack Trace the Exception
reason = conn_reset;
except KeyboardInterrupt as key_cancel:
logger.error(f"[Reason: KeyboardInterrupt]: [ERROR: {key_cancel}]", exc_info=True); # Stack Trace the Exception
reason = key_cancel;
except Exception as all_exception:
logger.error(f"[Reason: Exception]: [All Exceptions are handled here][ERROR: {all_exception}]", exc_info=True); # Stack Trace the Exception
reason = all_exception;
finally:
self.stop_server(reason=reason)
def process_policy_check_for_dns_request(cls, client_data_holder):
## No Implementation there ALLOW for all
status = process_policy(client_data_holder=client_data_holder)
print("Status: ", status)
if status["status"] == "BLOCK":
client_data_holder.policy_status = "BLOCK:" + status.get("type")
else:
client_data_holder.policy_status = "ALLOW:" + status.get("type")
client_data_holder.unique_key = client_data_holder.requested_domain + "_" + client_data_holder.requested_query_type + "_" + client_data_holder.policy_status.split(
":")[0]
logger.debug(
f"[Process: Policy Checking(Request) & Unique Key Rewrite], Unique Key: [{client_data_holder.unique_key}] [Not Implemented] "
)
#print(f"[Process: Policy Checking(Request) & Unique Key Rewrite], Unique Key: [{client_data_holder.unique_key}] [Not Implemented] ");
return client_data_holder
def process_policy(client_data_holder):
dns_server_config_data_holder = DNS_SERVER_CONFIG_DATA_HOLDER
#status = { "status": "ALLOW", "type": "Regex" } # Type: Regex or WebCategory
status = process_block_policy(
client_data_holder=client_data_holder,
dns_server_config_data_holder=dns_server_config_data_holder)
# If block True lets's check Allow Status
if status.get("block_status"):
_status = process_allow_policy(
client_data_holder=client_data_holder,
dns_server_config_data_holder=dns_server_config_data_holder)
logger.debug(f"Processed Allow Policy Result for Allow:{status}")
if status.get("allow_status"):
return {"status": "ALLOW", "type": _status.get("allow_type")}
else:
return {"status": "BLOCK", "type": status.get("block_type")}
else:
return {"status": "ALLOW", "type": "No-Block-Match"}
def process_setup_config_section(self):
section_content_xml = self.bs4_parsed_xml_content.find_all(
'setup_config')
logger.debug(f"Processing [Section:setup_config] Data:")
logger.debug(section_content_xml)
dns_server_udp_ip = section_content_xml[0].dns_server_udp_ip.getText(
).strip()
dns_server_udp_port = section_content_xml[
0].dns_server_udp_port.getText().strip()
dns_server_tcp_ip = section_content_xml[0].dns_server_tcp_ip.getText(
).strip()
dns_server_tcp_port = section_content_xml[
0].dns_server_tcp_port.getText().strip()
default_auth_dns_server_ip = section_content_xml[
0].default_auth_dns_server_ip.getText().strip()
default_auth_dns_server_port = section_content_xml[
0].default_auth_dns_server_port.getText().strip()
dns_server_recv_bytes_size = section_content_xml[
0].dns_server_recv_bytes_size.getText().strip()
dns_auth_server_recv_bytes_size = section_content_xml[
0].dns_auth_server_recv_bytes_size.getText().strip()
dns_server_log_debug_on_console = section_content_xml[
0].dns_server_log_debug_on_console.getText().strip()
dns_cache_size = section_content_xml[0].dns_cache_size.getText().strip(
)
dns_cache_ttl = section_content_xml[0].dns_cache_ttl.getText().strip()
category_match_type = section_content_xml[
0].category_match_type.getText().strip()
return SetupConfigDataHolder(
dns_server_udp_ip=dns_server_udp_ip,
dns_server_udp_port=dns_server_udp_port,
dns_server_tcp_ip=dns_server_tcp_ip,
dns_server_tcp_port=dns_server_tcp_port,
default_auth_dns_server_ip=default_auth_dns_server_ip,
default_auth_dns_server_port=default_auth_dns_server_port,
dns_server_recv_bytes_size=dns_server_recv_bytes_size,
dns_auth_server_recv_bytes_size=dns_auth_server_recv_bytes_size,
dns_server_log_debug_on_console=dns_server_log_debug_on_console,
dns_cache_size=dns_cache_size,
dns_cache_ttl=dns_cache_ttl,
category_match_type=category_match_type)
def process_blocked_section(self):
blocked = 'blocked'
section_blocked_xml = self.bs4_parsed_xml_content.find_all(blocked)
logger.debug(f"Processing [Section: {blocked}] Data:")
logger.debug(section_blocked_xml)
block_policy_name = section_blocked_xml[0].block_policy_name.getText(
).strip()
block_policy_description = section_blocked_xml[
0].block_policy_description.getText().strip()
block_policy_regex_pattern = section_blocked_xml[
0].block_policy_regex_pattern.getText().strip()
block_policy_webcategory_list = section_blocked_xml[
0].block_policy_webcategory_list.getText().strip()
return BlockedDataHolder(
block_policy_name=block_policy_name,
block_policy_description=block_policy_description,
block_policy_regex_pattern=block_policy_regex_pattern,
block_policy_webcategory_list=block_policy_webcategory_list)
def process_allowed_section(self):
allowed = 'allowed'
section_allowed_xml = self.bs4_parsed_xml_content.find_all(allowed)
logger.debug(f"Processing [Section: {allowed}] Data:")
logger.debug(section_allowed_xml)
allow_policy_name = section_allowed_xml[0].allow_policy_name.getText(
).strip()
allow_policy_description = section_allowed_xml[
0].allow_policy_description.getText().strip()
allow_policy_regex_pattern = section_allowed_xml[
0].allow_policy_regex_pattern.getText().strip()
allow_policy_webcategory_list = section_allowed_xml[
0].allow_policy_webcategory_list.getText().strip()
return AllowedDataHolder(
allow_policy_name=allow_policy_name,
allow_policy_description=allow_policy_description,
allow_policy_regex_pattern=allow_policy_regex_pattern,
allow_policy_webcategory_list=allow_policy_webcategory_list)
def handle_client(self, dns_request, client_address):
logger.debug(
f"Dns Request Received from "
f"[Client:{client_address}], "
f"By [Server:{self.DNS_SERVER_UDP_SOCKET.getsockname()}], "
f"[Data:{str(dns_request)}] ")
client_data_holder = ClientDataHolder(
client_ip_address=client_address[0],
client_socket_address=client_address,
raw_dns_request=dns_request)
client_data_holder.dns_start_time = fetch_current_unix_time()
dns_handler = DnsHandler()
client_data_holder = dns_handler.process(
client_data_holder=client_data_holder) # Send it To the Processor
self.send_response_to_client(
client_address, client_data_holder.raw_dns_response,
f"CLIENT-{client_data_holder.policy_status}")
client_data_holder.dns_end_time = fetch_current_unix_time()
dns_process_time = (client_data_holder.dns_end_time -
client_data_holder.dns_start_time) * 1000
logger.debug(f"[Process: Dns Request Handled] took "
f"[Raw: {dns_process_time} millis] "
f"[Round: {round(dns_process_time, 3)} millis]")
client_data_holder.dns_process_time = round(dns_process_time, 3)
logger.debug(client_data_holder)
self.dns_handler.insert_to_access_db(
client_data_holder=client_data_holder)
def handle_client(self, dns_request, client_address):
logger.debug(f"Dns Request Received from "
f"[Client:{client_address}], "
f"By [Server:{self.DNS_SERVER_UDP_SOCKET}], "
f"[Data:{str(dns_request)}] ")
self.client_data_holder = ClientDataHolder(
client_ip_address=client_address[0],
client_socket_address=client_address,
raw_dns_request=dns_request)
#self.client_data_holder.client_mac_address = self.get_mac(client_ip=client_address[0]) # Added to Get the Actual name of the query [Very Slow Function Do Not Use]
self.client_data_holder.requested_domain_extracted = self.domain_name_extracted # Added to Get the Actual name of the query
self.client_data_holder.dns_start_time = fetch_current_unix_time()
self.client_data_holder = DnsHandler().process(
client_data_holder=self.client_data_holder
) # Send it To the Processor
self.send_response_to_client(
client_address, self.client_data_holder.raw_dns_response,
f"CLIENT-{self.client_data_holder.policy_status}")
self.client_data_holder.dns_end_time = fetch_current_unix_time()
dns_process_time = (self.client_data_holder.dns_end_time -
self.client_data_holder.dns_start_time) * 1000
logger.debug(f"[Process: Dns Request Handled] took "
f"[Raw: {dns_process_time} millis] "
f"[Round: {round(dns_process_time, 3)} millis]")
self.client_data_holder.dns_process_time = round(dns_process_time, 3)
logger.debug(self.client_data_holder)
def validate_and_dns_name_setup(self, dns_request, client_address):
logger.debug(f"[Process : Validate & Dns Name Setup]") ## Debugging
validation_result = False
validation_info = "Improper/Forged Dns Request"
custom_parsed_dns_response = None
try:
parsed_dns_request = DNSRecord.parse(dns_request)
req_dns_name = str(parsed_dns_request.questions[0].qname)
req_dns_type = int(parsed_dns_request.questions[0].qtype)
if req_dns_name in self.dns_name.keys():
dns_name_to_set = self.dns_name[req_dns_name]
logger.debug(f"IP ADDR LIST: {dns_name_to_set.split(',')}")
custom_parsed_dns_response = DnsBuilder.create_dns_response(
parsed_dns_request=parsed_dns_request,
req_dns_name=req_dns_name,
req_dns_type=req_dns_type,
ip_address_list=dns_name_to_set.split(","))
validation_info = ""
else:
validation_result = True
validation_info = ""
self.domain_name_extractor(
requested_domain_name=req_dns_name,
requested_domain_name_type=req_dns_type
) #Extract Proper Info From the Dns Requested Domain
except (dnslib.buffer.BufferError,
dnslib.dns.DNSError) as dns_parsing_error:
logger.error(
f"[Process: Validation By using parse()] "
f"[Error: DnsRecord.parse() Exception, Data Received is INCORRECT, "
f"Exception: [{dns_parsing_error}]",
exc_info=True)
# Enable StackTrace in Logs
validation_info = validation_info + f", Exception: [{dns_parsing_error}]"
except Exception as all_exception:
logger.error(
f"[Process: Validation By using parse()] "
f"[Error: Unknown Exception] "
f"Exception: [{all_exception}]",
exc_info=True)
# Enable StackTrace in Logs
validation_info = validation_info + f", Exception: [{all_exception}]"
finally:
if validation_result:
logger.debug(
f"Process Complete Validation INFO: [{validation_info}, {custom_parsed_dns_response}]"
)
return validation_result
else:
if validation_info == "":
self.send_response_to_client(
client_address=client_address,
raw_dns_response=DNSRecord.pack(
custom_parsed_dns_response),
status_tag=validation_info)
return None
def fetch_from_auth_dns_server(self):
setup_config_data_holder = DNS_SERVER_CONFIG_DATA_HOLDER.setup_config_data_holder
raw_dns_response = None
if not self.client_data_holder.auth_server_ip_address:
from_auth_dns_server = (
setup_config_data_holder.default_auth_dns_server_ip,
int(setup_config_data_holder.default_auth_dns_server_port))
dns_auth_server_recv_bytes_size = setup_config_data_holder.dns_auth_server_recv_bytes_size
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.settimeout(2)
# Set Time Out To 2 Seconds
sock.sendto(self.client_data_holder.raw_dns_request,
from_auth_dns_server)
logger.debug(f"[Process: Making UDP Conn to Remote Auth Server], "
f"Client Local Socket: [{sock}], "
f"Remote Socket: [{from_auth_dns_server}]"
f"[Socket Time Out: [{sock.gettimeout()}]]")
raw_dns_response, server_address = sock.recvfrom(
int(dns_auth_server_recv_bytes_size))
except socket.timeout as socket_timeout:
logger.debug(
f"[Process: Socket TimedOut while fetching dns answer, Reason: [{socket_timeout}]], "
f"[Do Not Cache This], [Sending the Same DnsRequest back To Client]"
)
# Need to Change This
self.client_data_holder.dns_auth_server_timedout = True
raw_dns_response = self.client_data_holder.raw_dns_request
finally:
sock.close()
## Need some changes [CHECK THIS] [Add More Dns if one fails]
logger.debug(
f"[Process: Fetching From Auth Server], Key: [{self.client_data_holder.unique_key}], Value: [{raw_dns_response}]"
)
self.client_data_holder.raw_dns_response = raw_dns_response
def process(self, client_data_holder):
self.client_data_holder = client_data_holder
self.generate_parsed_dns_request()
self.process_dns_request()
PolicyHandler.process_policy_check_for_dns_request(
client_data_holder=client_data_holder
) # Request Filter set the query value to to ALLOW or BLOCK
if client_data_holder.policy_status.split(":")[0] == "BLOCK":
self.cache_check()
# Check in Cache [Later change that it also return True or False]
if client_data_holder.cache_status:
self.fetch_from_cache(
) # Get From Cache [It Returns Raw Dns Response]
return client_data_holder
# now it can be send therefore return it
else:
custom_parsed_dns_reponse = DnsBuilder.create_dns_response(
parsed_dns_request=client_data_holder.parsed_dns_request,
req_dns_name=client_data_holder.requested_domain,
req_dns_type=client_data_holder.requested_query_type
) # Create a Block Response
client_data_holder.parsed_dns_response = custom_parsed_dns_reponse
self.dns_response_for_sending()
return client_data_holder
#self.cache_check_and_fetch()
self.cache_check()
# Getting the Raw Dns Response [From Cache ] OR [ From Auth Server]
if self.client_data_holder.cache_status:
self.fetch_from_cache()
else:
self.fetch_from_auth_dns_server()
if client_data_holder.raw_dns_response:
self.generate_parsed_dns_response()
else:
logger.error(
f"[Reason: Cache OR Auth Server Had some Issue and return None "
f"-> [{client_data_holder.raw_dns_response}], "
f"[Temp Solution: Return Raw Dns Request as Raw Dns Response")
client_data_holder.raw_dns_response = client_data_holder.raw_dns_request
self.process_dns_response()
PolicyHandler.process_policy_check_for_dns_response(
client_data_holder=client_data_holder) # Response Filter
## Left To Implement Response Filter if BLOCKED
if not client_data_holder.cache_status and not client_data_holder.dns_auth_server_timedout:
logger.debug(
f"[Process: Adding Data To Cache], "
f"Key: [{client_data_holder.unique_key}], "
f"Value: [{client_data_holder.raw_dns_response}], "
f"Cache Details: [{web_category_cache.show_cache()}], "
f"[Socket TimeOut: [{client_data_holder.dns_auth_server_timedout}]] "
)
web_category_cache.add_to_cache(
client_data_holder.unique_key,
client_data_holder.raw_dns_response)
else:
logger.debug(
f"[Process: Don't Add it To Cache], Cache Status: [{client_data_holder.cache_status}] "
f"Key: [{client_data_holder.unique_key}], "
f"Value: [{client_data_holder.raw_dns_response}], "
f"Cache Details: [{web_category_cache.show_cache()}], "
f"[Socket TimeOut: [{client_data_holder.dns_auth_server_timedout}]] "
)
self.dns_response_for_sending()
return client_data_holder
def send_response_to_client(self, client_address, dns_data, status_tag):
logger.debug(
f"[Reason:{status_tag}] Sending Response To [Client:{client_address}], By [Server:{self.DNS_SERVER_UDP_SOCKET.getsockname()}], [Data:{str(dns_data)}] "
)
self.DNS_SERVER_UDP_SOCKET.sendto(dns_data, client_address)
def show_cache(self):
logger.debug(f"[Process: Show Cache], "
f"CurrentCacheSize: [{self.cache.currsize}], "
f"[MaxCacheSize: {self.cache.maxsize}], "
f"[CacheTTL: {self.cache.ttl}], "
f"[CacheTimer: {self.cache.timer}]")
def generate_parsed_dns_request(self):
self.client_data_holder.parsed_dns_request = DNSRecord.parse(
self.client_data_holder.raw_dns_request)
logger.debug(
f"Parsed Dns Request [RAW] to Dns Object [Dnslib]: \n{self.client_data_holder.parsed_dns_request.toZone()}\n\n"
)
def get_dns_server_config_data_holder(config_file=None):
if config_file:
logger.debug(f"[IF] Config_File Provided: [{config_file}]")
else:
config_file = DnsServerStaticData.DNS_CONFIG_FILE_TEST
logger.debug(
f"[ELSE] Config_File is None, Therefore Set Config_File To: [{config_file}]"
)
config_parser = ConfigParser(config_file)
dns_server_config_data_holder = DnsServerConfigDataHolder()
for one_config_section in ConfigParser.CONFIG_SECTION:
if one_config_section == "setup_config":
logger.debug(f"Processing [Section: {one_config_section}]")
setup_config_data_holder = config_parser.process_setup_config_section(
)
logger.debug("[Holder: SetupConfigDataHolder] Data:")
logger.debug(setup_config_data_holder)
dns_server_config_data_holder.setup_config_data_holder = setup_config_data_holder
elif one_config_section == "blocked":
logger.debug(f"Processing [Section: {one_config_section}]")
blocked_data_holder = config_parser.process_blocked_section()
logger.debug("[Holder: BlockedDataHolder] Data:")
logger.debug(blocked_data_holder)
dns_server_config_data_holder.blocked_data_holder = blocked_data_holder
elif one_config_section == "allowed":
logger.debug(f"Processing [Section: {one_config_section}]")
allowed_data_holder = config_parser.process_allowed_section()
logger.debug("[Holder: AllowedDataHolder] Data:")
logger.debug(allowed_data_holder)
dns_server_config_data_holder.allowed_data_holder = allowed_data_holder
else:
logger.debug(
f"[Reason: Implementation Remaining] NOT Processing [Section: {one_config_section}]"
)
return dns_server_config_data_holder
def process_block_policy(
client_data_holder,
dns_server_config_data_holder,
):
status = {"block_status": True, "block_type": "Regex"}
#blocked_data_holder: BlockedDataHolder = dns_server_config_data_holder.blocked_data_holder # Good Way for Type Check
blocked_data_holder = dns_server_config_data_holder.blocked_data_holder
blocked_regex = blocked_data_holder.block_policy_regex_pattern
blocked_webcategory_list = blocked_data_holder.block_policy_webcategory_list.split(
',')
logger.debug(
f"block_regex: [{blocked_regex}], block_webcategory_list: [{blocked_webcategory_list}] "
)
# No pattern in BLOCK & No Category Specified, Block ALL, can create problems, But Whitelist [Regex, WebCategory] needs to be Maintained properly then
if blocked_regex.pattern.strip() == '' and not blocked_webcategory_list:
status["block_status"] = True
status["block_type"] = "Regex"
logger.debug(
f"MATCHED[ALL], BLOCK[ALL], Since EMPTY/SPACE, blocked_regex: [{blocked_regex}], Status: [{status}], block_webcategory_list: [{blocked_webcategory_list}] "
)
return status
if blocked_regex.search(client_data_holder.requested_domain_extracted
): # Using Function: search() later changed
status["block_status"] = True
status["block_type"] = "Regex"
logger.debug(
f"Matched[BLOCKED:{status}], With RequestDomainExtracted:[{client_data_holder.requested_domain_extracted}]"
)
else:
status["block_status"] = False
status["block_type"] = "No-Regex-Match"
logger.debug(
f"NOT Matched[BLOCKED:{status}], With RequestDomainExtracted:[{client_data_holder.requested_domain_extracted}]"
)
if client_data_holder.web_category_list:
logger.debug(
f"[Process: Checking With Category], Client_WebCategoryList:[{client_data_holder.web_category_list}]"
)
if client_data_holder.web_category_list == list:
webcategory_list = client_data_holder.web_category_list
else:
webcategory_list = client_data_holder.web_category_list.split(
',')
if bool(
set(webcategory_list).intersection(
blocked_webcategory_list)):
status["block_status"] = True
status["block_type"] = "WebCategory"
logger.debug(
f"Matched[BLOCKED:{status}]: block_webcategory_list:[{blocked_webcategory_list}] With Client_WebCategoryList:[{webcategory_list}]"
)
else:
logger.debug(
f"NOT Matched[BLOCKED:{status}]: block_webcategory_list:[{blocked_webcategory_list}] With Client_WebCategoryList:[{webcategory_list}]"
)
else:
logger.debug(
f"[Process: Category Is Empty], Client_WebCategoryList:[{client_data_holder.web_category_list}]"
)
return status
def generate_key(self, q_name, q_type):
key = q_name + "_" + q_type
logger.debug(
f"[Process: Generating Partial Key Before Policy Results], Unique_Key: [{key}] "
)
return key
def process_allow_policy(client_data_holder, dns_server_config_data_holder):
status = {"allow_status": True, "allow_type": "Regex"}
# Process Allowed Section
#allowed_data_holder: BlockedDataHolder = dns_server_config_data_holder.allowed_data_holder
allowed_data_holder = dns_server_config_data_holder.allowed_data_holder
allowed_regex = allowed_data_holder.allow_policy_regex_pattern
allowed_webcategory_list = allowed_data_holder.allow_policy_webcategory_list.split(
',')
logger.debug(
f"allowed_regex: [{allowed_regex}], allowed_webcategory_list: [{allowed_webcategory_list}] "
)
# No pattern in ALLOW Does not work to allow all
if allowed_regex.pattern.strip() == '' and not allowed_webcategory_list:
status["allow_status"] = False
status["allow_type"] = "Regex"
logger.debug(
f"MATCHED[ALL], BLOCK[ALL], Since EMPTY/SPACE, blocked_regex: [{allowed_regex}], Status: [{status}], block_webcategory_list: [{allowed_webcategory_list}] "
)
return status
if allowed_regex.search(client_data_holder.requested_domain_extracted
): # Using search later changed
status["allow_status"] = True
status["allow_type"] = "Regex"
logger.debug(
f"Matched[ALLOWED:{status}], Regex:[{allowed_regex}] With RequestDomainExtracted:[{client_data_holder.requested_domain_extracted}]"
)
else:
status["allow_status"] = False
status["allow_type"] = "No-Regex-Match"
logger.debug(
f"NOT Matched[ALLOWED:{status}], Regex:[{allowed_regex}] With RequestDomainExtracted:[{client_data_holder.requested_domain_extracted}]"
)
if client_data_holder.web_category_list:
logger.debug(
f"[Process: Checking With Category], Client_WebCategoryList:[{client_data_holder.web_category_list}]"
)
if client_data_holder.web_category_list == list:
webcategory_list = client_data_holder.web_category_list
else:
webcategory_list = client_data_holder.web_category_list.split(
',')
if bool(
set(webcategory_list).intersection(
allowed_webcategory_list)):
status["allow_status"] = True
status["allow_type"] = "WebCategory"
logger.debug(
f"Matched[ALLOWED:{status}]: allowed_webcategory_list:[{allowed_webcategory_list}] With Client_WebCategoryList:[{webcategory_list}]"
)
else:
logger.debug(
f"NOT Matched[BLOCKED:{status}]: allowed_webcategory_list:[{allowed_webcategory_list}] With Client_WebCategoryList:[{webcategory_list}]"
)
else:
logger.debug(
f"[Process: Category Is Empty], Client_WebCategoryList:[{client_data_holder.web_category_list}]"
)
return status
