def parseHeader(self,l1,l2):
_,_,_,opcode,_,status,_,_id = l1.split()
_,flags,_ = l2.split(';')
header = DNSHeader(id=int(_id),bitmap=0)
header.opcode = getattr(QR,opcode.rstrip(','))
header.rcode = getattr(RCODE,status.rstrip(','))
for f in ('qr','aa','tc','rd','ra'):
if f in flags:
setattr(header,f,1)
return header
def smart_route_dns_query(self):
xlog.info("Start testing SmartRouter DNS Query")
domain = "appsec.hicloud.com"
d = DNSRecord(DNSHeader(123))
d.add_question(DNSQuestion(domain, 1))
req4_pack = d.pack()
for port in [8053, 53]:
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(req4_pack, ("127.0.0.1", port))
sock.settimeout(5)
try:
response, server = sock.recvfrom(8192)
except Exception as e:
xlog.warn("recv fail for port:%s e:%r", port, e)
continue
p = DNSRecord.parse(response)
for r in p.rr:
ip = utils.to_bytes(str(r.rdata))
xlog.info("IP:%s" % ip)
self.assertEqual(utils.check_ip_valid(ip), True)
xlog.info("Finished testing SmartRouter DNS Query")
return
def gen_packet(self, p_id, qname, rcode, ttl, q_type, rdata):
header = DNSHeader(id=p_id, qr=1, ra=1, aa=1, bitmap=rcode)
packet = DNSRecord(header)
packet.add_question(DNSQuestion(qname))
packet.add_answer(
*RR.fromZone("{} {} {} {}".format(qname, ttl, q_type, rdata)))
return packet
def query(self, c_id, m_addr):
header = DNSHeader(qr=0, aa=1, ra=1)
transfer_packet = DNSRecord(header)
transfer_packet.add_question(DNSQuestion(c_id))
response = transfer_packet.send(dest=m_addr, port=10053)
ans = DNSRecord.parse(response)
rcode, rdata = ans.header.rcode, str(ans.a.rdata)
return rcode, rdata
def gen_packet(self, p_id, qname, rcode, q_typeid, rdata):
header = DNSHeader(id=p_id, qr=1, ra=1, aa=1, bitmap=rcode)
packet = DNSRecord(header)
packet.add_question(DNSQuestion(qname))
if rcode == 0: #NOERROR
packet.add_answer(
RR.fromZone("{} {} {} {}".format(name, answer_data.a.ttl,
q_typeid, str(rdata))))
return packet
else:
return packet
def smart_route_dns_query(self):
xlog.info("Start testing SmartRouter DNS Query")
domain = "appsec.hicloud.com"
d = DNSRecord(DNSHeader(123))
d.add_question(DNSQuestion(domain, 1))
req4_pack = d.pack()
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(req4_pack, ("127.0.0.1", 53))
sock.sendto(req4_pack, ("127.0.0.1", 8053))
response, server = sock.recvfrom(8192)
p = DNSRecord.parse(response)
for r in p.rr:
ip = utils.to_bytes(str(r.rdata))
xlog.info("IP:%s" % ip)
self.assertEqual(utils.check_ip_valid(ip), True)
xlog.info("Finished testing SmartRouter DNS Query")
def pan_dig(domain):
import argparse, sys, time
p = argparse.ArgumentParser(description="DNS Client")
p.add_argument(
"--server",
"-s",
default="8.8.8.8",
metavar="<address:port>",
help="Server address:port (default:8.8.8.8:53) (port is optional)")
p.add_argument("--query",
action='store_true',
default=False,
help="Show query (default: False)")
p.add_argument("--hex",
action='store_true',
default=False,
help="Dump packet in hex (default: False)")
p.add_argument("--tcp",
action='store_true',
default=True,
help="Use TCP (default: UDP)")
p.add_argument(
"--noretry",
action='store_true',
default=False,
help="Don't retry query using TCP if truncated (default: false)")
p.add_argument(
"--diff",
default="",
help=
"Compare response from alternate nameserver (format: address:port / default: false)"
)
p.add_argument(
"--dig",
action='store_true',
default=False,
help=
"Compare result with DiG - if ---diff also specified use alternative nameserver for DiG request (default: false)"
)
p.add_argument("--short",
action='store_true',
default=True,
help="Short output - rdata only (default: false)")
p.add_argument("--debug",
action='store_true',
default=False,
help="Drop into CLI after request (default: false)")
p.add_argument("domain", metavar="<domain>", help="Query domain")
p.add_argument("qtype",
metavar="<type>",
default="A",
nargs="?",
help="Query type (default: A)")
args = p.parse_args(['--tcp', '--short', domain])
# Construct request
q = DNSRecord(q=DNSQuestion(args.domain, getattr(QTYPE, args.qtype)))
address, _, port = args.server.partition(':')
port = int(port or 53)
if args.query:
print(";; Sending%s:" % (" (TCP)" if args.tcp else ""))
if args.hex:
print(";; QUERY:", binascii.hexlify(q.pack()).decode())
print(q)
print()
a_pkt = q.send(address, port, tcp=args.tcp)
a = DNSRecord.parse(a_pkt)
if a.header.tc and args.noretry == False:
# Truncated - retry in TCP mode
a_pkt = q.send(address, port, tcp=True)
a = DNSRecord.parse(a_pkt)
if args.dig or args.diff:
if args.diff:
address, _, port = args.diff.partition(':')
port = int(port or 53)
if args.dig:
dig = getoutput("dig +qr -p %d %s %s @%s" %
(port, args.domain, args.qtype, address))
dig_reply = list(iter(DigParser(dig)))
# DiG might have retried in TCP mode so get last q/a
q_diff = dig_reply[-2]
a_diff = dig_reply[-1]
else:
q_diff = DNSRecord(header=DNSHeader(id=q.header.id),
q=DNSQuestion(args.domain,
getattr(QTYPE, args.qtype)))
q_diff = q
diff = q_diff.send(address, port, tcp=args.tcp)
a_diff = DNSRecord.parse(diff)
if a_diff.header.tc and args.noretry == False:
diff = q_diff.send(address, port, tcp=True)
a_diff = DNSRecord.parse(diff)
if args.short:
return a.short()
else:
print(";; Got answer:")
if args.hex:
print(";; RESPONSE:", binascii.hexlify(a_pkt).decode())
if args.diff and not args.dig:
print(";; DIFF :", binascii.hexlify(diff).decode())
print(a)
print()
if args.dig or args.diff:
if q != q_diff:
print(";;; ERROR: Diff Question differs")
for (d1, d2) in q.diff(q_diff):
if d1:
print(";; - %s" % d1)
if d2:
print(";; + %s" % d2)
if a != a_diff:
print(";;; ERROR: Diff Response differs")
for (d1, d2) in a.diff(a_diff):
if d1:
print(";; - %s" % d1)
if d2:
print(";; + %s" % d2)
if args.debug:
code.interact(local=locals())
return None
a = DNSRecord.parse(a_pkt)
if args.dig or args.diff:
if args.diff:
address, _, port = args.diff.partition(':')
port = int(port or 53)
if args.dig:
dig = getoutput("dig +qr -p %d %s %s @%s" %
(port, args.domain, args.qtype, address))
dig_reply = list(iter(DigParser(dig)))
# DiG might have retried in TCP mode so get last q/a
q_diff = dig_reply[-2]
a_diff = dig_reply[-1]
else:
q_diff = DNSRecord(header=DNSHeader(id=q.header.id),
q=DNSQuestion(args.domain,
getattr(QTYPE, args.qtype)))
q_diff = q
diff = q_diff.send(address, port, tcp=args.tcp)
a_diff = DNSRecord.parse(diff)
if a_diff.header.tc and args.noretry == False:
diff = q_diff.send(address, port, tcp=True)
a_diff = DNSRecord.parse(diff)
if args.short:
print(a.short())
else:
print(";; Got answer:")
if args.hex:
print(";; RESPONSE:", binascii.hexlify(a_pkt).decode())
def gen_error(self, p_id, qname, q_type, rcode):
header = DNSHeader(id=p_id, qr=1, ra=1, aa=1, bitmap=rcode)
packet = DNSRecord(header)
packet.add_question(DNSQuestion(qname))
return packet
def query(self, c_id, m_addr):
header = DNSHeader(qr=0, aa=1, ra=1)
transfer_packet = DNSRecord(header)
transfer_packet.add_question(DNSQuestion(c_id))
response = transfer_packet.send(dest=m_addr, port=10053)
return response