]>
Commit | Line | Data |
---|---|---|
12c86877 | 1 | /* |
12471842 PL |
2 | * This file is part of PowerDNS or dnsdist. |
3 | * Copyright -- PowerDNS.COM B.V. and its contributors | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of version 2 of the GNU General Public License as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * In addition, for the avoidance of any doubt, permission is granted to | |
10 | * link this program with OpenSSL and to (re)distribute the binaries | |
11 | * produced as the result of such linking. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, | |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with this program; if not, write to the Free Software | |
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
21 | */ | |
12c86877 BH |
22 | #ifndef PDNS_DNSPROXY |
23 | #define PDNS_DNSPROXY | |
24 | #include <pthread.h> | |
25 | #include <map> | |
76473b92 KM |
26 | #include <sys/socket.h> |
27 | #include <netinet/in.h> | |
28 | #include <arpa/inet.h> | |
12c86877 BH |
29 | #include "dnspacket.hh" |
30 | #include "lock.hh" | |
31 | #include "iputils.hh" | |
32 | ||
10f4eea8 | 33 | #include "namespaces.hh" |
12c86877 BH |
34 | |
35 | /** | |
36 | ||
37 | how will this work. | |
38 | ||
39 | This is a thread that just throws packets around. Should handle ~1000 packets/second. | |
40 | ||
41 | Consists of a thread receiving packets back from the backend and retransmitting them to the original client. | |
42 | ||
43 | Furthermore, it provides a member function that reports the packet to the connection tracker and actually sends it out. | |
44 | ||
45 | The sending happens from a source port that is determined by the constructor, but IS random. Furthermore, the ID is XOR-ed with a random value | |
46 | to make sure outside parties can't spoof us. | |
47 | ||
48 | To fix: how to remove the stale entries that will surely accumulate | |
49 | */ | |
50 | ||
51 | class DNSProxy | |
52 | { | |
53 | public: | |
54 | DNSProxy(const string &ip); //!< creates socket | |
732d9faa | 55 | ~DNSProxy(); //<! dtor for DNSProxy |
12c86877 | 56 | void go(); //!< launches the actual thread |
0abea1ca | 57 | bool completePacket(DNSPacket *r, const DNSName& target,const DNSName& aname, const uint8_t scopeMask); |
12c86877 BH |
58 | |
59 | void mainloop(); //!< this is the main loop that receives reply packets and sends them out again | |
60 | static void *launchhelper(void *p) | |
61 | { | |
62 | static_cast<DNSProxy *>(p)->mainloop(); | |
63 | return 0; | |
64 | } | |
b636533b | 65 | bool recurseFor(DNSPacket* p); |
12c86877 | 66 | private: |
12c86877 BH |
67 | struct ConntrackEntry |
68 | { | |
12c86877 | 69 | time_t created; |
e04e65fd | 70 | boost::optional<ComboAddress> anyLocal; |
5fca2e23 | 71 | DNSName qname; |
d59b894d | 72 | DNSPacket* complete; |
561434a6 | 73 | DNSName aname; |
0abea1ca | 74 | uint8_t anameScopeMask; |
e04e65fd PL |
75 | ComboAddress remote; |
76 | uint16_t id; | |
77 | uint16_t qtype; | |
78 | int outsock; | |
12c86877 BH |
79 | }; |
80 | ||
81 | typedef map<int,ConntrackEntry> map_t; | |
083109a4 PL |
82 | |
83 | // Data | |
40c9a111 | 84 | ComboAddress d_remote; |
083109a4 PL |
85 | AtomicCounter* d_resanswers; |
86 | AtomicCounter* d_udpanswers; | |
87 | AtomicCounter* d_resquestions; | |
88 | pthread_mutex_t d_lock; | |
12c86877 | 89 | map_t d_conntrack; |
083109a4 PL |
90 | int d_sock; |
91 | int getID_locked(); | |
92 | uint16_t d_xor; | |
12c86877 BH |
93 | }; |
94 | ||
95 | #endif |