[thirdparty/pdns.git] / pdns / dnsproxy.hh

/*
    PowerDNS Versatile Database Driven Nameserver
    Copyright (C) 2002  PowerDNS.COM BV

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License version 2
    as published by the Free Software Foundation

    Additionally, the license of this program contains a special
    exception which allows to distribute the program in binary form when
    it is linked against OpenSSL.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/
#ifndef PDNS_DNSPROXY
#define PDNS_DNSPROXY
#include <pthread.h>
#include <map>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include "dnspacket.hh"
#include "lock.hh"
#include "iputils.hh"

#include "namespaces.hh"

/**

how will this work.

This is a thread that just throws packets around. Should handle ~1000 packets/second.

Consists of a thread receiving packets back from the backend and retransmitting them to the original client.

Furthermore, it provides a member function that reports the packet to the connection tracker and actually sends it out. 

The sending happens from a source port that is determined by the constructor, but IS random. Furthermore, the ID is XOR-ed with a random value
to make sure outside parties can't spoof us.

To fix: how to remove the stale entries that will surely accumulate
*/

class DNSProxy
{
public:
  DNSProxy(const string &ip); //!< creates socket
  void go(); //!< launches the actual thread
  void onlyFrom(const string &ips); //!< Only these netmasks are allowed to recurse via us
  bool sendPacket(DNSPacket *p);    //!< send out a packet and make a conntrack entry to we can send back the answer

  void mainloop();                  //!< this is the main loop that receives reply packets and sends them out again
  static void *launchhelper(void *p)
  {
    static_cast<DNSProxy *>(p)->mainloop();
    return 0;
  }
  bool recurseFor(DNSPacket* p);
private:
  NetmaskGroup d_ng;
  int d_sock;
  unsigned int* d_resanswers;
  unsigned int* d_udpanswers;
  unsigned int* d_resquestions;
  pthread_mutex_t d_lock;
  uint16_t d_xor;
  int getID_locked();
  struct ConntrackEntry
  {
    uint16_t id;
    ComboAddress remote;
    int outsock;
    time_t created;
    string qname;
    uint16_t qtype;
  };

  typedef map<int,ConntrackEntry> map_t;
  map_t d_conntrack;
};

#endif
Commit	Line	Data
12c86877 BH	1	/*
	2	PowerDNS Versatile Database Driven Nameserver
	3	Copyright (C) 2002 PowerDNS.COM BV
	4
	5	This program is free software; you can redistribute it and/or modify
22dc646a BH	6	it under the terms of the GNU General Public License version 2
22dc646a BH	7	as published by the Free Software Foundation
f782fe38 MH	8
	9	Additionally, the license of this program contains a special
	10	exception which allows to distribute the program in binary form when
	11	it is linked against OpenSSL.
12c86877 BH	12
	13	This program is distributed in the hope that it will be useful,
	14	but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	GNU General Public License for more details.
	17
	18	You should have received a copy of the GNU General Public License
	19	along with this program; if not, write to the Free Software
06bd9ccf	20	Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
12c86877 BH	21	*/
	22	#ifndef PDNS_DNSPROXY
	23	#define PDNS_DNSPROXY
	24	#include <pthread.h>
	25	#include <map>
76473b92 KM	26	#include <sys/socket.h>
	27	#include <netinet/in.h>
	28	#include <arpa/inet.h>
12c86877 BH	29	#include "dnspacket.hh"
	30	#include "lock.hh"
	31	#include "iputils.hh"
	32
10f4eea8	33	#include "namespaces.hh"
12c86877 BH	34
	35	/**
	36
	37	how will this work.
	38
	39	This is a thread that just throws packets around. Should handle ~1000 packets/second.
	40
	41	Consists of a thread receiving packets back from the backend and retransmitting them to the original client.
	42
	43	Furthermore, it provides a member function that reports the packet to the connection tracker and actually sends it out.
	44
	45	The sending happens from a source port that is determined by the constructor, but IS random. Furthermore, the ID is XOR-ed with a random value
	46	to make sure outside parties can't spoof us.
	47
	48	To fix: how to remove the stale entries that will surely accumulate
	49	*/
	50
	51	class DNSProxy
	52	{
	53	public:
	54	DNSProxy(const string &ip); //!< creates socket
	55	void go(); //!< launches the actual thread
	56	void onlyFrom(const string &ips); //!< Only these netmasks are allowed to recurse via us
	57	bool sendPacket(DNSPacket *p); //!< send out a packet and make a conntrack entry to we can send back the answer
	58
	59	void mainloop(); //!< this is the main loop that receives reply packets and sends them out again
	60	static void launchhelper(void p)
	61	{
	62	static_cast<DNSProxy *>(p)->mainloop();
	63	return 0;
	64	}
b636533b	65	bool recurseFor(DNSPacket* p);
12c86877 BH	66	private:
	67	NetmaskGroup d_ng;
	68	int d_sock;
dee7ba5a BH	69	unsigned int* d_resanswers;
	70	unsigned int* d_udpanswers;
	71	unsigned int* d_resquestions;
12c86877	72	pthread_mutex_t d_lock;
092f210a	73	uint16_t d_xor;
12c86877 BH	74	int getID_locked();
	75	struct ConntrackEntry
	76	{
092f210a	77	uint16_t id;
4d183f84	78	ComboAddress remote;
12c86877 BH	79	int outsock;
12c86877 BH	80	time_t created;
964cf8b3 BH	81	string qname;
964cf8b3 BH	82	uint16_t qtype;
12c86877 BH	83	};
	84
	85	typedef map<int,ConntrackEntry> map_t;
	86	map_t d_conntrack;
	87	};
	88
	89	#endif