pdns/dnsproxy.hh

   1 /*
   2     PowerDNS Versatile Database Driven Nameserver
   3     Copyright (C) 2002  PowerDNS.COM BV
   4
   5     This program is free software; you can redistribute it and/or modify
   6     it under the terms of the GNU General Public License version 2
   7     as published by the Free Software Foundation
   8
   9     Additionally, the license of this program contains a special
  10     exception which allows to distribute the program in binary form when
  11     it is linked against OpenSSL.
  12
  13     This program is distributed in the hope that it will be useful,
  14     but WITHOUT ANY WARRANTY; without even the implied warranty of
  15     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16     GNU General Public License for more details.
  17
  18     You should have received a copy of the GNU General Public License
  19     along with this program; if not, write to the Free Software
  20     Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  21 */
  22 #ifndef PDNS_DNSPROXY
  23 #define PDNS_DNSPROXY
  24 #include <pthread.h>
  25 #include <map>
  26 #include <sys/socket.h>
  27 #include <netinet/in.h>
  28 #include <arpa/inet.h>
  29 #include "dnspacket.hh"
  30 #include "lock.hh"
  31 #include "iputils.hh"
  32
  33 #include "namespaces.hh"
  34
  35 /**
  36
  37 how will this work.
  38
  39 This is a thread that just throws packets around. Should handle ~1000 packets/second.
  40
  41 Consists of a thread receiving packets back from the backend and retransmitting them to the original client.
  42
  43 Furthermore, it provides a member function that reports the packet to the connection tracker and actually sends it out.
  44
  45 The sending happens from a source port that is determined by the constructor, but IS random. Furthermore, the ID is XOR-ed with a random value
  46 to make sure outside parties can't spoof us.
  47
  48 To fix: how to remove the stale entries that will surely accumulate
  49 */
  50
  51 class DNSProxy
  52 {
  53 public:
  54   DNSProxy(const string &ip); //!< creates socket
  55   void go(); //!< launches the actual thread
  56   void onlyFrom(const string &ips); //!< Only these netmasks are allowed to recurse via us
  57   bool sendPacket(DNSPacket *p);    //!< send out a packet and make a conntrack entry to we can send back the answer
  58   bool completePacket(DNSPacket *r, const std::string& target,const std::string& aname);
  59
  60   void mainloop();                  //!< this is the main loop that receives reply packets and sends them out again
  61   static void *launchhelper(void *p)
  62   {
  63     static_cast<DNSProxy *>(p)->mainloop();
  64     return 0;
  65   }
  66   bool recurseFor(DNSPacket* p);
  67 private:
  68   NetmaskGroup d_ng;
  69   int d_sock;
  70   unsigned int* d_resanswers;
  71   unsigned int* d_udpanswers;
  72   unsigned int* d_resquestions;
  73   pthread_mutex_t d_lock;
  74   uint16_t d_xor;
  75   int getID_locked();
  76   struct ConntrackEntry
  77   {
  78     uint16_t id;
  79     ComboAddress remote;
  80     int outsock;
  81     time_t created;
  82     string qname;
  83     uint16_t qtype;
  84     DNSPacket* complete;
  85     string aname;
  86     boost::optional<ComboAddress> anyLocal;
  87   };
  88
  89   typedef map<int,ConntrackEntry> map_t;
  90   map_t d_conntrack;
  91 };
  92
  93 #endif