]>
Commit | Line | Data |
---|---|---|
12c86877 | 1 | /* |
12471842 PL |
2 | * This file is part of PowerDNS or dnsdist. |
3 | * Copyright -- PowerDNS.COM B.V. and its contributors | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of version 2 of the GNU General Public License as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * In addition, for the avoidance of any doubt, permission is granted to | |
10 | * link this program with OpenSSL and to (re)distribute the binaries | |
11 | * produced as the result of such linking. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, | |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with this program; if not, write to the Free Software | |
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
21 | */ | |
e8c59f2d | 22 | #pragma once |
12c86877 | 23 | #include <map> |
76473b92 KM |
24 | #include <sys/socket.h> |
25 | #include <netinet/in.h> | |
26 | #include <arpa/inet.h> | |
12c86877 BH |
27 | #include "dnspacket.hh" |
28 | #include "lock.hh" | |
29 | #include "iputils.hh" | |
30 | ||
10f4eea8 | 31 | #include "namespaces.hh" |
12c86877 BH |
32 | |
33 | /** | |
34 | ||
35 | how will this work. | |
36 | ||
37 | This is a thread that just throws packets around. Should handle ~1000 packets/second. | |
38 | ||
39 | Consists of a thread receiving packets back from the backend and retransmitting them to the original client. | |
40 | ||
c0ebe1da | 41 | Furthermore, it provides a member function that reports the packet to the connection tracker and actually sends it out. |
12c86877 BH |
42 | |
43 | The sending happens from a source port that is determined by the constructor, but IS random. Furthermore, the ID is XOR-ed with a random value | |
44 | to make sure outside parties can't spoof us. | |
45 | ||
46 | To fix: how to remove the stale entries that will surely accumulate | |
47 | */ | |
48 | ||
49 | class DNSProxy | |
50 | { | |
51 | public: | |
b7349b96 | 52 | DNSProxy(const string& remote); //!< creates socket |
732d9faa | 53 | ~DNSProxy(); //<! dtor for DNSProxy |
12c86877 | 54 | void go(); //!< launches the actual thread |
b7349b96 | 55 | bool completePacket(std::unique_ptr<DNSPacket>& reply, const DNSName& target, const DNSName& aname, uint8_t scopeMask); |
12c86877 | 56 | |
c0ebe1da | 57 | void mainloop(); //!< this is the main loop that receives reply packets and sends them out again |
12c86877 | 58 | private: |
12c86877 BH |
59 | struct ConntrackEntry |
60 | { | |
12c86877 | 61 | time_t created; |
e04e65fd | 62 | boost::optional<ComboAddress> anyLocal; |
5fca2e23 | 63 | DNSName qname; |
c2826d2e | 64 | std::unique_ptr<DNSPacket> complete; |
561434a6 | 65 | DNSName aname; |
0abea1ca | 66 | uint8_t anameScopeMask; |
e04e65fd PL |
67 | ComboAddress remote; |
68 | uint16_t id; | |
69 | uint16_t qtype; | |
70 | int outsock; | |
12c86877 BH |
71 | }; |
72 | ||
b7349b96 | 73 | using map_t = map<int, ConntrackEntry>; |
083109a4 PL |
74 | |
75 | // Data | |
40c9a111 | 76 | ComboAddress d_remote; |
083109a4 PL |
77 | AtomicCounter* d_resanswers; |
78 | AtomicCounter* d_udpanswers; | |
79 | AtomicCounter* d_resquestions; | |
3a5f4c09 | 80 | LockGuarded<map_t> d_conntrack; |
083109a4 | 81 | int d_sock; |
3a5f4c09 RG |
82 | const uint16_t d_xor; |
83 | ||
b7349b96 | 84 | static int getID_locked(map_t&); |
12c86877 | 85 | }; |