[thirdparty/pdns.git] / pdns / dnsproxy.hh

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#pragma once
#include <map>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include "dnspacket.hh"
#include "lock.hh"
#include "iputils.hh"

#include "namespaces.hh"

/**

how will this work.

This is a thread that just throws packets around. Should handle ~1000 packets/second.

Consists of a thread receiving packets back from the backend and retransmitting them to the original client.

Furthermore, it provides a member function that reports the packet to the connection tracker and actually sends it out.

The sending happens from a source port that is determined by the constructor, but IS random. Furthermore, the ID is XOR-ed with a random value
to make sure outside parties can't spoof us.

To fix: how to remove the stale entries that will surely accumulate
*/

class DNSProxy
{
public:
  DNSProxy(const string& remote); //!< creates socket
  ~DNSProxy(); //<! dtor for DNSProxy
  void go(); //!< launches the actual thread
  bool completePacket(std::unique_ptr<DNSPacket>& reply, const DNSName& target, const DNSName& aname, uint8_t scopeMask);

  void mainloop(); //!< this is the main loop that receives reply packets and sends them out again
private:
  struct ConntrackEntry
  {
    time_t created;
    boost::optional<ComboAddress> anyLocal;
    DNSName qname;
    std::unique_ptr<DNSPacket> complete;
    DNSName aname;
    uint8_t anameScopeMask;
    ComboAddress remote;
    uint16_t id;
    uint16_t qtype;
    int outsock;
  };

  using map_t = map<int, ConntrackEntry>;

  // Data
  ComboAddress d_remote;
  AtomicCounter* d_resanswers;
  AtomicCounter* d_udpanswers;
  AtomicCounter* d_resquestions;
  LockGuarded<map_t> d_conntrack;
  int d_sock;
  const uint16_t d_xor;

  static int getID_locked(map_t&);
};
Commit	Line	Data
12c86877	1	/*
12471842 PL	2	* This file is part of PowerDNS or dnsdist.
	3	* Copyright -- PowerDNS.COM B.V. and its contributors
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of version 2 of the GNU General Public License as
	7	* published by the Free Software Foundation.
	8	*
	9	* In addition, for the avoidance of any doubt, permission is granted to
	10	* link this program with OpenSSL and to (re)distribute the binaries
	11	* produced as the result of such linking.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program; if not, write to the Free Software
	20	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	21	*/
e8c59f2d	22	#pragma once
12c86877	23	#include <map>
76473b92 KM	24	#include <sys/socket.h>
	25	#include <netinet/in.h>
	26	#include <arpa/inet.h>
12c86877 BH	27	#include "dnspacket.hh"
	28	#include "lock.hh"
	29	#include "iputils.hh"
	30
10f4eea8	31	#include "namespaces.hh"
12c86877 BH	32
	33	/**
	34
	35	how will this work.
	36
	37	This is a thread that just throws packets around. Should handle ~1000 packets/second.
	38
	39	Consists of a thread receiving packets back from the backend and retransmitting them to the original client.
	40
c0ebe1da	41	Furthermore, it provides a member function that reports the packet to the connection tracker and actually sends it out.
12c86877 BH	42
	43	The sending happens from a source port that is determined by the constructor, but IS random. Furthermore, the ID is XOR-ed with a random value
	44	to make sure outside parties can't spoof us.
	45
	46	To fix: how to remove the stale entries that will surely accumulate
	47	*/
	48
	49	class DNSProxy
	50	{
	51	public:
b7349b96	52	DNSProxy(const string& remote); //!< creates socket
732d9faa	53	~DNSProxy(); //<! dtor for DNSProxy
12c86877	54	void go(); //!< launches the actual thread
b7349b96	55	bool completePacket(std::unique_ptr<DNSPacket>& reply, const DNSName& target, const DNSName& aname, uint8_t scopeMask);
12c86877	56
c0ebe1da	57	void mainloop(); //!< this is the main loop that receives reply packets and sends them out again
12c86877	58	private:
12c86877 BH	59	struct ConntrackEntry
12c86877 BH	60	{
12c86877	61	time_t created;
e04e65fd	62	boost::optional<ComboAddress> anyLocal;
5fca2e23	63	DNSName qname;
c2826d2e	64	std::unique_ptr<DNSPacket> complete;
561434a6	65	DNSName aname;
0abea1ca	66	uint8_t anameScopeMask;
e04e65fd PL	67	ComboAddress remote;
	68	uint16_t id;
	69	uint16_t qtype;
	70	int outsock;
12c86877 BH	71	};
12c86877 BH	72
b7349b96	73	using map_t = map<int, ConntrackEntry>;
083109a4 PL	74
083109a4 PL	75	// Data
40c9a111	76	ComboAddress d_remote;
083109a4 PL	77	AtomicCounter* d_resanswers;
	78	AtomicCounter* d_udpanswers;
	79	AtomicCounter* d_resquestions;
3a5f4c09	80	LockGuarded<map_t> d_conntrack;
083109a4	81	int d_sock;
3a5f4c09 RG	82	const uint16_t d_xor;
3a5f4c09 RG	83
b7349b96	84	static int getID_locked(map_t&);
12c86877	85	};