From b53f74c8b6b4f8e380131586228b6188d0339b00 Mon Sep 17 00:00:00 2001 From: J-Run Date: Mon, 27 Jun 2022 22:18:08 +0300 Subject: [PATCH 1/2] Dirty imp for CSUBNET field logging Log client subnet addr from optional CSUBNET query field --- dnschef.py | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/dnschef.py b/dnschef.py index c57924d..73bfb54 100755 --- a/dnschef.py +++ b/dnschef.py @@ -123,7 +123,26 @@ def parse(self, data): # Create a custom response to the query response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap, qr=1, aa=1, ra=1), q=d.q) - +#============================================== + for rdata in d.ar[0].rdata: + if rdata.code == 8: + # for m in rdata.data: + # print(m) + # print("========") + + netmask = rdata.data[2] + # print(netmask) + client_subnet = "" + for i in range(4, len(rdata.data)): + client_subnet += str(rdata.data[i]) + if i < len(rdata.data) - 1: + client_subnet += "." + + # print(client_subnet) + log.info(f"{self.client_address[0]} [{client_subnet}/{netmask}]: cooking the response of type '{qtype}' for {qname} to {fake_record}") + # log.info(f"{rdata.data}") + +#================================================= log.info(f"{self.client_address[0]}: cooking the response of type '{qtype}' for {qname} to {fake_record}") # IPv6 needs additional work before inclusion: From fd5adba443c77b1f87cce2ab99b11e03b181160c Mon Sep 17 00:00:00 2001 From: J-Run Date: Tue, 28 Jun 2022 14:51:54 +0300 Subject: [PATCH 2/2] add --csubnet param --- dnschef.py | 39 +++++++++++++++++++-------------------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/dnschef.py b/dnschef.py index 73bfb54..002343f 100755 --- a/dnschef.py +++ b/dnschef.py @@ -123,28 +123,26 @@ def parse(self, data): # Create a custom response to the query response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap, qr=1, aa=1, ra=1), q=d.q) -#============================================== - for rdata in d.ar[0].rdata: - if rdata.code == 8: - # for m in rdata.data: - # print(m) - # print("========") - - netmask = rdata.data[2] - # print(netmask) - client_subnet = "" - for i in range(4, len(rdata.data)): - client_subnet += str(rdata.data[i]) - if i < len(rdata.data) - 1: - client_subnet += "." - - # print(client_subnet) - log.info(f"{self.client_address[0]} [{client_subnet}/{netmask}]: cooking the response of type '{qtype}' for {qname} to {fake_record}") - # log.info(f"{rdata.data}") - -#================================================= + + if options.csubnet: + if len(d.ar): + for rdata in d.ar[0].rdata: + if rdata.code == 8: + netmask = rdata.data[2] + client_subnet = "" + for i in range(4, len(rdata.data)): + client_subnet += str(rdata.data[i]) + if i < len(rdata.data) - 1: + client_subnet += "." + for m in range(i, 7): + client_subnet += ".0" + log.info(f"{self.client_address[0]} [{client_subnet}/{netmask}]: cooking the response of type '{qtype}' for {qname} to {fake_record}") + log.info(f"{self.client_address[0]}: cooking the response of type '{qtype}' for {qname} to {fake_record}") + + + # IPv6 needs additional work before inclusion: if qtype == "AAAA": ipv6_hex_tuple = list(map(int, ip_address(fake_record).packed)) @@ -492,6 +490,7 @@ def start_cooking(interface, nametodns, nameservers, tcp=False, ipv6=False, port rungroup.add_argument("-6","--ipv6", action="store_true", default=False, help="Run in IPv6 mode.") rungroup.add_argument("-p","--port", metavar="53", default="53", help='Port number to listen for DNS requests.') rungroup.add_argument("-q", "--quiet", action="store_false", dest="verbose", default=True, help="Don't show headers.") + rungroup.add_argument("--csubnet", action="store_true", default=False, help="Log CSUBNET addr.") options = parser.parse_args()