Simple DNS answering machine. :param joker: default IPv4 for unresolved domains. Set to False to disable, None to mirror the interface's IP. Defaults to None, unless 'match' is used, then it defaults to False.
(self, joker=None,
match=None,
srvmatch=None,
joker6=False,
send_error=False,
relay=False,
from_ip=True,
from_ip6=False,
src_ip=None,
src_ip6=None,
ttl=10,
jokerarpa=False)
| 1536 | cls = DNS # We also use this automaton for llmnrd / mdnsd |
| 1537 | |
| 1538 | def parse_options(self, joker=None, |
| 1539 | match=None, |
| 1540 | srvmatch=None, |
| 1541 | joker6=False, |
| 1542 | send_error=False, |
| 1543 | relay=False, |
| 1544 | from_ip=True, |
| 1545 | from_ip6=False, |
| 1546 | src_ip=None, |
| 1547 | src_ip6=None, |
| 1548 | ttl=10, |
| 1549 | jokerarpa=False): |
| 1550 | """ |
| 1551 | Simple DNS answering machine. |
| 1552 | |
| 1553 | :param joker: default IPv4 for unresolved domains. |
| 1554 | Set to False to disable, None to mirror the interface's IP. |
| 1555 | Defaults to None, unless 'match' is used, then it defaults to |
| 1556 | False. |
| 1557 | :param joker6: default IPv6 for unresolved domains. |
| 1558 | Set to False to disable, None to mirror the interface's IPv6. |
| 1559 | Defaults to False. |
| 1560 | :param match: queries to match. |
| 1561 | This can be a dictionary of {name: val} where name is a string |
| 1562 | representing a domain name (A, AAAA) and val is a tuple of 2 |
| 1563 | elements, each representing an IP or a list of IPs. If val is |
| 1564 | a single element, (A, None) is assumed. |
| 1565 | This can also be a list or names, in which case joker(6) are |
| 1566 | used as a response. |
| 1567 | :param jokerarpa: answer for .in-addr.arpa PTR requests. (Default: False) |
| 1568 | :param relay: relay unresolved domains to conf.nameservers (Default: False). |
| 1569 | :param send_error: send an error message when this server can't answer |
| 1570 | (Default: False) |
| 1571 | :param srvmatch: a dictionary of {name: (port, target)} used for SRV |
| 1572 | :param from_ip: an source IP to filter. Can contain a netmask. True for all, |
| 1573 | False for none. Default True |
| 1574 | :param from_ip6: an source IPv6 to filter. Can contain a netmask. True for all, |
| 1575 | False for none. Default False |
| 1576 | :param ttl: the DNS time to live (in seconds) |
| 1577 | :param src_ip: override the source IP |
| 1578 | :param src_ip6: |
| 1579 | |
| 1580 | Examples: |
| 1581 | |
| 1582 | - Answer all 'A' and 'AAAA' requests:: |
| 1583 | |
| 1584 | $ sudo iptables -I OUTPUT -p icmp --icmp-type 3/3 -j DROP |
| 1585 | >>> dnsd(joker="192.168.0.2", joker6="fe80::260:8ff:fe52:f9d8", |
| 1586 | ... iface="eth0") |
| 1587 | |
| 1588 | - Answer only 'A' query for google.com with 192.168.0.2:: |
| 1589 | |
| 1590 | >>> dnsd(match={"google.com": "192.168.0.2"}, iface="eth0") |
| 1591 | |
| 1592 | - Answer DNS for a Windows domain controller ('SRV', 'A' and 'AAAA'):: |
| 1593 | |
| 1594 | >>> dnsd( |
| 1595 | ... srvmatch={ |