vADC Docs

HowTo: Implement a simple DNS resolver using libDNS.rts

by on ‎04-10-2013 08:30 AM - edited on ‎05-13-2016 05:35 AM by PaulWallace (1,582 Views)

This article uses the libDNS.rts trafficscript library as described in libDNS.rts: Interrogating and managing DNS traffic in Stingray.

 

In this example, we intercept DNS requests and respond directly for known A records.

 

The request rule

 

import libDNS.rts as dns;

# Map domain names to lists of IP addresses they should resolve to

$ipAddresses = [

   "dev1.ha.company.internal." => [ "10.1.1.1", "10.2.1.1" ],

   "dev2.ha.company.internal." => [ "10.1.1.2", "10.2.1.2" ]

];

$packet = dns.convertRawDataToObject( request.get(), "udp" );

# Ignore unparsable packets and query responses to avoid

# attacks like the one described in CVE-2004-0789.

if( hash.count( $packet ) == 0 || $packet["qr"] == "1" ) {

   break;

}

$host = $packet["question"]["host"];


if( hash.contains( $ipAddresses, $host )) {

   foreach( $ip in $ipAddresses[$host] ) {

      $packet = dns.addResponse($packet, "answer", $host, $ip, "A", "IN", "60", []);

   }

   $packet["aa"] = "1"; # Make the answer authorative

} else {

   $packet["rcode"] = "0011"; # Set NXDOMAIN error

}

$packet["qr"] = "1"; # Changes the packet to a response

$packet["ra"] = "1"; # Pretend that we support recursion

request.sendResponse( dns.convertObjectToRawData($packet, "udp"));
Contributors