1*00b67f09SDavid van Moolenbroek#!/usr/bin/perl -w 2*00b67f09SDavid van Moolenbroek# 3*00b67f09SDavid van Moolenbroek# Copyright (C) 2012 Internet Systems Consortium, Inc. ("ISC") 4*00b67f09SDavid van Moolenbroek# 5*00b67f09SDavid van Moolenbroek# Permission to use, copy, modify, and/or distribute this software for any 6*00b67f09SDavid van Moolenbroek# purpose with or without fee is hereby granted, provided that the above 7*00b67f09SDavid van Moolenbroek# copyright notice and this permission notice appear in all copies. 8*00b67f09SDavid van Moolenbroek# 9*00b67f09SDavid van Moolenbroek# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10*00b67f09SDavid van Moolenbroek# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11*00b67f09SDavid van Moolenbroek# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12*00b67f09SDavid van Moolenbroek# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13*00b67f09SDavid van Moolenbroek# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14*00b67f09SDavid van Moolenbroek# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15*00b67f09SDavid van Moolenbroek# PERFORMANCE OF THIS SOFTWARE. 16*00b67f09SDavid van Moolenbroek 17*00b67f09SDavid van Moolenbroek# Id 18*00b67f09SDavid van Moolenbroek 19*00b67f09SDavid van Moolenbroek# 20*00b67f09SDavid van Moolenbroek# Ad hoc name server 21*00b67f09SDavid van Moolenbroek# 22*00b67f09SDavid van Moolenbroek 23*00b67f09SDavid van Moolenbroekuse IO::File; 24*00b67f09SDavid van Moolenbroekuse IO::Socket; 25*00b67f09SDavid van Moolenbroekuse Net::DNS; 26*00b67f09SDavid van Moolenbroekuse Net::DNS::Packet; 27*00b67f09SDavid van Moolenbroek 28*00b67f09SDavid van Moolenbroekmy $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.4", 29*00b67f09SDavid van Moolenbroek LocalPort => 5300, Proto => "udp") or die "$!"; 30*00b67f09SDavid van Moolenbroek 31*00b67f09SDavid van Moolenbroekmy $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; 32*00b67f09SDavid van Moolenbroekprint $pidf "$$\n" or die "cannot write pid file: $!"; 33*00b67f09SDavid van Moolenbroek$pidf->close or die "cannot close pid file: $!"; 34*00b67f09SDavid van Moolenbroeksub rmpid { unlink "ans.pid"; exit 1; }; 35*00b67f09SDavid van Moolenbroek 36*00b67f09SDavid van Moolenbroek$SIG{INT} = \&rmpid; 37*00b67f09SDavid van Moolenbroek$SIG{TERM} = \&rmpid; 38*00b67f09SDavid van Moolenbroek 39*00b67f09SDavid van Moolenbroekfor (;;) { 40*00b67f09SDavid van Moolenbroek $sock->recv($buf, 512); 41*00b67f09SDavid van Moolenbroek 42*00b67f09SDavid van Moolenbroek print "**** request from " , $sock->peerhost, " port ", $sock->peerport, "\n"; 43*00b67f09SDavid van Moolenbroek 44*00b67f09SDavid van Moolenbroek my $packet; 45*00b67f09SDavid van Moolenbroek 46*00b67f09SDavid van Moolenbroek if ($Net::DNS::VERSION > 0.68) { 47*00b67f09SDavid van Moolenbroek $packet = new Net::DNS::Packet(\$buf, 0); 48*00b67f09SDavid van Moolenbroek $@ and die $@; 49*00b67f09SDavid van Moolenbroek } else { 50*00b67f09SDavid van Moolenbroek my $err; 51*00b67f09SDavid van Moolenbroek ($packet, $err) = new Net::DNS::Packet(\$buf, 0); 52*00b67f09SDavid van Moolenbroek $err and die $err; 53*00b67f09SDavid van Moolenbroek } 54*00b67f09SDavid van Moolenbroek 55*00b67f09SDavid van Moolenbroek print "REQUEST:\n"; 56*00b67f09SDavid van Moolenbroek $packet->print; 57*00b67f09SDavid van Moolenbroek 58*00b67f09SDavid van Moolenbroek $packet->header->qr(1); 59*00b67f09SDavid van Moolenbroek 60*00b67f09SDavid van Moolenbroek my @questions = $packet->question; 61*00b67f09SDavid van Moolenbroek my $qname = $questions[0]->qname; 62*00b67f09SDavid van Moolenbroek my $qtype = $questions[0]->qtype; 63*00b67f09SDavid van Moolenbroek 64*00b67f09SDavid van Moolenbroek my $donotrespond = 0; 65*00b67f09SDavid van Moolenbroek 66*00b67f09SDavid van Moolenbroek if ($qname eq "foo.info") { 67*00b67f09SDavid van Moolenbroek $donotrespond = 1; 68*00b67f09SDavid van Moolenbroek } elsif ($qname eq "cname1.example.com") { 69*00b67f09SDavid van Moolenbroek # Data for the "cname + other data / 1" test 70*00b67f09SDavid van Moolenbroek $packet->push("answer", new Net::DNS::RR("cname1.example.com 300 CNAME cname1.example.com")); 71*00b67f09SDavid van Moolenbroek $packet->push("answer", new Net::DNS::RR("cname1.example.com 300 A 1.2.3.4")); 72*00b67f09SDavid van Moolenbroek } elsif ($qname eq "cname2.example.com") { 73*00b67f09SDavid van Moolenbroek # Data for the "cname + other data / 2" test: same RRs in opposite order 74*00b67f09SDavid van Moolenbroek $packet->push("answer", new Net::DNS::RR("cname2.example.com 300 A 1.2.3.4")); 75*00b67f09SDavid van Moolenbroek $packet->push("answer", new Net::DNS::RR("cname2.example.com 300 CNAME cname2.example.com")); 76*00b67f09SDavid van Moolenbroek } elsif ($qname eq "www.example.org" || $qname eq "www.example.net" || 77*00b67f09SDavid van Moolenbroek $qname eq "badcname.example.org" || 78*00b67f09SDavid van Moolenbroek $qname eq "goodcname.example.org" || 79*00b67f09SDavid van Moolenbroek $qname eq "foo.baddname.example.org" || 80*00b67f09SDavid van Moolenbroek $qname eq "foo.gooddname.example.org") { 81*00b67f09SDavid van Moolenbroek # Data for address/alias filtering. 82*00b67f09SDavid van Moolenbroek $packet->header->aa(1); 83*00b67f09SDavid van Moolenbroek if ($qtype eq "A") { 84*00b67f09SDavid van Moolenbroek $packet->push("answer", 85*00b67f09SDavid van Moolenbroek new Net::DNS::RR($qname . 86*00b67f09SDavid van Moolenbroek " 300 A 192.0.2.1")); 87*00b67f09SDavid van Moolenbroek } elsif ($qtype eq "AAAA") { 88*00b67f09SDavid van Moolenbroek $packet->push("answer", 89*00b67f09SDavid van Moolenbroek new Net::DNS::RR($qname . 90*00b67f09SDavid van Moolenbroek " 300 AAAA 2001:db8:beef::1")); 91*00b67f09SDavid van Moolenbroek } 92*00b67f09SDavid van Moolenbroek } elsif ($qname eq "badcname.example.net" || 93*00b67f09SDavid van Moolenbroek $qname eq "goodcname.example.net") { 94*00b67f09SDavid van Moolenbroek # Data for CNAME/DNAME filtering. We need to make one-level 95*00b67f09SDavid van Moolenbroek # delegation to avoid automatic acceptance for subdomain aliases 96*00b67f09SDavid van Moolenbroek $packet->push("authority", new Net::DNS::RR("example.net 300 NS ns.example.net")); 97*00b67f09SDavid van Moolenbroek $packet->push("additional", new Net::DNS::RR("ns.example.net 300 A 10.53.0.3")); 98*00b67f09SDavid van Moolenbroek } elsif ($qname =~ /^nodata\.example\.net$/i) { 99*00b67f09SDavid van Moolenbroek $packet->header->aa(1); 100*00b67f09SDavid van Moolenbroek } elsif ($qname =~ /^nxdomain\.example\.net$/i) { 101*00b67f09SDavid van Moolenbroek $packet->header->aa(1); 102*00b67f09SDavid van Moolenbroek $packet->header->rcode(NXDOMAIN); 103*00b67f09SDavid van Moolenbroek } elsif ($qname =~ /sub\.example\.org/) { 104*00b67f09SDavid van Moolenbroek # Data for CNAME/DNAME filtering. The final answers are 105*00b67f09SDavid van Moolenbroek # expected to be accepted regardless of the filter setting. 106*00b67f09SDavid van Moolenbroek $packet->push("authority", new Net::DNS::RR("sub.example.org 300 NS ns.sub.example.org")); 107*00b67f09SDavid van Moolenbroek $packet->push("additional", new Net::DNS::RR("ns.sub.example.org 300 A 10.53.0.3")); 108*00b67f09SDavid van Moolenbroek } else { 109*00b67f09SDavid van Moolenbroek # Data for the "bogus referrals" test 110*00b67f09SDavid van Moolenbroek $packet->push("authority", new Net::DNS::RR("below.www.example.com 300 NS ns.below.www.example.com")); 111*00b67f09SDavid van Moolenbroek $packet->push("additional", new Net::DNS::RR("ns.below.www.example.com 300 A 10.53.0.3")); 112*00b67f09SDavid van Moolenbroek } 113*00b67f09SDavid van Moolenbroek 114*00b67f09SDavid van Moolenbroek if ($donotrespond == 0) { 115*00b67f09SDavid van Moolenbroek $sock->send($packet->data); 116*00b67f09SDavid van Moolenbroek print "RESPONSE:\n"; 117*00b67f09SDavid van Moolenbroek $packet->print; 118*00b67f09SDavid van Moolenbroek print "\n"; 119*00b67f09SDavid van Moolenbroek } 120*00b67f09SDavid van Moolenbroek} 121