Skip to content
GitLab
Explorer
Connexion
S'inscrire
Navigation principale
Rechercher ou aller à…
Projet
D
dns-unbound-cache-reader
Gestion
Activité
Membres
Labels
Programmation
Tickets
Tableaux des tickets
Jalons
Wiki
Code
Requêtes de fusion
Dépôt
Branches
Validations
Étiquettes
Graphe du dépôt
Comparer les révisions
Extraits de code
Compilation
Pipelines
Jobs
Planifications de pipeline
Artéfacts
Déploiement
Releases
Registre de paquets
Registre de conteneur
Registre de modèles
Opération
Environnements
Modules Terraform
Surveillance
Incidents
Analyse
Données d'analyse des chaînes de valeur
Analyse des contributeurs
Données d'analyse CI/CD
Données d'analyse du dépôt
Expériences du modèle
Aide
Aide
Support
Documentation de GitLab
Comparer les forfaits GitLab
Forum de la communauté
Contribuer à GitLab
Donner votre avis
Conditions générales et politique de confidentialité
Raccourcis clavier
?
Extraits de code
Groupes
Projets
Afficher davantage de fils d'Ariane
smart-home-network-security
dns-unbound-cache-reader
Validations
a81b754a
Valider
a81b754a
rédigé
Il y a 8 mois
par
François De Keersmaeker
Parcourir les fichiers
Options
Téléchargements
Correctifs
Plain Diff
Added support for CNAME records + Renamed service => alias
parent
a5d7f0ee
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Pipeline
#57059
réussi
Il y a 8 mois
Étape : test
Modifications
3
Pipelines
1
Masquer les modifications d'espaces
En ligne
Côte à côte
Affichage de
3 fichiers modifiés
dns_unbound_cache_reader/dns_unbound_cache_reader.py
+49
-31
49 ajouts, 31 suppressions
dns_unbound_cache_reader/dns_unbound_cache_reader.py
test/sample_dns_cache.txt
+7
-2
7 ajouts, 2 suppressions
test/sample_dns_cache.txt
test/test_sample_file.py
+8
-6
8 ajouts, 6 suppressions
test/test_sample_file.py
avec
64 ajouts
et
39 suppressions
dns_unbound_cache_reader/dns_unbound_cache_reader.py
+
49
−
31
Voir le fichier @
a81b754a
...
@@ -22,7 +22,7 @@ to_skip = (
...
@@ -22,7 +22,7 @@ to_skip = (
"
EOF
"
"
EOF
"
)
)
# Regex patterns
# Regex patterns
pattern_line
=
r
"
^([a-zA-Z0-9._-]+)\s+(\d+)\s+IN\s+([A-Z]+)\s+(.+)$
"
# Generic DNS cache line
pattern_line
=
r
"
^([a-zA-Z0-9._-]+)\s+(\d+)\s+IN\s+([A-Z]+)\s+(.+)$
"
# Generic DNS cache line
pattern_ipv4_byte
=
r
"
(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])
"
# Single byte from an IPv4 address
pattern_ipv4_byte
=
r
"
(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])
"
# Single byte from an IPv4 address
pattern_ptr
=
(
pattern_ipv4_byte
+
r
"
\.
"
)
*
3
+
pattern_ipv4_byte
+
r
"
.in-addr.arpa
"
# Reverse DNS lookup qname
pattern_ptr
=
(
pattern_ipv4_byte
+
r
"
\.
"
)
*
3
+
pattern_ipv4_byte
+
r
"
.in-addr.arpa
"
# Reverse DNS lookup qname
pattern_srv
=
r
"
^(\d+)\s+(\d+)\s+(\d+)\s+([a-zA-Z0-9.-]+)$
"
# SRV record target
pattern_srv
=
r
"
^(\d+)\s+(\d+)\s+(\d+)\s+([a-zA-Z0-9.-]+)$
"
# SRV record target
...
@@ -40,18 +40,19 @@ class DnsRtype(IntEnum):
...
@@ -40,18 +40,19 @@ class DnsRtype(IntEnum):
"""
"""
Enum class for the DNS resource record types.
Enum class for the DNS resource record types.
"""
"""
A
=
1
# IPv4 address
A
=
1
# IPv4 address
PTR
=
12
# Domain name pointer
CNAME
=
5
# Canonical name
AAAA
=
28
# IPv6 address
PTR
=
12
# Domain name pointer
SRV
=
33
# Service locator
AAAA
=
28
# IPv6 address
SRV
=
33
# Service locator
class
DnsTableKeys
(
Enum
):
class
DnsTableKeys
(
Enum
):
"""
"""
Enum class for the allowed dictionary keys.
Enum class for the allowed dictionary keys.
"""
"""
IP
=
"
ip
"
IP
=
"
ip
"
SERVICE
=
"
service
"
ALIAS
=
"
alias
"
def
read_dns_cache
(
def
read_dns_cache
(
...
@@ -66,8 +67,8 @@ def read_dns_cache(
...
@@ -66,8 +67,8 @@ def read_dns_cache(
ip_address: domain_name,
ip_address: domain_name,
...
...
},
},
DnsTableKeys
.
SERVICE
:
{
DnsTableKeys
.
ALIAS
:
{
service_name
:
actual_name
,
canonical_name
:
alias
,
...
...
}
}
}
}
...
@@ -129,9 +130,9 @@ def read_dns_cache(
...
@@ -129,9 +130,9 @@ def read_dns_cache(
if
not
match
:
if
not
match
:
continue
continue
name
=
match
.
group
(
1
)
q
name
=
match
.
group
(
1
)
if
name
.
endswith
(
"
.
"
):
if
q
name
.
endswith
(
"
.
"
):
name
=
name
[:
-
1
]
q
name
=
q
name
[:
-
1
]
rtype
=
match
.
group
(
3
)
rtype
=
match
.
group
(
3
)
rdata
=
match
.
group
(
4
)
rdata
=
match
.
group
(
4
)
if
rdata
.
endswith
(
"
.
"
):
if
rdata
.
endswith
(
"
.
"
):
...
@@ -148,13 +149,35 @@ def read_dns_cache(
...
@@ -148,13 +149,35 @@ def read_dns_cache(
if
rtype
==
DnsRtype
.
A
.
name
or
rtype
==
DnsRtype
.
AAAA
.
name
:
if
rtype
==
DnsRtype
.
A
.
name
or
rtype
==
DnsRtype
.
AAAA
.
name
:
ip
=
rdata
ip
=
rdata
if
DnsTableKeys
.
IP
.
name
in
dns_table
:
if
DnsTableKeys
.
IP
.
name
in
dns_table
:
dns_table
[
DnsTableKeys
.
IP
.
name
][
ip
]
=
name
dns_table
[
DnsTableKeys
.
IP
.
name
][
ip
]
=
q
name
else
:
else
:
dns_table
[
DnsTableKeys
.
IP
.
name
]
=
{
ip
:
name
}
dns_table
[
DnsTableKeys
.
IP
.
name
]
=
{
ip
:
qname
}
# CNAME records
if
rtype
==
DnsRtype
.
CNAME
.
name
:
cname
=
rdata
if
DnsTableKeys
.
ALIAS
.
name
in
dns_table
:
dns_table
[
DnsTableKeys
.
ALIAS
.
name
][
cname
]
=
qname
else
:
dns_table
[
DnsTableKeys
.
ALIAS
.
name
]
=
{
cname
:
qname
}
# SRV records
if
rtype
==
DnsRtype
.
SRV
.
name
:
# Parse target service
match_srv
=
re
.
match
(
pattern_srv
,
rdata
)
if
not
match_srv
:
continue
service
=
match_srv
.
group
(
4
)
if
service
.
endswith
(
"
.
"
):
service
=
service
[:
-
1
]
if
DnsTableKeys
.
ALIAS
.
name
in
dns_table
:
dns_table
[
DnsTableKeys
.
ALIAS
.
name
][
service
]
=
qname
else
:
dns_table
[
DnsTableKeys
.
ALIAS
.
name
]
=
{
service
:
qname
}
# PTR records
# PTR records
if
rtype
==
DnsRtype
.
PTR
.
name
:
if
rtype
==
DnsRtype
.
PTR
.
name
:
match_ptr
=
re
.
match
(
pattern_ptr
,
name
)
match_ptr
=
re
.
match
(
pattern_ptr
,
q
name
)
if
match_ptr
:
if
match_ptr
:
# PTR record is a reverse DNS lookup
# PTR record is a reverse DNS lookup
ip
=
"
.
"
.
join
(
reversed
(
match_ptr
.
groups
()))
ip
=
"
.
"
.
join
(
reversed
(
match_ptr
.
groups
()))
...
@@ -165,24 +188,19 @@ def read_dns_cache(
...
@@ -165,24 +188,19 @@ def read_dns_cache(
dns_table
[
DnsTableKeys
.
IP
.
name
]
=
{
ip
:
rdata
}
dns_table
[
DnsTableKeys
.
IP
.
name
]
=
{
ip
:
rdata
}
else
:
else
:
# PTR record contains generic RDATA
# PTR record contains generic RDATA
if
DnsTableKeys
.
SERVICE
.
name
in
dns_table
:
ptr
=
rdata
dns_table
[
DnsTableKeys
.
SERVICE
.
name
][
name
]
=
rdata
if
DnsTableKeys
.
ALIAS
.
name
in
dns_table
:
dns_table
[
DnsTableKeys
.
ALIAS
.
name
][
qname
]
=
ptr
else
:
else
:
dns_table
[
DnsTableKeys
.
SERVICE
.
name
]
=
{
name
:
rdata
}
dns_table
[
DnsTableKeys
.
ALIAS
.
name
]
=
{
q
name
:
ptr
}
# SRV records
if
rtype
==
DnsRtype
.
SRV
.
name
:
## Post-processing
# Parse target service
# Replace all cnames with aliases
match_srv
=
re
.
match
(
pattern_srv
,
rdata
)
if
DnsTableKeys
.
IP
.
name
in
dns_table
and
DnsTableKeys
.
ALIAS
.
name
in
dns_table
:
if
not
match_srv
:
for
ip
,
cname
in
dns_table
[
DnsTableKeys
.
IP
.
name
].
items
():
continue
if
cname
in
dns_table
[
DnsTableKeys
.
ALIAS
.
name
]:
service
=
match_srv
.
group
(
4
)
dns_table
[
DnsTableKeys
.
IP
.
name
][
ip
]
=
dns_table
[
DnsTableKeys
.
ALIAS
.
name
][
cname
]
if
service
.
endswith
(
"
.
"
):
service
=
service
[:
-
1
]
if
DnsTableKeys
.
SERVICE
.
name
in
dns_table
:
dns_table
[
DnsTableKeys
.
SERVICE
.
name
][
service
]
=
name
else
:
dns_table
[
DnsTableKeys
.
SERVICE
.
name
]
=
{
service
:
name
}
return
dns_table
return
dns_table
Ce diff est replié.
Cliquez pour l'agrandir.
test/sample_dns_cache.txt
+
7
−
2
Voir le fichier @
a81b754a
...
@@ -7,9 +7,14 @@ example.org. 600 IN NS ns1.example.org.
...
@@ -7,9 +7,14 @@ example.org. 600 IN NS ns1.example.org.
example.org. 600 IN NS ns2.example.org.
example.org. 600 IN NS ns2.example.org.
ns1.example.org. 3600 IN A 192.0.2.1
ns1.example.org. 3600 IN A 192.0.2.1
ns2.example.org. 3600 IN A 198.51.100.1
ns2.example.org. 3600 IN A 198.51.100.1
1.2.0.192.in-addr.arpa. 3600 IN PTR example.com
; CNAME records
2.2.0.192.in-addr.arpa. 3600 IN PTR example.com
example1.local. 300 IN A 192.168.1.100
example.local. 300 IN CNAME example1.local.
; SRV records
_tcp_.matter.example.com. 3600 IN SRV 10 60 5000 server1.example.com
_tcp_.matter.example.com. 3600 IN SRV 10 60 5000 server1.example.com
_tcp_.matter.example.com. 3600 IN SRV 20 60 5000 server2.example.com
_tcp_.matter.example.com. 3600 IN SRV 20 60 5000 server2.example.com
; PTR records
1.2.0.192.in-addr.arpa. 3600 IN PTR example.com
2.2.0.192.in-addr.arpa. 3600 IN PTR example.com
END_RRSET_CACHE
END_RRSET_CACHE
EOF
EOF
Ce diff est replié.
Cliquez pour l'agrandir.
test/test_sample_file.py
+
8
−
6
Voir le fichier @
a81b754a
...
@@ -19,17 +19,19 @@ def test_read_sample_cache_file() -> None:
...
@@ -19,17 +19,19 @@ def test_read_sample_cache_file() -> None:
"""
"""
dns_table
=
dns_reader
.
read_dns_cache
(
file
=
sample_cache_file
)
dns_table
=
dns_reader
.
read_dns_cache
(
file
=
sample_cache_file
)
assert
DnsTableKeys
.
IP
.
name
in
dns_table
assert
DnsTableKeys
.
IP
.
name
in
dns_table
assert
DnsTableKeys
.
SERVICE
.
name
in
dns_table
assert
DnsTableKeys
.
ALIAS
.
name
in
dns_table
dns_table_ip
=
dns_table
[
DnsTableKeys
.
IP
.
name
]
dns_table_ip
=
dns_table
[
DnsTableKeys
.
IP
.
name
]
assert
len
(
dns_table_ip
)
==
5
assert
len
(
dns_table_ip
)
==
6
assert
dns_table_ip
[
"
93.184.216.34
"
]
==
"
example.com
"
assert
dns_table_ip
[
"
93.184.216.34
"
]
==
"
example.com
"
assert
dns_table_ip
[
"
2606:2800:220:1:248:1893:25c8:1946
"
]
==
"
example.com
"
assert
dns_table_ip
[
"
2606:2800:220:1:248:1893:25c8:1946
"
]
==
"
example.com
"
assert
dns_table_ip
[
"
192.0.2.1
"
]
==
"
ns1.example.org
"
assert
dns_table_ip
[
"
192.0.2.1
"
]
==
"
ns1.example.org
"
assert
dns_table_ip
[
"
198.51.100.1
"
]
==
"
ns2.example.org
"
assert
dns_table_ip
[
"
198.51.100.1
"
]
==
"
ns2.example.org
"
assert
dns_table_ip
[
"
192.0.2.2
"
]
==
"
example.com
"
assert
dns_table_ip
[
"
192.0.2.2
"
]
==
"
example.com
"
assert
dns_table_ip
[
"
192.168.1.100
"
]
==
"
example.local
"
dns_table_service
=
dns_table
[
DnsTableKeys
.
SERVICE
.
name
]
dns_table_alias
=
dns_table
[
DnsTableKeys
.
ALIAS
.
name
]
assert
len
(
dns_table_service
)
==
2
assert
len
(
dns_table_alias
)
==
3
assert
dns_table_service
[
"
server1.example.com
"
]
==
"
_tcp_.matter.example.com
"
assert
dns_table_alias
[
"
example1.local
"
]
==
"
example.local
"
assert
dns_table_service
[
"
server2.example.com
"
]
==
"
_tcp_.matter.example.com
"
assert
dns_table_alias
[
"
server1.example.com
"
]
==
"
_tcp_.matter.example.com
"
assert
dns_table_alias
[
"
server2.example.com
"
]
==
"
_tcp_.matter.example.com
"
Ce diff est replié.
Cliquez pour l'agrandir.
Aperçu
0%
Chargement en cours
Veuillez réessayer
ou
joindre un nouveau fichier
.
Annuler
You are about to add
0
people
to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Enregistrer le commentaire
Annuler
Veuillez vous
inscrire
ou vous
se connecter
pour commenter