[Twisted-Python] How to get the client ip when it ask a resolution with twisted.names
contact at benoit-laviale.fr
contact at benoit-laviale.fr
Sun May 2 00:56:46 MDT 2021
Hi Adi, all,
First, thx for your reply.
I think your solution may not be the good one, but for sure, you put me on the good track, so thx a lot.
What I currently did :
I did an inheritance of DNSServerFactory to be able to add the "address" propertie on my query object.
It looks like that :
class DNSServerFactory2(server.DNSServerFactory):
def handleQuery(self, message, protocol, address):
query = message.queries[0]
query.address = address
message.queries[0] = query
from pprint import pprint
pprint(vars(message.queries[0]))
return super().handleQuery(message, protocol, address) # @ this point the resolver is called in the DNSServerFactory.
In the log i have that :
2021-05-02 08:47:58+0200 [-] {'address': ('127.0.0.1', 60750),
2021-05-02 08:47:58+0200 [-] 'cls': 1,
2021-05-02 08:47:58+0200 [-] 'name': <twisted.names.dns.Name object at 0x13c8e38b0>,
2021-05-02 08:47:58+0200 [-] 'type': 1}
So the propertie looks added...
But after that, I am going to the resolver and at that moment, the address propertie is missing...?!
def query(self, query, timeout=None):
from pprint import pprint
pprint(vars(query))
in the logs :
2021-05-02 08:47:58+0200 [-] {'cls': 1, 'name': <twisted.names.dns.Name object at 0x13c8e3880>, 't
ype': 1}
So there is no anymore the address propertie that i have added just before...
What am i missing?
Thx
Benoît
Le Samedi, Mai 01, 2021 11:18 CEST, Adi Roiban <adi at roiban.ro> a écrit:
Hi On Sat, 1 May 2021 at 07:43, contact at benoit-laviale.fr <contact at benoit-laviale.fr> wrote:Dear all,
I am working on twisted names since some days to make kind of filtering system (with domains blacklists).
So I made my own resolver that can reply defer.fail(error.DomainError()) to send the query to the next resolver (and in this case, it will be resolve) or defer.fail(dns.AuthoritativeDomainError(query.name.name)) to reply NXDOMAIN that can "block" the domain to the final client.
That part is working well.
Next, i would like to "block" the resolution regarding the device (Mac address/IP/???).
I would like something like that :
if self.query.meta.client.ip == b"192.168.0.5" or self.query.meta.client.mac == "XX:YY:ZZ:....":
self.do_something()
My use case is that device of Kelly, (Kelly is a teenager of 12 years) cant use youtube.com at all, but other devices are allowed to get the resolution.
How can I get the IP/Name/mac (an identifier) of the device that's querying my custom dns?
I read something about datagrams, but in my case i think i must get this information in my resolver...
Thx and cheers. I think you are using DNS over UDP... so to understand how UDP works with Twisted you can check this pagehttps://twistedmatrix.com/documents/current/core/howto/udp.html I have never used Twisted names so I am just trying to help based on my general knowledge of Twisted design... but I think the entry point is here https://github.com/twisted/twisted/blob/63649469c1fe46d8a713e8034239ac3cc0498ea7/src/twisted/names/dns.py#L3242 then it goes to here https://github.com/twisted/twisted/blob/63649469c1fe46d8a713e8034239ac3cc0498ea7/src/twisted/names/server.py#L538 and then in handleQuery where I see that the query is done without the `address`...but the address is available again in`gotResolverResponse`.. so maybe that help ------- Hope it helps Cheers --Adi Roiban
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20210502/6fd8610d/attachment.htm>
More information about the Twisted-Python
mailing list