ouczbs/FastGithub
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

日志dns拦截记录

Browse Source
This commit is contained in:
老九 2021-10-05 13:50:55 +08:00
parent 1163fa4678
commit 44960eb4fc
2 changed files with 22 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
FastGithub.PacketIntercept/Dns/DnsInterceptor.cs
View File

@ -22,12 +22,12 @@ namespace FastGithub.PacketIntercept.Dns
[SupportedOSPlatform("windows")]
sealed class DnsInterceptor : IDnsInterceptor
{
private const string DNS_FILTER = "udp.DstPort == 53";
private const string DNS_FILTER = "ip and udp.DstPort == 53";
private readonly FastGithubConfig fastGithubConfig;
private readonly ILogger<DnsInterceptor> logger;
private readonly TimeSpan ttl = TimeSpan.FromMinutes(10d);
private readonly TimeSpan ttl = TimeSpan.FromMinutes(1d);
/// <summary>
/// 刷新DNS缓存
@ -35,6 +35,15 @@ namespace FastGithub.PacketIntercept.Dns
[DllImport("dnsapi.dll", EntryPoint = "DnsFlushResolverCache", SetLastError = true)]
private static extern void DnsFlushResolverCache();
/// <summary>
/// 首次加载驱动往往有异常,所以要提前加载
/// </summary>
static DnsInterceptor()
{
var handle = WinDivert.WinDivertOpen("false", WinDivertLayer.Network, 0, WinDivertOpenFlags.None);
WinDivert.WinDivertClose(handle);
}
/// <summary>
/// dns拦截器
/// </summary>
@ -142,20 +151,10 @@ namespace FastGithub.PacketIntercept.Dns
packetLength = (uint)((int)packetLength + responsePayload.Length - requestPayload.Length);
// 修改ip包
if (packet.IPv4Header != null)
{
var destAddress = packet.IPv4Header->DstAddr;
packet.IPv4Header->DstAddr = packet.IPv4Header->SrcAddr;
packet.IPv4Header->SrcAddr = destAddress;
packet.IPv4Header->Length = (ushort)packetLength;
}
else
{
var destAddress = packet.IPv6Header->DstAddr;
packet.IPv6Header->DstAddr = packet.IPv6Header->SrcAddr;
packet.IPv6Header->SrcAddr = destAddress;
packet.IPv6Header->Length = (ushort)packetLength;
}
var destAddress = packet.IPv4Header->DstAddr;
packet.IPv4Header->DstAddr = packet.IPv4Header->SrcAddr;
packet.IPv4Header->SrcAddr = destAddress;
packet.IPv4Header->Length = (ushort)packetLength;
// 修改udp包
var destPort = packet.UdpHeader->DstPort;
@ -164,7 +163,12 @@ namespace FastGithub.PacketIntercept.Dns
packet.UdpHeader->Length = (ushort)(sizeof(UdpHeader) + responsePayload.Length);
winDivertAddress.Impostor = true;
winDivertAddress.Direction = winDivertAddress.Loopback
? WinDivertDirection.Outbound
: WinDivertDirection.Inbound;
WinDivert.WinDivertHelperCalcChecksums(winDivertBuffer, packetLength, ref winDivertAddress, WinDivertChecksumHelperParam.All);
this.logger.LogInformation($"已拦截向dns://{destAddress}:{destPort}查询{domain}");
}

9
FastGithub.PacketIntercept/DnsInterceptHostedService.cs
View File

@ -1,5 +1,4 @@
using FastGithub.WinDiverts;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
using System;
using System.Collections.Generic;
@ -45,11 +44,7 @@ namespace FastGithub.PacketIntercept
/// <param name="cancellationToken"></param>
/// <returns></returns>
public override async Task StartAsync(CancellationToken cancellationToken)
{
// 首次加载驱动往往有异常,所以要提前加载
var handle = WinDivert.WinDivertOpen("true", WinDivertLayer.Network, 0, WinDivertOpenFlags.None);
WinDivert.WinDivertClose(handle);
{
foreach (var solver in this.conflictSolvers)
{
await solver.SolveAsync(cancellationToken);