GithubHelp home page GithubHelp logo

dot-proxy's Introduction

DNS-over-TLS proxy

This is very simple and mimimilistic, DNS proxy service capable of running in multi-thread mode, handling multilpe connections in parallel and build using python.

This is packaged with Docker and Dcoker-compose. Docker Compose can help deploy this in docker stack infrastructure or kubernetes. The module Execution starts from DNSoverTLS.__main__:start() method.

+--------------+   U/T     +----------------------+     TCP   +-----------------------------+
|              + --------> +                      + --------> +                             |
|   DNS Req    |           |       DNS Proxy      |           |    Cloudflare - TLS - DNS   |
|              + <-------- +                      + <-------- +                             |
+--------------+    U/T    +----------------------+     TCP   +-----------------------------+
                             8053(UDP) - 8853(TCP)

How to run:

Single service

# Build Docker
docker build -t dns .

# Run the docker Image
docker run -d -p 8053:8053/udp -p8853:8853 -t dns

# Test the proxy
# Handle TCP connections
dig @127.0.0.1 -p8853 rsehgal.in +tcp

# Handle UDP connections.
dig @127.0.0.1 -p8053 rsehgal.in

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> @127.0.0.1 -p9090 rsehgal.in
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32042
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; PAD: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (".........................................................................................................................................................................................................................................................................................................................................................................................................")
;; QUESTION SECTION:
;rsehgal.in.			IN	A

;; ANSWER SECTION:
rsehgal.in.		20	IN	A	206.189.89.118
rsehgal.in.		20	IN	A	157.230.35.153

;; Query time: 589 msec
;; SERVER: 127.0.0.1#9090(127.0.0.1)
;; WHEN: Sat Sep 12 08:40:31 UTC 2020
;; MSG SIZE  rcvd: 468

Build and Deploy in cluster

# Build docker compose
docker-compose build .

# Run compose in docker-swarm mode
# Create master node
docker swarm init

# Join the Swarm, create multinode cluster
docker swarm join --token <SWARMTOKEN>

# Deploy proxy in swarn
docker stack deploy  --compose-file docker-compose.yml dns-proxy

# Handle TCP connections
dig @127.0.0.1 -p8853 rsehgal.in +tcp

# Handle UDP connections.
dig @127.0.0.1 -p8053 rsehgal.in

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> @127.0.0.1 -p9090 rsehgal.in
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29786
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; PAD: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (".........................................................................................................................................................................................................................................................................................................................................................................................................")
;; QUESTION SECTION:
;rsehgal.in.			IN	A

;; ANSWER SECTION:
rsehgal.in.		20	IN	A	157.230.35.153
rsehgal.in.		20	IN	A	157.230.37.202

;; Query time: 522 msec
;; SERVER: 127.0.0.1#9090(127.0.0.1)
;; WHEN: Sat Sep 12 08:51:22 UTC 2020
;; MSG SIZE  rcvd: 468

Proxy features

  1. Supports TCP and UDP connections with Proxy.
  2. Ready to use logging module.
  3. Threaded server.
  4. Packaged as docker.
  5. Packaged as docker-compose.
    1. Ready to deploy in docker-swarm cluster, multinode deployment.
  6. No third party library used.
  7. No dependencies.
  8. Currently connects with Cloudflare only, but can me modified to work with any DNS-TLS providers.
  9. Server certificate verification using SSL.

dot-proxy's People

Contributors

rosehgal avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.