forked from TechnitiumSoftware/DnsServer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
IDnsQueryLogger.cs
238 lines (200 loc) · 9.15 KB
/
IDnsQueryLogger.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
/*
Technitium DNS Server
Copyright (C) 2024 Shreyas Zare ([email protected])
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
using System;
using System.Collections.Generic;
using System.Net;
using System.Threading.Tasks;
using TechnitiumLibrary.Net.Dns;
using TechnitiumLibrary.Net.Dns.ResourceRecords;
namespace DnsServerCore.ApplicationCommon
{
public enum DnsServerResponseType : byte
{
Authoritative = 1,
Recursive = 2,
Cached = 3,
Blocked = 4,
UpstreamBlocked = 5,
CacheBlocked = 6,
Dropped = 7
}
/// <summary>
/// Allows a DNS App to log incoming DNS requests and their corresponding responses.
/// </summary>
public interface IDnsQueryLogger
{
/// <summary>
/// Allows a DNS App to log incoming DNS requests and responses. This method is called by the DNS Server after an incoming request is processed and a response is sent.
/// </summary>
/// <param name="timestamp">The time stamp of the log entry.</param>
/// <param name="request">The incoming DNS request that was received.</param>
/// <param name="remoteEP">The end point (IP address and port) of the client making the request.</param>
/// <param name="protocol">The protocol using which the request was received.</param>
/// <param name="response">The DNS response that was sent.</param>
Task InsertLogAsync(DateTime timestamp, DnsDatagram request, IPEndPoint remoteEP, DnsTransportProtocol protocol, DnsDatagram response);
/// <summary>
/// Allows DNS Server HTTP API to query the logs recorded by the DNS App.
/// </summary>
/// <param name="pageNumber">The page number to be displayed to the user.</param>
/// <param name="entriesPerPage">Total entries per page.</param>
/// <param name="descendingOrder">Lists log entries in descending order.</param>
/// <param name="start">Optional parameter to filter records by start date time.</param>
/// <param name="end">Optional parameter to filter records by end date time.</param>
/// <param name="clientIpAddress">Optional parameter to filter records by the client IP address.</param>
/// <param name="protocol">Optional parameter to filter records by the DNS transport protocol.</param>
/// <param name="responseType">Optional parameter to filter records by the type of response.</param>
/// <param name="rcode">Optional parameter to filter records by the response code.</param>
/// <param name="qname">Optional parameter to filter records by the request QNAME.</param>
/// <param name="qtype">Optional parameter to filter records by the request QTYPE.</param>
/// <param name="qclass">Optional parameter to filter records by the request QCLASS.</param>
/// <returns>The <code>DnsLogPage</code> object that contains all the entries in the requested page number.</returns>
Task<DnsLogPage> QueryLogsAsync(long pageNumber, int entriesPerPage, bool descendingOrder, DateTime? start, DateTime? end, IPAddress clientIpAddress, DnsTransportProtocol? protocol, DnsServerResponseType? responseType, DnsResponseCode? rcode, string qname, DnsResourceRecordType? qtype, DnsClass? qclass);
}
public class DnsLogPage
{
#region variables
readonly long _pageNumber;
readonly long _totalPages;
readonly long _totalEntries;
readonly IReadOnlyList<DnsLogEntry> _entries;
#endregion
#region constructor
/// <summary>
/// Creates a new object initialized with all the log page parameters.
/// </summary>
/// <param name="pageNumber">The actual page number of the selected data set.</param>
/// <param name="totalPages">The total pages for the selected data set.</param>
/// <param name="totalEntries">The total number of entries in the selected data set.</param>
/// <param name="entries">The DNS log entries in this page.</param>
public DnsLogPage(long pageNumber, long totalPages, long totalEntries, IReadOnlyList<DnsLogEntry> entries)
{
_pageNumber = pageNumber;
_totalPages = totalPages;
_totalEntries = totalEntries;
_entries = entries;
}
#endregion
#region properties
/// <summary>
/// The actual page number of the selected data set.
/// </summary>
public long PageNumber
{ get { return _pageNumber; } }
/// <summary>
/// The total pages for the selected data set.
/// </summary>
public long TotalPages
{ get { return _totalPages; } }
/// <summary>
/// The total number of entries in the selected data set.
/// </summary>
public long TotalEntries
{ get { return _totalEntries; } }
/// <summary>
/// The DNS log entries in this page.
/// </summary>
public IReadOnlyList<DnsLogEntry> Entries
{ get { return _entries; } }
#endregion
}
public class DnsLogEntry
{
#region variables
readonly long _rowNumber;
readonly DateTime _timestamp;
readonly IPAddress _clientIpAddress;
readonly DnsTransportProtocol _protocol;
readonly DnsServerResponseType _responseType;
readonly DnsResponseCode _rcode;
readonly DnsQuestionRecord _question;
readonly string _answer;
#endregion
#region constructor
/// <summary>
/// Creates a new object initialized with all the log entry parameters.
/// </summary>
/// <param name="rowNumber">The row number of the entry in the selected data set.</param>
/// <param name="timestamp">The time stamp of the log entry.</param>
/// <param name="clientIpAddress">The client IP address of the request.</param>
/// <param name="protocol">The DNS transport protocol of the request.</param>
/// <param name="responseType">The type of response sent by the DNS server.</param>
/// <param name="rcode">The response code sent by the DNS server.</param>
/// <param name="question">The question section in the request.</param>
/// <param name="answer">The answer in text format sent by the DNS server.</param>
public DnsLogEntry(long rowNumber, DateTime timestamp, IPAddress clientIpAddress, DnsTransportProtocol protocol, DnsServerResponseType responseType, DnsResponseCode rcode, DnsQuestionRecord question, string answer)
{
_rowNumber = rowNumber;
_timestamp = timestamp;
_clientIpAddress = clientIpAddress;
_protocol = protocol;
_responseType = responseType;
_rcode = rcode;
_question = question;
_answer = answer;
switch (_timestamp.Kind)
{
case DateTimeKind.Local:
_timestamp = _timestamp.ToUniversalTime();
break;
case DateTimeKind.Unspecified:
_timestamp = DateTime.SpecifyKind(_timestamp, DateTimeKind.Utc);
break;
}
}
#endregion
#region properties
/// <summary>
/// The row number of the entry in the selected data set.
/// </summary>
public long RowNumber
{ get { return _rowNumber; } }
/// <summary>
/// The time stamp of the log entry.
/// </summary>
public DateTime Timestamp
{ get { return _timestamp; } }
/// <summary>
/// The client IP address of the request.
/// </summary>
public IPAddress ClientIpAddress
{ get { return _clientIpAddress; } }
/// <summary>
/// The DNS transport protocol of the request.
/// </summary>
public DnsTransportProtocol Protocol
{ get { return _protocol; } }
/// <summary>
/// The type of response sent by the DNS server.
/// </summary>
public DnsServerResponseType ResponseType
{ get { return _responseType; } }
/// <summary>
/// The response code sent by the DNS server.
/// </summary>
public DnsResponseCode RCODE
{ get { return _rcode; } }
/// <summary>
/// The question section in the request.
/// </summary>
public DnsQuestionRecord Question
{ get { return _question; } }
/// <summary>
/// The answer in text format sent by the DNS server.
/// </summary>
public string Answer
{ get { return _answer; } }
#endregion
}
}