#!/usr/pkg/bin/python """fake DNS server for internet cafe lockdown this is for use in a situation where you only want certain people to have access to the gateway, but everyone can reach the local net. this returns the same IP for every name lookup. of course, this doesn't help against smart-alecks who know what IP they want to visit, so you have to play with the routing also.""" Copyright = """ fakebind -- return chosen IP for every name lookup Copyright (C) 2004 John Comeau This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. """ errormessage = "Not all needed libraries found, upgrade or check path" try: True # not defined in older Python releases except: True, False = 1, 0 try: import sys, os, types, re, pwd sys.path.append(os.sep.join([pwd.getpwuid(os.geteuid())[5], 'lib', 'python'])) from com.jcomeau import gpl, jclicense except: try: sys.stderr.write("%s\n" % errormessage) except: print errormessage raise # get name this program was called as self = sys.argv[0].split(os.sep)[-1] command = self.split('.')[0] # chop any suffix (extension) # now get name we gave it when we wrote it originalself = Copyright.split()[0] # globals and routines that should be in every program # (yes, you could import them, but there are problems in that approach too) def DebugPrint(*whatever): return False # defined instead by pytest module, use that for debugging # other globals, specific to this program from socket import * def serve(): """listen for DNS queries and answer... our answers don't have to match any reality but our own all dns questions and answers have 5 fields, some of which are often empty: header, question, answer RRs, authority RRs, additional RRs, where RR is Resource Record; see RFC 1035 for specifics """ dns_port = getservbyname('domain', 'udp') udplistener = socket(AF_INET, SOCK_DGRAM) try: udplistener.bind(('0.0.0.0', dns_port)) # note double parens, must be tuple except: dns_port = dns_port + 1024 # set to non-privileged port number udplistener.bind(('0.0.0.0', dns_port)) sys.stderr.write('Using unprivileged port %d\n' % dns_port) sys.stderr.write('Fake DNS server listening\n') while True: request = udplistener.recv(1024) DebugPrint(request) def dns_header(): pass if __name__ == '__main__': # if this program was imported by another, the above test will fail, # and this following code won't be used... serve() else: # if you want something to be done on import, do it here; otherwise pass pass