static void Main(string[] args)
{
Console.WriteLine("Starting DNS Tap...");
Console.WriteLine();
string ForwardingDNS = "8.8.8.8";
IPEndPoint ipeForwarder = new IPEndPoint(IPAddress.Parse(ForwardingDNS), 53);
UdpClient udpClient = new UdpClient(53, AddressFamily.InterNetwork);
Dictionary <UInt16, IPEndPoint> Queries = new Dictionary <ushort, IPEndPoint>();
while (true)
{
try
{
IPEndPoint ipeData = new IPEndPoint(0, 0);
byte[] bData = udpClient.Receive(ref ipeData);
DNSPacket dPacket = new DNSPacket(bData);
UInt16 RequestID = BitConverter.ToUInt16(bData, 0);
bool bRequest = (int)bData[2] < 128;
Console.Write((int)bData[2]);
if (bRequest)
{
udpClient.Send(bData, bData.Length, ipeForwarder);
if (!Queries.ContainsKey(RequestID))
{
Queries.Add(RequestID, ipeData);
}
else
{
Queries[RequestID] = ipeData;
}
Console.WriteLine("{0}>>{1} [{3}]", ipeData.ToString(), ipeForwarder.ToString(), RequestID, dPacket.QuestionRecords[0].QName);
}
else
{
udpClient.Send(bData, bData.Length, Queries[RequestID]);
Console.WriteLine("{0}<<{1}[{3}]", Queries[RequestID], ipeForwarder.ToString(), RequestID, dPacket.QuestionRecords[0].QName);
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
}
public DNSPacket(byte[] bDatagram)
{
mID = DNSPacket.GetUInt16(bDatagram, 0);
mQR = (bDatagram[2] & 0x80) == 0x80;
mAuthorativeAnswer = (bDatagram[2] & 0x04) == 0x04;
mTruncated = (bDatagram[2] & 0x02) == 0x02;
mRecursionDesired = (bDatagram[2] & 0x01) == 0x01;
mRecursionAvailable = (bDatagram[3] & 0x80) == 0x80;
mOpCode = Convert.ToUInt16((bDatagram[2] & 0x78) / 0x08);
mResponseCode = Convert.ToUInt16(bDatagram[3] & 0x0F);
mReservedBlock = Convert.ToUInt16((bDatagram[3] & 0x70) / 0x10);
if ((mReservedBlock & 0x02) == 0x02)
{
mAuthenticData = true;
}
if ((mReservedBlock & 0x01) == 0x01)
{
mCheckingDisabled = true;
}
UInt16 questionBlocks = DNSPacket.GetUInt16(bDatagram, 4);
UInt16 answerBlocks = DNSPacket.GetUInt16(bDatagram, 6);
UInt16 nameserverBlocks = DNSPacket.GetUInt16(bDatagram, 8);
UInt16 additionalRecordBlocks = DNSPacket.GetUInt16(bDatagram, 10);
int curLocation = 12;
mQuestionRecords = new List <QuestionRecord>();
for (int i = 0; i < questionBlocks; i++)
{
QuestionRecord currentQuestionRecord = QuestionRecord.ReadQuestionRecord(bDatagram, curLocation);
curLocation += currentQuestionRecord.Length;
mQuestionRecords.Add(currentQuestionRecord);
}
mAnswerRecords = new List <AnswerRecord>();
if (mResponseCode == 0 && curLocation < bDatagram.Length)
{
for (int i = 0; i < answerBlocks; i++)
{
AnswerRecord currentAnswerRecord = AnswerRecord.ReadAnswerRecord(bDatagram, curLocation);
curLocation += currentAnswerRecord.Length;
mAnswerRecords.Add(currentAnswerRecord);
}
}
mAuthorityRecords = new List <AnswerRecord>();
if (mResponseCode == 0 && curLocation < bDatagram.Length)
{
for (int i = 0; i < nameserverBlocks; i++)
{
AnswerRecord currentAnswerRecord = AnswerRecord.ReadAnswerRecord(bDatagram, curLocation);
curLocation += currentAnswerRecord.Length;
mAuthorityRecords.Add(currentAnswerRecord);
}
}
mAdditionalRecords = new List <AnswerRecord>();
if (mResponseCode == 0 && curLocation < bDatagram.Length)
{
for (int i = 0; i < additionalRecordBlocks; i++)
{
AnswerRecord currentAnswerRecord = AnswerRecord.ReadAnswerRecord(bDatagram, curLocation);
curLocation += currentAnswerRecord.Length;
mAdditionalRecords.Add(currentAnswerRecord);
}
}
}