public void Process()
{
// if we are using the DNS proxy we have first hand data and not need to monitor the system DNS cache.
if (App.engine.DnsProxy == null || App.GetConfigInt("DnsInspector", "AlwaysMonitor", 0) != 0)
{
dnsCacheMonitor.SyncCache();
}
if (LastCleanupTime.AddMinutes(15) < DateTime.Now) // every 15 minutes
{
LastCleanupTime = DateTime.Now;
queryWatcher.CleanupCache();
dnsCacheMonitor.CleanupCache();
hostNameResolver.CleanupCache();
}
foreach (var Address in ObserverJobs.Keys.ToList())
{
CloneableList <HostObserveJob> curJobs = ObserverJobs[Address];
for (int i = 0; i < curJobs.Count; i++)
{
HostObserveJob curJob = curJobs[i];
// Note: the cache emits events on every record found, if we have to a CNAME -> A -> IP case
// we need to wait untill all records are in the cache and than properly search it
if ((curJob.Await & NameSources.CachedQuery) != 0)
{
string cachedName = FindMostRecentHost(dnsCacheMonitor.FindHostNames(curJob.remoteAddress));
if (cachedName != null)
{
curJob.SetHostName(cachedName, NameSources.CapturedQuery);
}
curJob.Await &= ~NameSources.CachedQuery; // if after one cache update we still dont have a result we wont get it
}
if (!curJob.IsValid())
{
curJobs.RemoveAt(i--);
}
}
if (curJobs.Count == 0)
{
ObserverJobs.Remove(Address);
}
}
}
public bool FindQueryName(int processId, IPAddress remoteAddress, object target, Action <object, string, NameSources> setter)
{
Dictionary <IPAddress, Dictionary <string, DnsCacheEntry> > dnsCache;
if (dnsQueryCache.TryGetValue(processId, out dnsCache))
{
Dictionary <string, DnsCacheEntry> cacheEntries;
if (dnsCache.TryGetValue(remoteAddress, out cacheEntries) && cacheEntries.Count > 0)
{
// we found an entry
setter(target, cacheEntries.Keys.First(), NameSources.CapturedQuery);
return(true);
}
}
HostObserveJob job = new HostObserveJob()
{
target = new WeakReference(target), setter = setter, processId = processId, remoteAddress = remoteAddress, timeOut = MiscFunc.GetUTCTime() + 30
};
ObserverJobs.Add(remoteAddress, job);
return(false);
}
public void GetHostName(int processId, IPAddress remoteAddress, object target, Action <object, string, NameSources> setter)
{
// sanity check
if (remoteAddress.Equals(IPAddress.Any) || remoteAddress.Equals(IPAddress.IPv6Any))
{
return;
}
if (remoteAddress.Equals(IPAddress.Loopback) || remoteAddress.Equals(IPAddress.IPv6Loopback))
{
setter(target, "localhost", NameSources.ReverseDns);
return;
}
if (NetFunc.IsMultiCast(remoteAddress))
{
setter(target, "multicast.arpa", NameSources.ReverseDns);
return;
}
NameSources Await = NameSources.None;
if (queryWatcher.IsActive())
{
string capturedName = FindMostRecentHost(queryWatcher.FindHostNames(processId, remoteAddress));
if (capturedName == null)
{
Await |= NameSources.CapturedQuery;
}
else
{
setter(target, capturedName, NameSources.CapturedQuery);
}
}
if (Await != NameSources.None)
{
string cachedName = FindMostRecentHost(dnsCacheMonitor.FindHostNames(remoteAddress));
if (cachedName == null)
{
Await |= NameSources.CachedQuery;
}
else
{
setter(target, cachedName, NameSources.CachedQuery);
}
}
int ReverseResolve = App.GetConfigInt("DnsInspector", "UseReverseDNS", 0);
if (ReverseResolve == 2 || (ReverseResolve == 1 && (Await & NameSources.CachedQuery) != 0))
{
string resolvedName = FindMostRecentHost(hostNameResolver.ResolveHostNames(remoteAddress));
if (resolvedName == null)
{
Await |= NameSources.ReverseDns;
}
else
{
setter(target, resolvedName, NameSources.ReverseDns);
}
}
if (Await != NameSources.None)
{
HostObserveJob job = new HostObserveJob()
{
target = new WeakReference(target), setter = setter, processId = processId, remoteAddress = remoteAddress, Await = Await, timeOut = DateTime.Now.AddSeconds(30)
};
ObserverJobs.Add(remoteAddress, job);
}
}
