Пример #1
0
        private static void GetCoreCache()
        {
            log.Info("GetCoreCache()");

            string core_url    = Configuration.GetCoreUrl();
            string certName    = Configuration.GetPfxPath();
            string password    = Configuration.GetPfxPassword();
            string resolver_id = Configuration.GetResolverId();

            X509Certificate2Collection certificates = new X509Certificate2Collection();

            certificates.Import(certName, password, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);

            ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true;
            HttpWebRequest req = (HttpWebRequest)WebRequest.Create(core_url);

            req.ServerCertificateValidationCallback += ValidateRemoteCertificate;
            req.AllowAutoRedirect        = true;
            req.ClientCertificates       = certificates;
            req.Method                   = "GET";
            req.ContentType              = "application/x-protobuf";
            req.Headers["x-resolver-id"] = resolver_id;

            using (var response = req.GetResponseAsync().Result)
            {
                using (var stream = response.GetResponseStream())
                {
                    log.Debug($"Deserialize.");
                    var cache = ProtoBuf.Serializer.Deserialize <Models.Cache>(stream);
                    log.Debug($"Deserialized.");

                    if (cache.CustomLists != null)
                    {
                        log.Debug($"Custom List count = {cache.CustomLists.ToArray().Count()}");
                    }
                    if (cache.Domains != null)
                    {
                        log.Debug($"Domains count = {cache.Domains.ToArray().Count()}");
                    }
                    if (cache.IPRanges != null)
                    {
                        log.Debug($"IPRanges count = {cache.IPRanges.ToArray().Count()}");
                    }
                    if (cache.Policies != null)
                    {
                        log.Debug($"Policies count = {cache.Policies.ToArray().Count()}");
                    }

                    CacheLiveStorage.CoreCache = cache;
                    KresUpdater.UpdateNow();
                }
            }
        }
Пример #2
0
 public object pushIPRangePolicyBuffer(HttpListenerContext ctx, List <byte[]> buffer)
 {
     return(KresUpdater.PushHdd(bufferType.iprangepolicyid, buffer, filename));
 }
Пример #3
0
 public object pushDomainFlagsBuffer(HttpListenerContext ctx, List <byte[]> buffer)
 {
     return(KresUpdater.PushHdd(bufferType.domainFlagsBuffer, buffer, filename));
 }
Пример #4
0
 public object pushFreeCaches(HttpListenerContext ctx, List <byte[]> buffer)
 {
     return(KresUpdater.PushHdd(bufferType.swapfreebuffers, buffer, filename));
 }
Пример #5
0
 public object pushLoadFileFromBuffer(HttpListenerContext ctx, List <byte[]> buffer)
 {
     return(KresUpdater.PushTcp(bufferType.loadfile, buffer));
 }
Пример #6
0
 public object UpdateNow(HttpListenerContext ctx, string postdata)
 {
     KresUpdater.UpdateNow();
     return(0);
 }
Пример #7
0
 public object pushCustomListPolicyIdBuffer(HttpListenerContext ctx, List <byte[]> buffer)
 {
     return(KresUpdater.PushHdd(bufferType.identitybufferpolicyid, buffer, filename));
 }
Пример #8
0
 public object pushCustomListWhitelistBuffer(HttpListenerContext ctx, List <byte[]> buffer)
 {
     return(KresUpdater.PushHdd(bufferType.identitybufferwhitelist, buffer, filename));
 }
Пример #9
0
 public object pushPolicyBlockBuffer(HttpListenerContext ctx, List <byte[]> buffer)
 {
     return(KresUpdater.PushHdd(bufferType.policyblock, buffer, filename));
 }
Пример #10
0
        public string Bypass(HttpContext ctx, string clientIpAddress, string domainToWhitelist, string authToken, string base64encodedUrlToRedirectTo)
        {
            log.Info($"Bypass request, ip={clientIpAddress}, {domainToWhitelist}.");

            if (string.Compare(authToken, "BFLMPSVZ", StringComparison.OrdinalIgnoreCase) != 0)
            {
                return("");
            }

            var    idbytes  = Encoding.ASCII.GetBytes(clientIpAddress);
            var    idcrc    = Crc64.Compute(0, idbytes);
            string identity = idcrc.ToString("X");

            IPAddress ip;

            if (!IPAddress.TryParse(clientIpAddress, out ip))
            {
                return(new Exception($"unable to parse ip address {clientIpAddress}.").Message);
            }

            //TODO: check ipv6 reverse
            var bytes = ip.GetAddressBytes().Reverse().ToArray();

            BigMath.Int128 intip;
            if (bytes.Length == 4)
            {
                intip = new BigMath.Int128(0, BitConverter.ToUInt32(bytes, 0));
            }
            else if (bytes.Length == 16)
            {
                intip = new BigMath.Int128(BitConverter.ToUInt64(bytes, 0), BitConverter.ToUInt64(bytes, 8));
            }
            else
            {
                return(new Exception($"unable to parse ip address {clientIpAddress}.").Message);
            }

            List <Models.CacheIPRange>    ipranges;
            List <Models.CacheCustomList> customlists;

            if (CacheLiveStorage.CoreCache.IPRanges != null)
            {
                ipranges = CacheLiveStorage.CoreCache.IPRanges.ToList();
            }
            else
            {
                ipranges = new List <Models.CacheIPRange>();
            }

            if (CacheLiveStorage.CoreCache.IPRanges != null)
            {
                customlists = CacheLiveStorage.CoreCache.CustomLists.ToList();
            }
            else
            {
                customlists = new List <Models.CacheCustomList>();
            }


            ipranges.Add(new Models.CacheIPRange()
            {
                Identity     = identity,
                Proto_IpFrom = Encoding.ASCII.GetBytes(intip.ToString()),
                Proto_IpTo   = Encoding.ASCII.GetBytes(intip.ToString()),
                PolicyId     = 0
            });
            var item = customlists.FirstOrDefault(t => string.Compare(t.Identity, identity, StringComparison.OrdinalIgnoreCase) == 0);

            if (item == null)
            {
                item = new Models.CacheCustomList()
                {
                    Identity  = identity,
                    WhiteList = new List <string>()
                    {
                        domainToWhitelist
                    },
                    BlackList = new List <string>(),
                    PolicyId  = 0
                };
                log.Info($"Identity {identity} now has {domainToWhitelist} whitelisted.");
            }
            else
            {
                if (!item.WhiteList.Contains(domainToWhitelist))
                {
                    var list = item.WhiteList.ToList();
                    list.Add(domainToWhitelist);
                    item.WhiteList = list;
                    foreach (var entry in item.WhiteList)
                    {
                        log.Info($"Identity {identity} now has {entry} whitelisted.");
                    }
                }
                else
                {
                    log.Info($"Identity {identity} has {domainToWhitelist} already whitelisted.");
                }
            }
            customlists.RemoveAll(t => string.Compare(t.Identity, identity, StringComparison.OrdinalIgnoreCase) == 0);
            customlists.Add(item);

            CacheLiveStorage.CoreCache.IPRanges    = ipranges;
            CacheLiveStorage.CoreCache.CustomLists = customlists;

            log.Info($"Updating kres modules.");
            KresUpdater.UpdateSmallCaches();
            KresUpdater.UpdateNow();
            log.Info($"Kres modules have been updated.");

            //var redirectUrl = Base64Decode(base64encodedUrlToRedirectTo);
            //ctx.Response.RedirectLocation = redirectUrl;


            return(null);
        }
Пример #11
0
        public static void Main(string[] args)
        {
            LoadLogConfig();
            log.Info("Main");

            log.Info("Init cache");
            CacheLiveStorage.CoreCache             = new Models.Cache();
            CacheLiveStorage.CoreCache.CustomLists = new List <Models.CacheCustomList>();
            CacheLiveStorage.CoreCache.Domains     = new List <Models.CacheDomain>();
            CacheLiveStorage.CoreCache.IPRanges    = new List <Models.CacheIPRange>();
            CacheLiveStorage.CoreCache.Policies    = new List <Models.CachePolicy>();
            CacheLiveStorage.UdpCache = new System.Collections.Concurrent.ConcurrentDictionary <string, Models.CacheIPRange>();

            //log.Info("Run shell script");
            //RunScriptIfExists();

            log.Info("Starting UDP Server");
            UdpServer.Listen();

            log.Info("Starting CoreClient Updater");
            CoreClient.Start();

            var listener    = new Listener();
            var kresUpdater = new KresUpdater();

            log.Info("Starting Knot-Resolver Updater");
            kresUpdater.Start(listener);

            //listener.Listen();

            //log.Info("Starting Public HTTP Listener");
            //var publiclistener = new PublicListener();
            //publiclistener.Listen();

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
            {
                var host = new WebHostBuilder()
                           .UseKestrel(options =>
                {
                    options.Listen(IPAddress.Any, 443, listenOptions =>
                                   listenOptions.UseHttps("sinkhole.pfx", "P@ssw0rd"));
                    options.Listen(IPAddress.Any, 80);
                })
                           .UseContentRoot(Directory.GetCurrentDirectory())
                           .UseIISIntegration()
                           .UseStartup <Startup>()
                           .Build();

                host.Run();
            }
            else
            {
                var host = new WebHostBuilder()
                           .UseKestrel(options =>
                {
                    options.Listen(IPAddress.Any, 443, listenOptions =>
                                   listenOptions.UseHttps("sinkhole.pfx", "P@ssw0rd"));
                    options.Listen(IPAddress.Any, 80);
                })
                           .UseContentRoot(Directory.GetCurrentDirectory())
                           .UseIISIntegration()
                           .UseStartup <Startup>()
                           .Build();

                host.Run();
            }
        }
Пример #12
0
        public static void Main(string[] args)
        {
            //DatLoader.Load(@"c:\var\whalebone\data\57895c20-9a60-42f0-8564-306cb7b844a8.dat");

            LoadLogConfig();
            log.Info("Main");

            log.Info("Init passive dns enricher");
            var pe = new PassiveDNSEnricher();

            pe.Listen();

            log.Info("Init cache");
            CacheLiveStorage.CoreCache             = new Models.Cache();
            CacheLiveStorage.CoreCache.CustomLists = new List <Models.CacheCustomList>();
            CacheLiveStorage.CoreCache.Domains     = new List <Models.CacheDomain>();
            CacheLiveStorage.CoreCache.IPRanges    = new List <Models.CacheIPRange>();
            CacheLiveStorage.CoreCache.Policies    = new List <Models.CachePolicy>();
            CacheLiveStorage.UdpCache = new System.Collections.Concurrent.ConcurrentDictionary <string, Models.CacheIPRange>();

            //log.Info("Run shell script");
            //RunScriptIfExists();

            //CoreClient.TestCoreCache(@"c:\var\whalebone\data\540_resolver_cache.bin", "seznam.cz");

            log.Info("Starting UDP Server");
            UdpServer.Listen();

            log.Info("Starting CoreClient Updater");
            CoreClient.Start();

            var listener    = new Listener();
            var kresUpdater = new KresUpdater();

            log.Info("Starting Knot-Resolver Updater");
            kresUpdater.Start(listener);

            //comment back in to enable custom API
            log.Info("Starting custom API");
            listener.Listen();

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
            {
                var host = new WebHostBuilder()
                           .UseKestrel(options =>
                {
                    options.Listen(IPAddress.Any, 443, listenOptions =>
                                   listenOptions.UseHttps("sinkhole.pfx", "P@ssw0rd"));
                    options.Listen(IPAddress.Any, 80);
                })
                           .UseContentRoot(Directory.GetCurrentDirectory())
                           .UseIISIntegration()
                           .UseStartup <Startup>()
                           .Build();

                host.Run();
            }
            else
            {
                var host = new WebHostBuilder()
                           .UseKestrel(options =>
                {
                    options.Listen(IPAddress.Any, 443, listenOptions =>
                                   listenOptions.UseHttps("sinkhole.pfx", "P@ssw0rd"));
                    options.Listen(IPAddress.Any, 8080);
                })
                           .UseContentRoot(Directory.GetCurrentDirectory())
                           .UseIISIntegration()
                           .UseStartup <Startup>()
                           .Build();

                host.Run();
            }
        }