private static void GetCoreCache()
{
log.Info("GetCoreCache()");
string core_url = Configuration.GetCoreUrl();
string certName = Configuration.GetPfxPath();
string password = Configuration.GetPfxPassword();
string resolver_id = Configuration.GetResolverId();
X509Certificate2Collection certificates = new X509Certificate2Collection();
certificates.Import(certName, password, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);
ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(core_url);
req.ServerCertificateValidationCallback += ValidateRemoteCertificate;
req.AllowAutoRedirect = true;
req.ClientCertificates = certificates;
req.Method = "GET";
req.ContentType = "application/x-protobuf";
req.Headers["x-resolver-id"] = resolver_id;
using (var response = req.GetResponseAsync().Result)
{
using (var stream = response.GetResponseStream())
{
log.Debug($"Deserialize.");
var cache = ProtoBuf.Serializer.Deserialize <Models.Cache>(stream);
log.Debug($"Deserialized.");
if (cache.CustomLists != null)
{
log.Debug($"Custom List count = {cache.CustomLists.ToArray().Count()}");
}
if (cache.Domains != null)
{
log.Debug($"Domains count = {cache.Domains.ToArray().Count()}");
}
if (cache.IPRanges != null)
{
log.Debug($"IPRanges count = {cache.IPRanges.ToArray().Count()}");
}
if (cache.Policies != null)
{
log.Debug($"Policies count = {cache.Policies.ToArray().Count()}");
}
CacheLiveStorage.CoreCache = cache;
KresUpdater.UpdateNow();
}
}
}
public object pushIPRangePolicyBuffer(HttpListenerContext ctx, List <byte[]> buffer)
{
return(KresUpdater.PushHdd(bufferType.iprangepolicyid, buffer, filename));
}
public object pushDomainFlagsBuffer(HttpListenerContext ctx, List <byte[]> buffer)
{
return(KresUpdater.PushHdd(bufferType.domainFlagsBuffer, buffer, filename));
}
public object pushFreeCaches(HttpListenerContext ctx, List <byte[]> buffer)
{
return(KresUpdater.PushHdd(bufferType.swapfreebuffers, buffer, filename));
}
public object pushLoadFileFromBuffer(HttpListenerContext ctx, List <byte[]> buffer)
{
return(KresUpdater.PushTcp(bufferType.loadfile, buffer));
}
public object UpdateNow(HttpListenerContext ctx, string postdata)
{
KresUpdater.UpdateNow();
return(0);
}
public object pushCustomListPolicyIdBuffer(HttpListenerContext ctx, List <byte[]> buffer)
{
return(KresUpdater.PushHdd(bufferType.identitybufferpolicyid, buffer, filename));
}
public object pushCustomListWhitelistBuffer(HttpListenerContext ctx, List <byte[]> buffer)
{
return(KresUpdater.PushHdd(bufferType.identitybufferwhitelist, buffer, filename));
}
public object pushPolicyBlockBuffer(HttpListenerContext ctx, List <byte[]> buffer)
{
return(KresUpdater.PushHdd(bufferType.policyblock, buffer, filename));
}
public string Bypass(HttpContext ctx, string clientIpAddress, string domainToWhitelist, string authToken, string base64encodedUrlToRedirectTo)
{
log.Info($"Bypass request, ip={clientIpAddress}, {domainToWhitelist}.");
if (string.Compare(authToken, "BFLMPSVZ", StringComparison.OrdinalIgnoreCase) != 0)
{
return("");
}
var idbytes = Encoding.ASCII.GetBytes(clientIpAddress);
var idcrc = Crc64.Compute(0, idbytes);
string identity = idcrc.ToString("X");
IPAddress ip;
if (!IPAddress.TryParse(clientIpAddress, out ip))
{
return(new Exception($"unable to parse ip address {clientIpAddress}.").Message);
}
//TODO: check ipv6 reverse
var bytes = ip.GetAddressBytes().Reverse().ToArray();
BigMath.Int128 intip;
if (bytes.Length == 4)
{
intip = new BigMath.Int128(0, BitConverter.ToUInt32(bytes, 0));
}
else if (bytes.Length == 16)
{
intip = new BigMath.Int128(BitConverter.ToUInt64(bytes, 0), BitConverter.ToUInt64(bytes, 8));
}
else
{
return(new Exception($"unable to parse ip address {clientIpAddress}.").Message);
}
List <Models.CacheIPRange> ipranges;
List <Models.CacheCustomList> customlists;
if (CacheLiveStorage.CoreCache.IPRanges != null)
{
ipranges = CacheLiveStorage.CoreCache.IPRanges.ToList();
}
else
{
ipranges = new List <Models.CacheIPRange>();
}
if (CacheLiveStorage.CoreCache.IPRanges != null)
{
customlists = CacheLiveStorage.CoreCache.CustomLists.ToList();
}
else
{
customlists = new List <Models.CacheCustomList>();
}
ipranges.Add(new Models.CacheIPRange()
{
Identity = identity,
Proto_IpFrom = Encoding.ASCII.GetBytes(intip.ToString()),
Proto_IpTo = Encoding.ASCII.GetBytes(intip.ToString()),
PolicyId = 0
});
var item = customlists.FirstOrDefault(t => string.Compare(t.Identity, identity, StringComparison.OrdinalIgnoreCase) == 0);
if (item == null)
{
item = new Models.CacheCustomList()
{
Identity = identity,
WhiteList = new List <string>()
{
domainToWhitelist
},
BlackList = new List <string>(),
PolicyId = 0
};
log.Info($"Identity {identity} now has {domainToWhitelist} whitelisted.");
}
else
{
if (!item.WhiteList.Contains(domainToWhitelist))
{
var list = item.WhiteList.ToList();
list.Add(domainToWhitelist);
item.WhiteList = list;
foreach (var entry in item.WhiteList)
{
log.Info($"Identity {identity} now has {entry} whitelisted.");
}
}
else
{
log.Info($"Identity {identity} has {domainToWhitelist} already whitelisted.");
}
}
customlists.RemoveAll(t => string.Compare(t.Identity, identity, StringComparison.OrdinalIgnoreCase) == 0);
customlists.Add(item);
CacheLiveStorage.CoreCache.IPRanges = ipranges;
CacheLiveStorage.CoreCache.CustomLists = customlists;
log.Info($"Updating kres modules.");
KresUpdater.UpdateSmallCaches();
KresUpdater.UpdateNow();
log.Info($"Kres modules have been updated.");
//var redirectUrl = Base64Decode(base64encodedUrlToRedirectTo);
//ctx.Response.RedirectLocation = redirectUrl;
return(null);
}
public static void Main(string[] args)
{
LoadLogConfig();
log.Info("Main");
log.Info("Init cache");
CacheLiveStorage.CoreCache = new Models.Cache();
CacheLiveStorage.CoreCache.CustomLists = new List <Models.CacheCustomList>();
CacheLiveStorage.CoreCache.Domains = new List <Models.CacheDomain>();
CacheLiveStorage.CoreCache.IPRanges = new List <Models.CacheIPRange>();
CacheLiveStorage.CoreCache.Policies = new List <Models.CachePolicy>();
CacheLiveStorage.UdpCache = new System.Collections.Concurrent.ConcurrentDictionary <string, Models.CacheIPRange>();
//log.Info("Run shell script");
//RunScriptIfExists();
log.Info("Starting UDP Server");
UdpServer.Listen();
log.Info("Starting CoreClient Updater");
CoreClient.Start();
var listener = new Listener();
var kresUpdater = new KresUpdater();
log.Info("Starting Knot-Resolver Updater");
kresUpdater.Start(listener);
//listener.Listen();
//log.Info("Starting Public HTTP Listener");
//var publiclistener = new PublicListener();
//publiclistener.Listen();
if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
{
var host = new WebHostBuilder()
.UseKestrel(options =>
{
options.Listen(IPAddress.Any, 443, listenOptions =>
listenOptions.UseHttps("sinkhole.pfx", "P@ssw0rd"));
options.Listen(IPAddress.Any, 80);
})
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup <Startup>()
.Build();
host.Run();
}
else
{
var host = new WebHostBuilder()
.UseKestrel(options =>
{
options.Listen(IPAddress.Any, 443, listenOptions =>
listenOptions.UseHttps("sinkhole.pfx", "P@ssw0rd"));
options.Listen(IPAddress.Any, 80);
})
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup <Startup>()
.Build();
host.Run();
}
}
public static void Main(string[] args)
{
//DatLoader.Load(@"c:\var\whalebone\data\57895c20-9a60-42f0-8564-306cb7b844a8.dat");
LoadLogConfig();
log.Info("Main");
log.Info("Init passive dns enricher");
var pe = new PassiveDNSEnricher();
pe.Listen();
log.Info("Init cache");
CacheLiveStorage.CoreCache = new Models.Cache();
CacheLiveStorage.CoreCache.CustomLists = new List <Models.CacheCustomList>();
CacheLiveStorage.CoreCache.Domains = new List <Models.CacheDomain>();
CacheLiveStorage.CoreCache.IPRanges = new List <Models.CacheIPRange>();
CacheLiveStorage.CoreCache.Policies = new List <Models.CachePolicy>();
CacheLiveStorage.UdpCache = new System.Collections.Concurrent.ConcurrentDictionary <string, Models.CacheIPRange>();
//log.Info("Run shell script");
//RunScriptIfExists();
//CoreClient.TestCoreCache(@"c:\var\whalebone\data\540_resolver_cache.bin", "seznam.cz");
log.Info("Starting UDP Server");
UdpServer.Listen();
log.Info("Starting CoreClient Updater");
CoreClient.Start();
var listener = new Listener();
var kresUpdater = new KresUpdater();
log.Info("Starting Knot-Resolver Updater");
kresUpdater.Start(listener);
//comment back in to enable custom API
log.Info("Starting custom API");
listener.Listen();
if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
{
var host = new WebHostBuilder()
.UseKestrel(options =>
{
options.Listen(IPAddress.Any, 443, listenOptions =>
listenOptions.UseHttps("sinkhole.pfx", "P@ssw0rd"));
options.Listen(IPAddress.Any, 80);
})
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup <Startup>()
.Build();
host.Run();
}
else
{
var host = new WebHostBuilder()
.UseKestrel(options =>
{
options.Listen(IPAddress.Any, 443, listenOptions =>
listenOptions.UseHttps("sinkhole.pfx", "P@ssw0rd"));
options.Listen(IPAddress.Any, 8080);
})
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup <Startup>()
.Build();
host.Run();
}
}