default local DNS caching name server
Przemek Klosowski
przemek.klosowski at nist.gov
Fri Apr 11 20:32:37 UTC 2014
On 04/11/2014 03:14 PM, P J P wrote:
>> On Saturday, 12 April 2014 12:40 AM, Bruno Wolff III wrote:
>> It looks like your proposal is going to break things for people using
>> some wifi hotspots.
> Why, how?
It's a hack designed to handle someone that just connected to the
network and opened a browser, say.
Instead of blocking access, one runs a fake DNS system that responds
with the captive portal's IP to every query.
The httpd service at that IP responds with an "enter your credentials to
get network access" page to all URLs.
An example of such fake DNS server is the following code resolving all
queries to 192.168.123.45
#!/usr/bin/perl
use Net::DNS::Nameserver;
use strict;
use warnings;
sub reply_handler {
my ($qname, $qclass, $qtype, $peerhost) = @_;
my ($rcode, @ans, @auth, @add);
if ($qtype eq "A") {
my ($ttl, $rdata) = (3600, "192.168.123.45");
push @ans, Net::DNS::RR->new("$qname $ttl $qclass $qtype $rdata");
$rcode = "NOERROR";
} else {
$rcode = "NXDOMAIN";
}
# mark the answer as authoritive (by setting the 'aa' flag
return ($rcode, \@ans, \@auth, \@add, { aa => 1 });
}
my $ns = Net::DNS::Nameserver->new(
LocalPort => 53,
ReplyHandler => \&reply_handler,
Verbose => 0,
);
if ($ns) {
$ns->main_loop;
} else {
die "couldn't create nameserver object\n";
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140411/9214050f/attachment.html>
More information about the devel
mailing list