ronin-dns-proxy 0.1.0.rc1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 57b933bc2cd538d5f366174c7916299fe16b1ab737badc4390895ba9565a8e3f
+  data.tar.gz: 1cb999659c757a4485f66c0bbcc6d18466b74fea15d2c122e7295fa8d5614fdc
+SHA512:
+  metadata.gz: caf2a62c37b77fae8f16278ce797bfb4355c373d316ca57f56e6e28fd3656f2e30b807241c5c6cd3eda487bcf451efa3ceb031a320f8e709f9412c5495fb7512
+  data.tar.gz: 2e1596eac004e8f7a9cbd30fba5e88f47fcac56a8418e7225b923e45c210e428680898cdf0065ed000862aa4cfb4f7449766e61ab38635c5f71ae161bd2b901b

data/.document

@@ -0,0 +1,4 @@
+lib/**/*.rb
+- 
+ChangeLog.md
+COPYING.txt

data/.github/workflows/ruby.yml

@@ -0,0 +1,46 @@
+name: CI
+
+on: [ push, pull_request ]
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - '3.0'
+          - '3.1'
+          - '3.2'
+          - '3.3'
+          - truffleruby
+    name: Ruby ${{ matrix.ruby }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      # - name: Install dependencies
+      #   run: |
+      #     sudo apt update -y && \
+      #     sudo apt install -y --no-install-recommends --no-install-suggests FIXME
+      - name: Install dependencies
+        run: bundle install --jobs 4 --retry 3
+      - name: Run tests
+        run: bundle exec rake test
+
+  # rubocop linting
+  rubocop:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.0
+      - name: Install dependencies
+        run: bundle install --jobs 4 --retry 3
+      - name: Run rubocop
+        run: bundle exec rubocop --parallel

data/.gitignore

@@ -0,0 +1,13 @@
+/coverage
+/doc
+/pkg
+/man/*.[1-9]
+/vendor/bundle
+/Gemfile.lock
+/.bundle
+/.yardoc
+.DS_Store
+*.db
+*.log
+*.swp
+*~

data/.rspec

@@ -0,0 +1 @@
+--colour --format documentation

data/.rubocop.yml

@@ -0,0 +1,14 @@
+AllCops:
+  NewCops: enable
+  SuggestExtensions: false
+  TargetRubyVersion: 3.1
+
+inherit_gem:
+  rubocop-ronin: rubocop.yml
+
+#
+# ronin-dns-proxy specific exceptions
+#
+Style/CaseEquality:
+  Exclude:
+    - 'lib/ronin/dns/proxy/rule.rb'

data/.ruby-version

@@ -0,0 +1 @@
+ruby-3.1

data/.yardopts

@@ -0,0 +1 @@
+--markup markdown --title 'Ronin::DNS::Proxy Documentation' --protected

data/COPYING.txt

@@ -0,0 +1,165 @@
+                   GNU LESSER GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+  This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+  0. Additional Definitions.
+
+  As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+  "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+  An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+  A "Combined Work" is a work produced by combining or linking an
+Application with the Library.  The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+  The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+  The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+  1. Exception to Section 3 of the GNU GPL.
+
+  You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+  2. Conveying Modified Versions.
+
+  If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+   a) under this License, provided that you make a good faith effort to
+   ensure that, in the event an Application does not supply the
+   function or data, the facility still operates, and performs
+   whatever part of its purpose remains meaningful, or
+
+   b) under the GNU GPL, with none of the additional permissions of
+   this License applicable to that copy.
+
+  3. Object Code Incorporating Material from Library Header Files.
+
+  The object code form of an Application may incorporate material from
+a header file that is part of the Library.  You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+   a) Give prominent notice with each copy of the object code that the
+   Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the object code with a copy of the GNU GPL and this license
+   document.
+
+  4. Combined Works.
+
+  You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+   a) Give prominent notice with each copy of the Combined Work that
+   the Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the Combined Work with a copy of the GNU GPL and this license
+   document.
+
+   c) For a Combined Work that displays copyright notices during
+   execution, include the copyright notice for the Library among
+   these notices, as well as a reference directing the user to the
+   copies of the GNU GPL and this license document.
+
+   d) Do one of the following:
+
+       0) Convey the Minimal Corresponding Source under the terms of this
+       License, and the Corresponding Application Code in a form
+       suitable for, and under terms that permit, the user to
+       recombine or relink the Application with a modified version of
+       the Linked Version to produce a modified Combined Work, in the
+       manner specified by section 6 of the GNU GPL for conveying
+       Corresponding Source.
+
+       1) Use a suitable shared library mechanism for linking with the
+       Library.  A suitable mechanism is one that (a) uses at run time
+       a copy of the Library already present on the user's computer
+       system, and (b) will operate properly with a modified version
+       of the Library that is interface-compatible with the Linked
+       Version.
+
+   e) Provide Installation Information, but only if you would otherwise
+   be required to provide such information under section 6 of the
+   GNU GPL, and only to the extent that such information is
+   necessary to install and execute a modified version of the
+   Combined Work produced by recombining or relinking the
+   Application with a modified version of the Linked Version. (If
+   you use option 4d0, the Installation Information must accompany
+   the Minimal Corresponding Source and Corresponding Application
+   Code. If you use option 4d1, you must provide the Installation
+   Information in the manner specified by section 6 of the GNU GPL
+   for conveying Corresponding Source.)
+
+  5. Combined Libraries.
+
+  You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+   a) Accompany the combined library with a copy of the same work based
+   on the Library, uncombined with any other library facilities,
+   conveyed under the terms of this License.
+
+   b) Give prominent notice with the combined library that part of it
+   is a work based on the Library, and explaining where to find the
+   accompanying uncombined form of the same work.
+
+  6. Revised Versions of the GNU Lesser General Public License.
+
+  The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+  Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+  If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.

data/ChangeLog.md

@@ -0,0 +1,8 @@
+### 0.1.0 / 2024-XX-XX
+
+* Initial release:
+  * Supports returning spoofed results to specific DNS queries.
+  * Supports matching queries with regular expressions.
+  * Supports dynamic DNS server rules.
+  * Passing through all other DNS queries.
+

data/Gemfile

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+gemspec
+
+# Ronin dependencies
+# gem 'ronin-support',  '~> 1.0', github: "ronin-rb/ronin-support",
+#                                 branch: '1.0.0'
+# gem 'ronin-core',     '~> 0.1', github: "ronin-rb/ronin-core",
+#                                 branch: 'main'
+
+group :development do
+  gem 'rake'
+  gem 'rubygems-tasks',   '~> 0.2'
+
+  gem 'rspec',            '~> 3.0'
+  gem 'simplecov',        '~> 0.20'
+
+  gem 'kramdown',         '~> 2.0'
+  gem 'kramdown-man',     '~> 0.1'
+
+  gem 'redcarpet',        platform: :mri
+  gem 'yard',             '~> 0.9'
+  gem 'yard-spellcheck',  require: false
+
+  gem 'dead_end',         require: false
+  gem 'sord',             require: false, platform: :mri
+  gem 'stackprof',        require: false, platform: :mri
+  gem 'rubocop',          require: false, platform: :mri
+  gem 'rubocop-ronin',    require: false, platform: :mri
+end

data/README.md

@@ -0,0 +1,118 @@
+# ronin-dns-proxy
+
+[![CI](https://github.com/ronin-rb/ronin-dns-proxy/actions/workflows/ruby.yml/badge.svg)](https://github.com/ronin-rb/ronin-dns-proxy/actions/workflows/ruby.yml)
+[![Code Climate](https://codeclimate.com/github/ronin-rb/ronin-dns-proxy.svg)](https://codeclimate.com/github/ronin-rb/ronin-dns-proxy)
+
+* [Website](https://ronin-rb.dev/)
+* [Source](https://github.com/ronin-rb/ronin-dns-proxy)
+* [Issues](https://github.com/ronin-rb/ronin-dns-proxy/issues)
+* [Documentation](https://ronin-rb.dev/docs/ronin-dns-proxy)
+* [Discord](https://discord.gg/6WAb3PsVX9) |
+  [Mastodon](https://infosec.exchange/@ronin_rb)
+
+## Description
+
+ronin-dns-proxy is a configurable DNS proxy server library. It supports
+returning spoofing DNS results or passing DNS queries through to the upstream
+DNS nameserver.
+
+## Features
+
+* Supports returning spoofed results to specific DNS queries.
+* Supports matching queries with regular expressions.
+* Supports dynamic DNS server rules.
+* Passing through all other DNS queries.
+* Has 95% documentation coverage.
+* Has 100% test coverage.
+
+## Examples
+
+```ruby
+require 'ronin/dns/proxy'
+
+Ronin::DNS::Proxy.run('127.0.0.1', 2346) do |server|
+  server.rule :A, 'example.com', '10.0.0.1'
+  server.rule :AAAA, 'example.com', 'dead:beef::1'
+
+  # return multiple values
+  server.rule :A, 'ftp.example.com', ['10.0.0.42', '10.0.0.43']
+
+  # match a query using a regex
+  server.rule :TXT, /^spf\./, "v=spf1 include:10.0.0.1 ~all"
+
+  # return an error for a valid hostname
+  server.rule :A, 'updates.example.com', :ServFail
+
+  # define a dynamic rule
+  server.rule(:CNAME, /^www\./) do |type,name,transaction|
+    # append '.hax' to the domain name
+    names = name.split('.').push('hax')
+
+    transaction.respond!(names)
+  end
+
+  # return MX records
+  server.rule(:MX, 'example.com') do |type,name,transaction|
+    transaction.respond!(10, Resolv::DNS::Name.create('email.evil.com' ))
+  end
+end
+```
+
+Then try running `host -p 2346 example.com 127.0.0.1` once the server is
+running.
+
+## Requirements
+
+* [Ruby] >= 3.0.0
+* [async-dns] ~> 1.0
+* [ronin-support] ~> 1.0
+
+## Install
+
+```shell
+$ gem install ronin-dns-proxy
+```
+
+### Gemfile
+
+```ruby
+gem 'ronin-dns-proxy', '~> 0.1'
+```
+
+### gemspec
+
+```ruby
+gem.add_dependency 'ronin-dns-proxy', '~> 0.1'
+```
+
+## Development
+
+1. [Fork It!](https://github.com/ronin-rb/ronin-dns-proxy/fork)
+2. Clone It!
+3. `cd ronin-dns-proxy/`
+4. `bundle install`
+5. `git checkout -b my_feature`
+6. Code It!
+7. `bundle exec rake spec`
+8. `git push origin my_feature`
+
+## License
+
+Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+
+ronin-dns-proxy is free software: you can redistribute it and/or modify
+it under the terms of the GNU Lesser General Public License as published
+by the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+ronin-dns-proxy is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU Lesser General Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with ronin-dns-proxy.  If not, see <https://www.gnu.org/licenses/>.
+
+[Ruby]: https://www.ruby-lang.org
+[async-dns]: https://github.com/socketry/async-dns#readme
+[ronin-support]: https://github.com/ronin-rb/ronin-support#readme

data/Rakefile

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+begin
+  require 'bundler'
+rescue LoadError => e
+  warn e.message
+  warn "Run `gem install bundler` to install Bundler"
+  exit(-1)
+end
+
+begin
+  Bundler.setup(:development)
+rescue Bundler::BundlerError => e
+  warn e.message
+  warn "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+
+require 'rake'
+
+require 'rubygems/tasks'
+Gem::Tasks.new(sign: {checksum: true, pgp: true})
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new
+task :test    => :spec
+task :default => :spec
+
+require 'yard'
+YARD::Rake::YardocTask.new
+task :docs => :yard
+
+require 'kramdown/man/task'
+Kramdown::Man::Task.new

data/examples/proxy.rb

@@ -0,0 +1,39 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'ronin/dns/proxy'
+
+puts "Try running `host -p 2346 example.com 127.0.0.1` once the server is running."
+puts
+
+begin
+  Ronin::DNS::Proxy.run('127.0.0.1', 2346) do |server|
+    server.add_rule :A, 'example.com', '10.0.0.1'
+    server.add_rule :AAAA, 'example.com', 'dead:beef::1'
+
+    # return multiple values
+    server.add_rule :A, 'ftp.example.com', ['10.0.0.42', '10.0.0.43']
+
+    # match a query using a regex
+    server.add_rule :TXT, /^spf\./, "v=spf1 include:10.0.0.1 ~all"
+
+    # return an error for a valid hostname
+    server.add_rule :A, 'updates.example.com', :ServFail
+
+    # define a dynamic rule
+    server.add_rule :CNAME, /^www\./, ->(type,name,transaction) {
+      # append '.hax' to the domain name
+      names = name.split('.').push('hax')
+
+      transaction.respond!(names)
+    }
+
+    # return MX records
+    server.add_rule :MX, 'example.com', ->(type,name,transaction) {
+      transaction.respond!(10, Resolv::DNS::Name.create('email.evil.com' ))
+    }
+  end
+rescue Interrupt
+  exit(127)
+end

data/gemspec.yml

@@ -0,0 +1,29 @@
+name: ronin-dns-proxy
+summary: A configurable DNS proxy server library.
+description: |
+  ronin-dns-proxy is a configurable DNS proxy server library. It supports
+  returning spoofing DNS results or passing DNS queries through to the upstream
+  DNS nameserver.
+
+license: LGPL-3.0
+authors: Postmodern
+email: postmodern.mod3@gmail.com
+homepage: https://ronin-rb.dev/
+has_yard: true
+
+metadata:
+  documentation_uri: https://ronin-rb.dev/docs/ronin-dns-proxy
+  source_code_uri:   https://github.com/ronin-rb/ronin-dns-proxy
+  bug_tracker_uri:   https://github.com/ronin-rb/ronin-dns-proxy/issues
+  changelog_uri:     https://github.com/ronin-rb/ronin-dns-proxy/blob/main/ChangeLog.md
+  rubygems_mfa_required: 'true'
+
+required_ruby_version: ">= 3.0.0"
+
+dependencies:
+  async-dns: ~> 1.0
+  # Ronin dependencies:
+  ronin-support: ~> 1.0
+
+development_dependencies:
+  bundler: ~> 2.0

data/lib/ronin/dns/proxy/rule.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+#
+# ronin-dns-proxy - A DNS server and proxy library.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-dns-proxy is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-dns-proxy is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-dns-proxy.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+module Ronin
+  module DNS
+    module Proxy
+      #
+      # Represents a DNS rule for the DNS {Server}.
+      #
+      # @api private
+      #
+      class Rule
+
+        # The record type to match.
+        #
+        # @return [:A, :AAAA, :ANY, :CNAME, :HINFO, :LOC, :MINFO, :MX, :NS, :PTR, :SOA, :SRV, :TXT, :WKS]
+        attr_reader :type
+
+        # The record name or regex to match.
+        #
+        # @return [String, Regexp]
+        attr_reader :name
+
+        # The result to return.
+        #
+        # @return [String, Array<String>, Symbol, #call]
+        attr_reader :result
+
+        #
+        # Initializes the DNS rule.
+        #
+        # @param [:A, :AAAA, :ANY, :CNAME, :HINFO, :LOC, :MINFO, :MX, :NS, :PTR, :SOA, :SRV, :TXT, :WKS] type
+        #   The rule's record type.
+        #
+        # @param [String, Regexp] name
+        #   The rule's name to match.
+        #
+        # @param [String, Array<String>, Symbol, #call] result
+        #   The result to return.
+        #
+        # @yield [type, name, transaction]
+        #   If no result argument is given, the given block will be passed the
+        #   DNS query's type, name, and transaction object.
+        #
+        # @yieldparam [Symbol] type
+        #   The query type.
+        #
+        # @yieldparam [String] name
+        #   The queried host name.
+        #
+        # @yieldparam [Async::DNS::Transaction] transaction
+        #   The DNS query transaction object.
+        #
+        # @raise [ArgumentError]
+        #   Must specify a `result` argument or a block.
+        #
+        def initialize(type,name,result=nil,&block)
+          unless (result || block)
+            raise(ArgumentError,"must specify a result value or a block")
+          end
+
+          @type   = type
+          @name   = name
+          @result = result || block
+        end
+
+        #
+        # Determines if the rule matches the query type and query name.
+        #
+        # @param [:A, :AAAA, :ANY, :CNAME, :HINFO, :LOC, :MINFO, :MX, :NS, :PTR, :SOA, :SRV, :TXT, :WKS] query_type
+        #   The query's type (ex: `:A`).
+        #
+        # @param [String] query_name
+        #   The query's name (ex: 'www.example.com').
+        #
+        # @return [Boolean]
+        #   Indicates whether the rule matches the query.
+        #
+        def matches?(query_type,query_name)
+          (@type == query_type) && (@name === query_name)
+        end
+
+        #
+        # Invokes the rule with the given query type, query name, and DNS
+        # transaction object.
+        #
+        # @param [:A, :AAAA, :ANY, :CNAME, :HINFO, :LOC, :MINFO, :MX, :NS, :PTR, :SOA, :SRV, :TXT, :WKS] query_type
+        #   The query's type (ex: `:A`).
+        #
+        # @param [String] query_name
+        #   The query's name (ex: 'www.example.com').
+        #
+        # @return [Async::DNS::Transaction] transaction
+        #   The DNS query transaction.
+        #
+        def call(query_type,query_name,transaction)
+          if @result.respond_to?(:call)
+            @result.call(query_type,query_name,transaction)
+          elsif @result.kind_of?(Symbol)
+            transaction.fail!(@result)
+          elsif @result
+            transaction.respond!(@result)
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/dns/proxy/server.rb

@@ -0,0 +1,226 @@
+# frozen_string_literal: true
+#
+# ronin-dns-proxy - A DNS server and proxy library.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-dns-proxy is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-dns-proxy is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-dns-proxy.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/dns/proxy/rule'
+require 'ronin/support/network/dns'
+
+require 'async/dns'
+
+module Ronin
+  module DNS
+    module Proxy
+      #
+      # A rule based DNS proxy server.
+      #
+      class Server < Async::DNS::Server
+
+        # The host the server will listen on.
+        #
+        # @return [String]
+        attr_reader :host
+
+        # The port the server will listen on.
+        #
+        # @return [Integer]
+        attr_reader :port
+
+        # The upstream DNS resolver.
+        #
+        # @return [Async::DNS::Resolver]
+        #
+        # @api private
+        attr_reader :resolver
+
+        # The defined rules for the proxy server.
+        #
+        # @return [Array<Rule>]
+        #
+        # @api private
+        attr_reader :rules
+
+        #
+        # Initializes the DNS server.
+        #
+        # @param [String] host
+        #   The interface to listen on.
+        #
+        # @param [Integer] port
+        #   The local port to listen on.
+        #
+        # @param [Array<String>] nameservers
+        #   The upstream DNS server(s) to pass queries to.
+        #
+        # @param [Array<(Symbol, String, String), (Symbol, Regexp, String), (Symbol, Regexp, Proc)>] rules
+        #   Optional rules to populate the server with.
+        #
+        # @yield [server]
+        #   If a block is given, it will be passed the newly created server.
+        #
+        # @example Initializes a new DNS proxy server:
+        #   server = Ronin::DNS::Proxy.new('127.0.0.1', 2346)
+        #   server.rule :A, 'example.com', '10.0.0.1'
+        #   server.rule :AAAA, 'example.com', 'dead:beef::1'
+        #
+        # @example Initializing a new DNS proxy server with a block:
+        #   server = Ronin::DNS::Proxy.new('127.0.0.1', 2346) do |server|
+        #     server.rule :A, 'example.com', '10.0.0.1'
+        #     server.rule :AAAA, 'example.com', 'dead:beef::1'
+        #   end
+        #
+        # @api public
+        #
+        def initialize(host,port, nameservers: Ronin::Support::Network::DNS.nameservers,
+                                  rules: nil)
+          @host = host
+          @port = port
+
+          super([[:udp, host, port]])
+
+          @resolver = Async::DNS::Resolver.new(
+            nameservers.map { |ip| [:udp, ip, 53] }
+          )
+
+          @rules = []
+
+          if rules
+            rules.each do |(record_type,name,result)|
+              rule(record_type,name,result)
+            end
+          end
+
+          yield self if block_given?
+        end
+
+        #
+        # Adds a rule to the server.
+        #
+        # @param [:A, :AAAA, :ANY, :CNAME, :HINFO, :LOC, :MINFO, :MX, :NS, :PTR, :SOA, :SRV, :TXT, :WKS] record_type
+        #   The record type that the rule will match against.
+        #
+        # @param [String, Regexp] name
+        #   The record name that the rule will match against.
+        #
+        # @param [String, Array<String>, Symbol, #call] result
+        #   The result to respond with. It can be a String, or an Array of
+        #   Strings, or an error code:
+        #
+        #   * `:NoError` - No error occurred.
+        #   * `:FormErr` - The incoming data was not formatted correctly.
+        #   * `:ServFail` - The operation caused a server failure (internal error, etc).
+        #   * `:NXDomain` - Non-eXistant Domain (domain record does not exist).
+        #   * `:NotImp` - The operation requested is not implemented.
+        #   * `:Refused` - The operation was refused by the server.
+        #   * `:NotAuth` - The server is not authoritive for the zone.
+        #
+        # @yield [type, name, transaction]
+        #   If no result argument is given, the given block will be passed the
+        #   DNS query's type, name, and transaction object.
+        #
+        # @yieldparam [Symbol] type
+        #   The query type.
+        #
+        # @yieldparam [String] name
+        #   The queried host name.
+        #
+        # @yieldparam [Async::DNS::Transaction] transaction
+        #   The DNS query transaction object.
+        #
+        # @example override the IP address for a domain:
+        #   server.rule :A, 'example.com', '10.0.0.42'
+        #
+        # @example return multiple IP addresses:
+        #   server.rule :A, 'example.com', ['10.0.0.42', '10.0.0.43']
+        #
+        # @example return an error for the given hostname:
+        #   server.rule :A, 'updates.example.com', :ServFail
+        #
+        # @example match a query using a regex:
+        #   server.rule :TXT, /^spf\./, "v=spf1 include:10.0.0.1 ~all"
+        #
+        # @example define a dynamic rule:
+        #   server.rule(:CNAME, /^www\./) do |type,name,transaction|
+        #     # append '.hax' to the domain name
+        #     names = name.split('.').push('hax')
+        #
+        #     transaction.respond!(names)
+        #   end
+        #
+        # @api public
+        #
+        def rule(record_type,name,result=nil,&block)
+          unless (result || block)
+            raise(ArgumentError,"must specify a result value or a block")
+          end
+
+          @rules << Rule.new(record_type,name,result,&block)
+        end
+
+        # Mapping of Resolv resource classes to Symbols.
+        #
+        # @api private
+        RECORD_TYPES = {
+          Resolv::DNS::Resource::IN::A     => :A,
+          Resolv::DNS::Resource::IN::AAAA  => :AAAA,
+          Resolv::DNS::Resource::IN::ANY   => :ANY,
+          Resolv::DNS::Resource::IN::CNAME => :CNAME,
+          Resolv::DNS::Resource::IN::HINFO => :HINFO,
+          Resolv::DNS::Resource::IN::LOC   => :LOC,
+          Resolv::DNS::Resource::IN::MINFO => :MINFO,
+          Resolv::DNS::Resource::IN::MX    => :MX,
+          Resolv::DNS::Resource::IN::NS    => :NS,
+          Resolv::DNS::Resource::IN::PTR   => :PTR,
+          Resolv::DNS::Resource::IN::SOA   => :SOA,
+          Resolv::DNS::Resource::IN::SRV   => :SRV,
+          Resolv::DNS::Resource::IN::TXT   => :TXT,
+          Resolv::DNS::Resource::IN::WKS   => :WKS
+        }
+
+        #
+        # Processes a received query.
+        #
+        # @param [String] name
+        #   The query value (ex: `www.example.com`).
+        #
+        # @param [Class<Resolv::DNS::Resource>] resource_class
+        #   The resource class (ex: `Resolv::DNS::Resource::IN::A`).
+        #
+        # @param [Async::DNS::Transaction] transaction
+        #   The DNS transaction object.
+        #
+        # @api private
+        #
+        def process(name,resource_class,transaction)
+          query_type = RECORD_TYPES.fetch(resource_class)
+
+          matched_rule = @rules.find do |rule|
+            rule.matches?(query_type,name)
+          end
+
+          if matched_rule
+            matched_rule.call(query_type,name,transaction)
+          else
+            transaction.passthrough!(@resolver)
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/dns/proxy/version.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+#
+# ronin-dns-proxy - A DNS server and proxy library.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-dns-proxy is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-dns-proxy is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-dns-proxy.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+module Ronin
+  module DNS
+    module Proxy
+      # ronin-dns-proxy version
+      VERSION = '0.1.0.rc1'
+    end
+  end
+end

data/lib/ronin/dns/proxy.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+#
+# ronin-dns-proxy - A DNS server and proxy library.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-dns-proxy is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-dns-proxy is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-dns-proxy.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/dns/proxy/server'
+
+module Ronin
+  module DNS
+    #
+    # Namespace for `ronin-dns-proxy`.
+    #
+    module Proxy
+      #
+      # Starts a new DNS proxy listening on the given host and port.
+      #
+      # @param [String] host
+      #   The interface to listen on.
+      #
+      # @param [Integer] port
+      #   The local port to listen on.
+      #
+      # @param [Hash{Symbol => Object}] kwargs
+      #   Additional keyword arguments for {Server#initialize}.
+      #
+      # @option kwargs [Array<String>] :nameservers (Ronin::Support::Network::DNS.nameservers)
+      #   The upstream DNS server(s) to pass queries to.
+      #
+      # @option kwargs [Array<(Symbol, String, String), (Symbol, Regexp, String), (Symbol, Regexp, Proc)>] rules
+      #   Optional rules to populate the server with.
+      #
+      # @yield [server]
+      #   If a block is given, it will be passed the newly created DNS proxy
+      #   server object.
+      #
+      # @yieldparam [Server] server
+      #   The newly created DNS proxy server.
+      #
+      # @example
+      #   require 'ronin/dns/proxy'
+      #
+      #   Ronin::DNS::Proxy.run('127.0.0.1', 2346) do |server|
+      #     server.rule :A, 'example.com', '10.0.0.1'
+      #     server.rule :AAAA, 'example.com', 'dead:beef::1'
+      #   end
+      #
+      def self.run(host,port,**kwargs,&block)
+        server = Server.new(host,port,**kwargs,&block)
+        server.run
+      end
+    end
+  end
+end

data/ronin-dns-proxy.gemspec

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+Gem::Specification.new do |gem|
+  gemspec = YAML.load_file('gemspec.yml')
+
+  gem.name    = gemspec.fetch('name')
+  gem.version = gemspec.fetch('version') do
+                  lib_dir = File.join(File.dirname(__FILE__),'lib')
+                  $LOAD_PATH << lib_dir unless $LOAD_PATH.include?(lib_dir)
+
+                  require 'ronin/dns/proxy/version'
+                  Ronin::DNS::Proxy::VERSION
+                end
+
+  gem.summary     = gemspec['summary']
+  gem.description = gemspec['description']
+  gem.licenses    = Array(gemspec['license'])
+  gem.authors     = Array(gemspec['authors'])
+  gem.email       = gemspec['email']
+  gem.homepage    = gemspec['homepage']
+  gem.metadata    = gemspec['metadata'] if gemspec['metadata']
+
+  glob = ->(patterns) { gem.files & Dir[*patterns] }
+
+  gem.files  = `git ls-files`.split($/)
+  gem.files  = glob[gemspec['files']] if gemspec['files']
+  gem.files += Array(gemspec['generated_files'])
+  # exclude test files from the packages gem
+  gem.files -= glob[gemspec['test_files'] || 'spec/{**/}*']
+
+  gem.executables = gemspec.fetch('executables') do
+    glob['bin/*'].map { |path| File.basename(path) }
+  end
+
+  gem.extensions       = glob[gemspec['extensions'] || 'ext/**/extconf.rb']
+  gem.extra_rdoc_files = glob[gemspec['extra_doc_files'] || '*.{txt,md}']
+
+  gem.require_paths = Array(gemspec.fetch('require_paths') {
+    %w[ext lib].select { |dir| File.directory?(dir) }
+  })
+
+  gem.requirements              = gemspec['requirements']
+  gem.required_ruby_version     = gemspec['required_ruby_version']
+  gem.required_rubygems_version = gemspec['required_rubygems_version']
+  gem.post_install_message      = gemspec['post_install_message']
+
+  split = ->(string) { string.split(/,\s*/) }
+
+  if gemspec['dependencies']
+    gemspec['dependencies'].each do |name,versions|
+      gem.add_dependency(name,split[versions])
+    end
+  end
+
+  if gemspec['development_dependencies']
+    gemspec['development_dependencies'].each do |name,versions|
+      gem.add_development_dependency(name,split[versions])
+    end
+  end
+end

metadata

@@ -0,0 +1,114 @@
+--- !ruby/object:Gem::Specification
+name: ronin-dns-proxy
+version: !ruby/object:Gem::Version
+  version: 0.1.0.rc1
+platform: ruby
+authors:
+- Postmodern
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2024-06-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: async-dns
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: ronin-support
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description: |
+  ronin-dns-proxy is a configurable DNS proxy server library. It supports
+  returning spoofing DNS results or passing DNS queries through to the upstream
+  DNS nameserver.
+email: postmodern.mod3@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- COPYING.txt
+- ChangeLog.md
+- README.md
+files:
+- ".document"
+- ".github/workflows/ruby.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".ruby-version"
+- ".yardopts"
+- COPYING.txt
+- ChangeLog.md
+- Gemfile
+- README.md
+- Rakefile
+- examples/proxy.rb
+- gemspec.yml
+- lib/ronin/dns/proxy.rb
+- lib/ronin/dns/proxy/rule.rb
+- lib/ronin/dns/proxy/server.rb
+- lib/ronin/dns/proxy/version.rb
+- ronin-dns-proxy.gemspec
+homepage: https://ronin-rb.dev/
+licenses:
+- LGPL-3.0
+metadata:
+  documentation_uri: https://ronin-rb.dev/docs/ronin-dns-proxy
+  source_code_uri: https://github.com/ronin-rb/ronin-dns-proxy
+  bug_tracker_uri: https://github.com/ronin-rb/ronin-dns-proxy/issues
+  changelog_uri: https://github.com/ronin-rb/ronin-dns-proxy/blob/main/ChangeLog.md
+  rubygems_mfa_required: 'true'
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.0.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.27
+signing_key:
+specification_version: 4
+summary: A configurable DNS proxy server library.
+test_files: []