The Net::DNS::Resolver class implements a complete DNS resolver written in pure Ruby, without a single C line of code. It has all of the tipical properties of an evoluted resolver, and a bit of OO which comes from having used Ruby.
This project started as a porting of the Net::DNS Perl module, written by Martin Fuhr, but turned out (in the last months) to be an almost complete rewriting. Well, maybe some of the features of the Perl version are still missing, but guys, at least this is readable code!
The Following Environment variables can also be used to configure the resolver:
RES_NAMESERVERS: A space-separated list of nameservers to query.
# Bourne Shell $ RES_NAMESERVERS="192.168.1.1 192.168.2.2 192.168.3.3" $ export RES_NAMESERVERS # C Shell % setenv RES_NAMESERVERS "192.168.1.1 192.168.2.2 192.168.3.3"
RES_SEARCHLIST: A space-separated list of domains to put in the search list.
# Bourne Shell $ RES_SEARCHLIST="example.com sub1.example.com sub2.example.com" $ export RES_SEARCHLIST # C Shell % setenv RES_SEARCHLIST "example.com sub1.example.com sub2.example.com"
LOCALDOMAIN: The default domain.
# Bourne Shell $ LOCALDOMAIN=example.com $ export LOCALDOMAIN # C Shell % setenv LOCALDOMAIN example.com
RES_OPTIONS: A space-separated list of resolver options to set. Options that take values are specified as option:value.
# Bourne Shell $ RES_OPTIONS="retrans:3 retry:2 debug" $ export RES_OPTIONS # C Shell % setenv RES_OPTIONS "retrans:3 retry:2 debug"
Creates a new resolver object.
Argument config can either be empty or be an hash with some configuration parameters. To know what each parameter do, look at the description of each. Some example:
# Use the sistem defaults res = Net::DNS::Resolver.new # Specify a configuration file res = Net::DNS::Resolver.new(:config_file => '/my/dns.conf') # Set some option res = Net::DNS::Resolver.new(:nameservers => "172.16.1.1", :recursive => false, :retry => 10)
Net::DNS::Resolver uses a config file to read the usual values a resolver needs, such as nameserver list and domain names. On UNIX systems the defaults are read from the following files, in the order indicated:
/etc/resolv.conf
$HOME/.resolv.conf
./.resolv.conf
The following keywords are recognized in resolver configuration files:
domain: the default domain.
search: a space-separated list of domains to put in the search list.
nameserver: a space-separated list of nameservers to query.
Files except for /etc/resolv.conf must be owned by the effective userid running the program or they won't be read. In addition, several environment variables can also contain configuration information; see Environment in the main description for Resolver class.
On Windows Systems, an attempt is made to determine the system defaults using the registry. This is still a work in progress; systems with many dynamically configured network interfaces may confuse Net::DNS.
You can include a configuration file of your own when creating a resolver object:
# Use my own configuration file my $res = Net::DNS::Resolver->new(config_file => '/my/dns.conf');
This is supported on both UNIX and Windows. Values pulled from a custom configuration file override the the system's defaults, but can still be overridden by the other arguments to Resolver::new.
Explicit arguments to Resolver::new override both the system's defaults and the values of the custom configuration file, if any.
The following arguments to Resolver::new are supported:
nameservers: an array reference of nameservers to query.
searchlist: an array reference of domains.
recurse
debug
domain
port
srcaddr
srcport
retrans
retry
usevc
stayopen
igntc
defnames
dnsrch
persistent_tcp
persistent_udp
dnssec
For more information on any of these options, please consult the method of the same name.
Part of the above documentation is taken from the one in the Net::DNS::Resolver Perl module.
# File lib/net/dns/resolver.rb, line 239 def initialize(config = {}) raise ArgumentError, "Expected `config' to be a Hash" unless config.is_a?(Hash) # config.downcase_keys! @config = Defaults.merge config @raw = false # New logger facility @logger = Logger.new(@config[:log_file]) @logger.level = $DEBUG ? Logger::DEBUG : Logger::WARN #------------------------------------------------------------ # Resolver configuration will be set in order from: # 1) initialize arguments # 2) ENV variables # 3) config file # 4) defaults (and /etc/resolv.conf for config) #------------------------------------------------------------ #------------------------------------------------------------ # Parsing config file #------------------------------------------------------------ parse_config_file #------------------------------------------------------------ # Parsing ENV variables #------------------------------------------------------------ parse_environment_variables #------------------------------------------------------------ # Parsing arguments #------------------------------------------------------------ config.each do |key,val| next if key == :log_file or key == :config_file begin eval "self.#{key.to_s} = val" rescue NoMethodError raise ArgumentError, "Option #{key} not valid" end end end
Returns true if running on a Windows platform.
Note. This method doesn't rely on the RUBY_PLATFORM constant because the comparison will fail when running on JRuby. On JRuby RUBY_PLATFORM == 'java'.
# File lib/net/dns/resolver.rb, line 142 def platform_windows? !!(C["host_os"] =~ /msdos|mswin|djgpp|mingw/) end
Performs a zone transfer for the zone passed as a parameter.
It is actually only a wrapper to a send with type set as Net::DNS::AXFR, since it is using the same infrastucture.
# File lib/net/dns/resolver.rb, line 1036 def axfr(name, cls = Net::DNS::IN) @logger.info "Requested AXFR transfer, zone #{name} class #{cls}" query(name, Net::DNS::AXFR, cls) end
Set the flag defname in a boolean state. if defname is true, calls to Resolver#query will append the default domain to names that contain no dots. Example:
# Domain example.com res.defname = true res.query("machine1") #=> This will perform a query for machine1.example.com
Default is true.
# File lib/net/dns/resolver.rb, line 634 def defname=(bool) case bool when TrueClass,FalseClass @config[:defname] = bool @logger.info("Defname state changed to #{bool}") else raise ArgumentError, "Argument must be boolean" end end
Checks whether the defname flag has been activate.
# File lib/net/dns/resolver.rb, line 617 def defname? @config[:defname] end
Get the state of the dns_search flag.
# File lib/net/dns/resolver.rb, line 645 def dns_search @config[:dns_search] end
Set the flag dns_search in a boolean state. If dns_search is true, when using the Resolver#search method will be applied the search list. Default is true.
# File lib/net/dns/resolver.rb, line 653 def dns_search=(bool) case bool when TrueClass,FalseClass @config[:dns_search] = bool @logger.info("DNS search state changed to #{bool}") else raise ArgumentError, "Argument must be boolean" end end
Return a string with the default domain.
# File lib/net/dns/resolver.rb, line 381 def domain @config[:domain].inspect end
Set the domain for the query.
# File lib/net/dns/resolver.rb, line 386 def domain=(name) @config[:domain] = name if valid? name end
# File lib/net/dns/resolver.rb, line 698 def ignore_truncated=(bool) case bool when TrueClass,FalseClass @config[:ignore_truncated] = bool @logger.info("Ignore truncated flag changed to #{bool}") else raise ArgumentError, "Argument must be boolean" end end
# File lib/net/dns/resolver.rb, line 693 def ignore_truncated? @config[:ignore_truncated] end
Set a new log file for the logger facility of the resolver class. Could be a file descriptor too:
res.log_file = $stderr
Note that a new logging facility will be create, destroing the old one, which will then be impossibile to recover.
# File lib/net/dns/resolver.rb, line 785 def log_file=(log) @logger.close @config[:log_file] = log @logger = Logger.new(@config[:log_file]) @logger.level = $DEBUG ? Logger::DEBUG : Logger::WARN end
Set the log level for the built-in logging facility.
The log level can be one of the following:
+Net::DNS::DEBUG+
+Net::DNS::INFO+
+Net::DNS::WARN+
+Net::DNS::ERROR+
+Net::DNS::FATAL+
Note that if the global variable $DEBUG is set (like when the -d switch is used at the command line) the logger level is automatically set at DEGUB.
For further informations, see Logger documentation in the Ruby standard library.
# File lib/net/dns/resolver.rb, line 835 def log_level=(level) @logger.level = level end
This one permits to have a personal logger facility to handle resolver messages, instead of new built-in one, which is set up for a +$stdout+ (or +$stderr+) use.
If you want your own logging facility you can create a new instance of the Logger class:
log = Logger.new("/tmp/resolver.log","weekly",2*1024*1024) log.level = Logger::DEBUG log.progname = "ruby_resolver"
and then pass it to the resolver:
res.logger = log
Note that this will destroy the precedent logger.
# File lib/net/dns/resolver.rb, line 809 def logger=(logger) if logger.kind_of? Logger @logger.close @logger = logger else raise ArgumentError, "Argument must be an instance of Logger class" end end
Performs an MX query for the domain name passed as parameter.
It actually uses the same methods a normal Resolver query would use, but automatically sort the results based on preferences and returns an ordered array.
res = Net::DNS::Resolver.new res.mx("google.com")
# File lib/net/dns/resolver.rb, line 1050 def mx(name, cls = Net::DNS::IN) arr = [] query(name, Net::DNS::MX, cls).answer.each do |entry| arr << entry if entry.type == 'MX' end arr.sort_by { |a| a.preference } end
Get the list of resolver nameservers, in a dotted decimal format-
res.nameservers #=> ["192.168.0.1","192.168.0.2"]
# File lib/net/dns/resolver.rb, line 324 def nameservers @config[:nameservers].map(&:to_s) end
Set the list of resolver nameservers. arg can be a single ip address or an array of addresses.
res.nameservers = "192.168.0.1" res.nameservers = ["192.168.0.1","192.168.0.2"]
If you want you can specify the addresses as IPAddr instances.
ip = IPAddr.new("192.168.0.3") res.nameservers << ip #=> ["192.168.0.1","192.168.0.2","192.168.0.3"]
The default is 127.0.0.1 (localhost)
# File lib/net/dns/resolver.rb, line 344 def nameservers=(arg) case arg when String begin @config[:nameservers] = [IPAddr.new(arg)] @logger.info "Nameservers list changed to value #{@config[:nameservers].inspect}" rescue ArgumentError # arg is in the name form, not IP nameservers_from_name(arg) end when IPAddr @config[:nameservers] = [arg] @logger.info "Nameservers list changed to value #{@config[:nameservers].inspect}" when Array @config[:nameservers] = [] arg.each do |x| @config[:nameservers] << case x when String begin IPAddr.new(x) rescue ArgumentError nameservers_from_name(arg) return end when IPAddr x else raise ArgumentError, "Wrong argument format" end end @logger.info "Nameservers list changed to value #{@config[:nameservers].inspect}" else raise ArgumentError, "Wrong argument format, neither String, Array nor IPAddr" end end
Return the defined size of the packet.
# File lib/net/dns/resolver.rb, line 391 def packet_size @config[:packet_size] end
Get the port number to which the resolver sends queries.
puts "Sending queries to port #{res.port}"
# File lib/net/dns/resolver.rb, line 399 def port @config[:port] end
Set the port number to which the resolver sends queries. This can be useful for testing a nameserver running on a non-standard port.
res.port = 10053
The default is port 53.
# File lib/net/dns/resolver.rb, line 410 def port=(num) if (0..65535).include? num @config[:port] = num @logger.info "Port number changed to #{num}" else raise ArgumentError, "Wrong port number #{num}" end end
Performs a DNS query for the given name; the search list is not applied. If the name doesn't contain any dots and defname is true then the default domain will be appended.
The record type and class can be omitted; they default to A and IN. If the name looks like an IP address (IPv4 or IPv6), then an appropriate PTR query will be performed.
packet = res.query('mailhost') packet = res.query('mailhost.example.com') packet = res.query('example.com', Net::DNS::MX) packet = res.query('user.passwd.example.com', Net::DNS::TXT, Net::DNS::HS)
If the name is an IP address (Ipv4 or IPv6), in the form of a string or a IPAddr object, then an appropriate PTR query will be performed:
ip = IPAddr.new("172.16.100.2") packet = res.query(ip) packet = res.query("192.168.10.254")
Returns a Net::DNS::Packet object. If you need to examine the response packet whether it contains any answers or not, use the Resolver#query method instead.
# File lib/net/dns/resolver.rb, line 915 def query(name,type=Net::DNS::A,cls=Net::DNS::IN) return send(name,type,cls) if name.class == IPAddr # If the name doesn't contain any dots then append the default domain. if name !~ /\./ and name !~ /:/ and @config[:defname] name += "." + @config[:domain] end @logger.debug "Query(#{name},#{Net::DNS::RR::Types.new(type)},#{Net::DNS::RR::Classes.new(cls)})" send(name,type,cls) end
Sets whether or not the resolver should perform recursive queries. Default is true.
res.recursive = false # perform non-recursive query
# File lib/net/dns/resolver.rb, line 582 def recursive=(bool) case bool when TrueClass,FalseClass @config[:recursive] = bool @logger.info("Recursive state changed to #{bool}") else raise ArgumentError, "Argument must be boolean" end end
This method will return true if the resolver is configured to perform recursive queries.
print "The resolver will perform a " print res.recursive? ? "" : "not " puts "recursive query"
# File lib/net/dns/resolver.rb, line 571 def recursive? @config[:recursive] end
Return the retrasmission interval (in seconds) the resolvers has been set on.
# File lib/net/dns/resolver.rb, line 528 def retry_interval @config[:retry_interval] end
Set the retrasmission interval in seconds. Default 5 seconds.
# File lib/net/dns/resolver.rb, line 534 def retry_interval=(num) if num > 0 @config[:retry_interval] = num @logger.info "Retransmission interval changed to #{num} seconds" else raise ArgumentError, "Interval must be positive" end end
The number of times the resolver will try a query.
puts "Will try a max of #{res.retry_number} queries"
# File lib/net/dns/resolver.rb, line 548 def retry_number @config[:retry_number] end
Set the number of times the resolver will try a query. Default 4 times.
# File lib/net/dns/resolver.rb, line 554 def retry_number=(num) if num.kind_of? Integer and num > 0 @config[:retry_number] = num @logger.info "Retrasmissions number changed to #{num}" else raise ArgumentError, "Retry value must be a positive integer" end end
Performs a DNS query for the given name, applying the searchlist if appropriate. The search algorithm is as follows:
If the name contains at least one dot, try it as is.
If the name doesn't end in a dot then append each item in the search list to the name. This is only done if dns_search is true.
If the name doesn't contain any dots, try it as is.
The record type and class can be omitted; they default to A and IN.
packet = res.search('mailhost') packet = res.search('mailhost.example.com') packet = res.search('example.com', Net::DNS::MX) packet = res.search('user.passwd.example.com', Net::DNS::TXT, Net::DNS::HS)
If the name is an IP address (Ipv4 or IPv6), in the form of a string or a IPAddr object, then an appropriate PTR query will be performed:
ip = IPAddr.new("172.16.100.2") packet = res.search(ip) packet = res.search("192.168.10.254")
Returns a Net::DNS::Packet object. If you need to examine the response packet whether it contains any answers or not, use the Resolver#query method instead.
# File lib/net/dns/resolver.rb, line 864 def search(name,type=Net::DNS::A,cls=Net::DNS::IN) return query(name,type,cls) if name.class == IPAddr # If the name contains at least one dot then try it as is first. if name.include? "." @logger.debug "Search(#{name},#{Net::DNS::RR::Types.new(type)},#{Net::DNS::RR::Classes.new(cls)})" ans = query(name,type,cls) return ans if ans.header.anCount > 0 end # If the name doesn't end in a dot then apply the search list. if name !~ /\.$/ and @config[:dns_search] @config[:searchlist].each do |domain| newname = name + "." + domain @logger.debug "Search(#{newname},#{Net::DNS::RR::Types.new(type)},#{Net::DNS::RR::Classes.new(cls)})" ans = query(newname,type,cls) return ans if ans.header.anCount > 0 end end # Finally, if the name has no dots then try it as is. @logger.debug "Search(#{name},#{Net::DNS::RR::Types.new(type)},#{Net::DNS::RR::Classes.new(cls)})" query(name+".",type,cls) end
Get the resolver search list, returned as an array of entries.
res.searchlist #=> ["example.com","a.example.com","b.example.com"]
# File lib/net/dns/resolver.rb, line 288 def searchlist @config[:searchlist].inspect end
Set the resolver searchlist. arg can be a single string or an array of strings.
res.searchstring = "example.com" res.searchstring = ["example.com","a.example.com","b.example.com"]
Note that you can also append a new name to the searchlist.
res.searchlist << "c.example.com" res.searchlist #=> ["example.com","a.example.com","b.example.com","c.example.com"]
The default is an empty array.
# File lib/net/dns/resolver.rb, line 306 def searchlist=(arg) case arg when String @config[:searchlist] = [arg] if valid? arg @logger.info "Searchlist changed to value #{@config[:searchlist].inspect}" when Array @config[:searchlist] = arg if arg.all? {|x| valid? x} @logger.info "Searchlist changed to value #{@config[:searchlist].inspect}" else raise ArgumentError, "Wrong argument format, neither String nor Array" end end
Get the local address from which the resolver sends queries
puts "Sending queries using source address #{res.source_address}"
# File lib/net/dns/resolver.rb, line 455 def source_address @config[:source_address].to_s end
Set the local source address from which the resolver sends its queries.
res.source_address = "172.16.100.1" res.source_address = IPAddr.new("172.16.100.1")
You can specify arg as either a string containing the ip address or an instance of IPAddr class.
Normally this can be used to force queries out a specific interface on a multi-homed host. In this case, you should of course need to know the addresses of the interfaces.
Another way to use this option is for some kind of spoofing attacks towards weak nameservers, to probe the security of your network. This includes specifing ranged attacks such as DoS and others. For a paper on DNS security, checks www.marcoceresa.com/security/
Note that if you want to set a non-binded source address you need root priviledges, as raw sockets will be used to generate packets. The class will then generate an exception if you're not root.
The default is 0.0.0.0, meaning any local address (chosen on routing needs).
# File lib/net/dns/resolver.rb, line 489 def source_address=(addr) unless addr.respond_to? :to_s raise ArgumentError, "Wrong address argument #{addr}" end begin port = rand(64000)+1024 @logger.warn "Try to determine state of source address #{addr} with port #{port}" a = TCPServer.new(addr.to_s,port) rescue SystemCallError => e case e.errno when 98 # Port already in use! @logger.warn "Port already in use" retry when 99 # Address is not valid: raw socket @raw = true @logger.warn "Using raw sockets" else raise SystemCallError, e end ensure a.close end case addr when String @config[:source_address] = IPAddr.new(string) @logger.info "Using new source address: #{@config[:source_address]}" when IPAddr @config[:source_address] = addr @logger.info "Using new source address: #{@config[:source_address]}" else raise ArgumentError, "Unknown dest_address format" end end
Get the local ipv6 address from which the resolver sends queries
# File lib/net/dns/resolver.rb, line 462 def source_address_inet6 @config[:source_address_inet6].to_s end
Get the value of the source port number.
puts "Sending queries using port #{res.source_port}"
# File lib/net/dns/resolver.rb, line 423 def source_port @config[:source_port] end
Set the local source port from which the resolver sends its queries.
res.source_port = 40000
Note that if you want to set a port you need root priviledges, as raw sockets will be used to generate packets. The class will then generate the exception ResolverPermissionError if you're not root.
The default is 0, which means that the port will be chosen by the underlaying layers.
# File lib/net/dns/resolver.rb, line 439 def source_port=(num) unless root? raise ResolverPermissionError, "Are you root?" end if (0..65535).include?(num) @config[:source_port] = num else raise ArgumentError, "Wrong port number #{num}" end end
Return a string representing the resolver state, suitable for printing on the screen.
puts "Resolver state:" puts res.state
# File lib/net/dns/resolver.rb, line 599 def state str = ";; RESOLVER state:\n;; " i = 1 @config.each do |key,val| if key == :log_file or key == :config_file str << "#{key}: #{val} \t" else str << "#{key}: #{eval(key.to_s)} \t" end str << "\n;; " if i % 2 == 0 i += 1 end str end
Return an object representing the value of the stored TCP timeout the resolver will use in is queries. This object is an instance of the class TcpTimeout, and two methods are available for printing informations: TcpTimeout#to_s and TcpTimeout#pretty_to_s.
Here's some example:
puts "Timeout of #{res.tcp_timeout} seconds" # implicit to_s #=> Timeout of 150 seconds puts "You set a timeout of " + res.tcp_timeout.pretty_to_s #=> You set a timeout of 2 minutes and 30 seconds
If the timeout is infinite, a string "infinite" will be returned.
# File lib/net/dns/resolver.rb, line 724 def tcp_timeout @config[:tcp_timeout].to_s end
Set the value of TCP timeout for resolver queries that will be performed using TCP. A value of 0 means that the timeout will be infinite. The value is stored internally as a TcpTimeout object, see the description for Resolver#tcp_timeout
Default is 5 seconds.
# File lib/net/dns/resolver.rb, line 736 def tcp_timeout=(secs) @config[:tcp_timeout] = TcpTimeout.new(secs) @logger.info("New TCP timeout value: #{@config[:tcp_timeout]} seconds") end
Return an object representing the value of the stored UDP timeout the resolver will use in is queries. This object is an instance of the class UdpTimeout, and two methods are available for printing information: UdpTimeout#to_s and UdpTimeout#pretty_to_s.
Here's some example:
puts "Timeout of #{res.udp_timeout} seconds" # implicit to_s #=> Timeout of 150 seconds puts "You set a timeout of " + res.udp_timeout.pretty_to_s #=> You set a timeout of 2 minutes and 30 seconds
If the timeout is zero, a string "not defined" will be returned.
# File lib/net/dns/resolver.rb, line 758 def udp_timeout @config[:udp_timeout].to_s end
Set the value of UDP timeout for resolver queries that will be performed using UDP. A value of 0 means that the timeout will not be used, and the resolver will use only retry_number and retry_interval parameters.
Default is 5 seconds.
The value is stored internally as a UdpTimeout object, see the description for Resolver#udp_timeout.
# File lib/net/dns/resolver.rb, line 772 def udp_timeout=(secs) @config[:udp_timeout] = UdpTimeout.new(secs) @logger.info("New UDP timeout value: #{@config[:udp_timeout]} seconds") end
If use_tcp is true, the resolver will perform all queries using TCP virtual circuits instead of UDP datagrams, which is the default for the DNS protocol.
res.use_tcp = true res.query "host.example.com" #=> Sending TCP segments...
Default is false.
# File lib/net/dns/resolver.rb, line 682 def use_tcp=(bool) case bool when TrueClass,FalseClass @config[:use_tcp] = bool @logger.info("Use tcp flag changed to #{bool}") else raise ArgumentError, "Argument must be boolean" end end
Get the state of the use_tcp flag.
# File lib/net/dns/resolver.rb, line 666 def use_tcp? @config[:use_tcp] end
Generated with the Darkfish Rdoc Generator 2.