Home Explore Help
Register Sign In
netico
/
code-library
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

anarres - ANti Authoritarian Recursive RESolver

netico 2 years ago
parent
ff480248a6
commit
aaa63c6b8b
5 changed files with 73 additions and 0 deletions
Split View Show Diff Stats
  1. 42 0
      Network/README.md
  2. 11 0
      Network/anarres/Dockerfile
  3. 5 0
      Network/anarres/dnsmasq.config
  4. 9 0
      Network/anarres/start.sh
  5. 6 0
      Network/anarres/torrc.config

+ 42 - 0
Network/README.md
View File 

@@ -5,3 +5,45 @@
 
 ## [TCP investigation](https://git.lattuga.net/netico/code-library/src/master/Network/Investigation)
 
 
 In the [Investigation](https://git.lattuga.net/netico/code-library/src/master/Network/Investigation) folder you can find a **bash** script to analyze **active TCP connections** on a **GNU/Linux** system.
 
+
 
+## [anarres](anarres): **AN**ti **A**uthoritarian **R**ecursive **RES**olver
 
+
 
+### How to avoid censorship at the DNS level?
 
+
 
+[**Tor**](https://www.torproject.org/) provides a built-in **DNS forwarder**.
 
+
 
+This is a minimal **Docker** container that uses a local caching DNS server ([**dnsmasq**](https://dnsmasq.org)) which will compensate for **TorDNS** being a little slower than traditional DNS servers.
 
+
 
+### Usage
 
+
 
+Build it using:
 
+
 
+    docker build --pull --rm -f Dockerfile -t anarres:latest .
 
+
 
+Run it using:
 
+
 
+    docker run --rm -d -p 53:53/udp anarres:latest
 
+
 
+Test it using:
 
+
 
+    dig @127.0.0.1 cr.yp.to
 
+
 
+Expected output:
 
+
 
+    ; <<>> DiG 9.11.5-P4-5.1+deb10u6-Debian <<>> @127.0.0.1 cr.yp.to
 
+    ; (1 server found)
 
+    ;; global options: +cmd
 
+    ;; Got answer:
 
+    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35649
 
+    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
 
+
 
+    ;; QUESTION SECTION:
 
+    ;cr.yp.to. IN A
 
+
 
+    ;; ANSWER SECTION:
 
+    cr.yp.to. 3600 IN A 131.193.32.109
 
+
 
+    ;; Query time: 278 msec
 
+    ;; SERVER: 127.0.0.1#53(127.0.0.1)
 
+    ;; WHEN: Fri Mar 18 17:13:00 CET 2022
 
+    ;; MSG SIZE  rcvd: 42

+ 11 - 0
Network/anarres/Dockerfile
View File 

@@ -0,0 +1,11 @@
 
+FROM alpine:3.15
 
+RUN apk -U upgrade && \ 
+  apk add --no-cache bash && \
 
+  apk add --no-cache sudo && \
 
+  apk add --no-cache tor && \
 
+  apk add --no-cache dnsmasq
 
+COPY ./torrc.config /anarres/
 
+COPY ./dnsmasq.config /anarres/
 
+COPY ./start.sh /anarres/
 
+ENTRYPOINT [ "/anarres/start.sh" ] 
+EXPOSE 53/udp

+ 5 - 0
Network/anarres/dnsmasq.config
View File 

@@ -0,0 +1,5 @@
 
+# Configuration file for dnsmasq.
 
+
 
+port=53
 
+no-resolv
 
+server=127.0.0.1#5353

+ 9 - 0
Network/anarres/start.sh
View File 

@@ -0,0 +1,9 @@
 
+#!/bin/bash
 
+
 
+# On Docker for Linux, the IP address of the gateway between
 
+# the Docker host and the bridge network is 172.17.0.1
 
+# if you are using default networking
 
+IPADDRESS=$(ip -4 -o address | grep eth0 | cut -d/ -f1 | awk {'print $4'})
 
+
 
+sudo -u tor tor -f /anarres/torrc.config &
 
+dnsmasq --conf-file=/anarres/dnsmasq.config --listen-address=$IPADDRESS --no-daemon

+ 6 - 0
Network/anarres/torrc.config
View File 

@@ -0,0 +1,6 @@
 
+# Tor
 
+
 
+SOCKSPort 0
 
+DataDirectory /var/lib/tor
 
+DNSPort 5353
 
+AutomapHostsOnResolve 1