netico/code-library
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

anarres - ANti Authoritarian Recursive RESolver

Browse source
This commit is contained in:
netico 2022-03-18 17:39:28 +01:00
parent ff480248a6
commit aaa63c6b8b
5 changed files with 73 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
Network/README.md
View file

@ -5,3 +5,45 @@
## [TCP investigation](https://git.lattuga.net/netico/code-library/src/master/Network/Investigation) ## [TCP investigation](https://git.lattuga.net/netico/code-library/src/master/Network/Investigation)
In the [Investigation](https://git.lattuga.net/netico/code-library/src/master/Network/Investigation) folder you can find a **bash** script to analyze **active TCP connections** on a **GNU/Linux** system. In the [Investigation](https://git.lattuga.net/netico/code-library/src/master/Network/Investigation) folder you can find a **bash** script to analyze **active TCP connections** on a **GNU/Linux** system.
## [anarres](anarres): **AN**ti **A**uthoritarian **R**ecursive **RES**olver
### How to avoid censorship at the DNS level?
[**Tor**](https://www.torproject.org/) provides a built-in **DNS forwarder**.
This is a minimal **Docker** container that uses a local caching DNS server ([**dnsmasq**](https://dnsmasq.org)) which will compensate for **TorDNS** being a little slower than traditional DNS servers.
### Usage
Build it using:
docker build --pull --rm -f Dockerfile -t anarres:latest .
Run it using:
docker run --rm -d -p 53:53/udp anarres:latest
Test it using:
dig @127.0.0.1 cr.yp.to
Expected output:
; <<>> DiG 9.11.5-P4-5.1+deb10u6-Debian <<>> @127.0.0.1 cr.yp.to
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35649
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;cr.yp.to. IN A
;; ANSWER SECTION:
cr.yp.to. 3600 IN A 131.193.32.109
;; Query time: 278 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Mar 18 17:13:00 CET 2022
;; MSG SIZE rcvd: 42

11
Network/anarres/Dockerfile Normal file
View file

@ -0,0 +1,11 @@
FROM alpine:3.15
RUN apk -U upgrade && \
apk add --no-cache bash && \
apk add --no-cache sudo && \
apk add --no-cache tor && \
apk add --no-cache dnsmasq
COPY ./torrc.config /anarres/
COPY ./dnsmasq.config /anarres/
COPY ./start.sh /anarres/
ENTRYPOINT [ "/anarres/start.sh" ]
EXPOSE 53/udp

5
Network/anarres/dnsmasq.config Normal file
View file

@ -0,0 +1,5 @@
# Configuration file for dnsmasq.
port=53
no-resolv
server=127.0.0.1#5353

9
Network/anarres/start.sh Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
# On Docker for Linux, the IP address of the gateway between
# the Docker host and the bridge network is 172.17.0.1
# if you are using default networking
IPADDRESS=$(ip -4 -o address | grep eth0 | cut -d/ -f1 | awk {'print $4'})
sudo -u tor tor -f /anarres/torrc.config &
dnsmasq --conf-file=/anarres/dnsmasq.config --listen-address=$IPADDRESS --no-daemon

6
Network/anarres/torrc.config Normal file
View file

@ -0,0 +1,6 @@
# Tor
SOCKSPort 0
DataDirectory /var/lib/tor
DNSPort 5353
AutomapHostsOnResolve 1