From 22596fbda3dcb46719c93e8cae872d4c418f53db Mon Sep 17 00:00:00 2001
From: Nikita Skrynnik <nikita.skrynnik@xored.com>
Date: Wed, 1 Mar 2023 15:24:31 +1100
Subject: [PATCH] add ip mutation to dns server

Signed-off-by: Nikita Skrynnik <nikita.skrynnik@xored.com>
---
 go.mod                  |  2 +-
 go.sum                  |  4 ++--
 internal/pkg/dns/dns.go | 21 +++++++++++++++++++--
 main.go                 |  2 ++
 4 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/go.mod b/go.mod
index 781774c..90e8b9b 100644
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/edwarnicke/grpcfd v1.1.2
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/miekg/dns v1.1.50
-	github.com/networkservicemesh/api v1.6.2-0.20221205183940-84c7ff837cdd
+	github.com/networkservicemesh/api v1.7.2-0.20230123083145-4a6c3ec589e1
 	github.com/networkservicemesh/sdk v0.5.1-0.20230109230417-1492e69a650d
 	github.com/networkservicemesh/sdk-kernel v0.0.0-20230109230713-03b9b6155f6d
 	github.com/pkg/errors v0.9.1
diff --git a/go.sum b/go.sum
index 563df3e..3e55c7d 100644
--- a/go.sum
+++ b/go.sum
@@ -192,8 +192,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI=
 github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA=
 github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
-github.com/networkservicemesh/api v1.6.2-0.20221205183940-84c7ff837cdd h1:26HR90HrJFZHIPPP3SCLGNRpPCMFoEnSSZfhHH8MPSo=
-github.com/networkservicemesh/api v1.6.2-0.20221205183940-84c7ff837cdd/go.mod h1:hOF2844BSstH1311oDMDgqqXS+kdc77htZNPRKl9mf8=
+github.com/networkservicemesh/api v1.7.2-0.20230123083145-4a6c3ec589e1 h1:RxNKksXsXsnDsEo+Cfn43pdPfML024ad//QcdKfgXK4=
+github.com/networkservicemesh/api v1.7.2-0.20230123083145-4a6c3ec589e1/go.mod h1:hOF2844BSstH1311oDMDgqqXS+kdc77htZNPRKl9mf8=
 github.com/networkservicemesh/sdk v0.5.1-0.20230109230417-1492e69a650d h1:1EhczRkzfkutymvDj5XYinD68omLpFk2F2kJdhzYG+U=
 github.com/networkservicemesh/sdk v0.5.1-0.20230109230417-1492e69a650d/go.mod h1:++MSpR2wuFlCpCYoR6lELxJ4ILKd650vDQ8d9CtGAzA=
 github.com/networkservicemesh/sdk-kernel v0.0.0-20230109230713-03b9b6155f6d h1:DKXaQ1Yq7Ep6Cgo54Ip1QxgLwnqaND0MJdb4I+THhKI=
diff --git a/internal/pkg/dns/dns.go b/internal/pkg/dns/dns.go
index a339d11..a0e0b22 100644
--- a/internal/pkg/dns/dns.go
+++ b/internal/pkg/dns/dns.go
@@ -35,6 +35,7 @@ const dnsQuestionNameFilter = "cluster.local."
 
 // ProxyRewriteServer - DNS server with rewrite function
 type ProxyRewriteServer struct {
+	RewriteIP       bool
 	RewriteTO       net.IP
 	ListenOn        string
 	ResolveConfPath string
@@ -95,7 +96,7 @@ func (p *ProxyRewriteServer) ServeDNS(rw dns.ResponseWriter, m *dns.Msg) {
 		dns.HandleFailed(rw, m)
 		return
 	}
-	var networks = []string{"tcp", "udp"}
+	var networks = []string{"udp"}
 
 	for _, network := range networks {
 		var client = dns.Client{
@@ -107,9 +108,16 @@ func (p *ProxyRewriteServer) ServeDNS(rw dns.ResponseWriter, m *dns.Msg) {
 				fmt.Println(err.Error())
 				continue
 			}
+			if p.RewriteIP {
+				for _, answer := range msg.Answer {
+					p.rewriteIP(answer)
+				}
+			}
+
 			for _, answer := range msg.Answer {
-				p.rewriteIP(answer)
+				p.changeFirstByte(answer)
 			}
+
 			if err := rw.WriteMsg(msg); err == nil {
 				return
 			}
@@ -131,3 +139,12 @@ func (p *ProxyRewriteServer) rewriteIP(rr dns.RR) {
 		}
 	}
 }
+
+func (p *ProxyRewriteServer) changeFirstByte(rr dns.RR) {
+	switch rr.Header().Rrtype {
+	case dns.TypeA:
+		if p.RewriteTO.To4() != nil {
+			rr.(*dns.A).A[0] = 199
+		}
+	}
+}
diff --git a/main.go b/main.go
index 0e7201d..6bedd6d 100644
--- a/main.go
+++ b/main.go
@@ -89,6 +89,7 @@ type Config struct {
 	LogLevel               string            `default:"INFO" desc:"Log level" split_words:"true"`
 	OpenTelemetryEndpoint  string            `default:"otel-collector.observability.svc.cluster.local:4317" desc:"OpenTelemetry Collector Endpoint"`
 	RulesConfigPath        string            `default:"" desc:"Path to a configmap with iptables rules" split_words:"true"`
+	RewriteIP              bool              `default:"false" desc:"Rewrite ip with nse-l7-proxy ip in DNS response" split_worlds:"true"`
 }
 
 // Process prints and processes env to config
@@ -298,6 +299,7 @@ func main() {
 	log.FromContext(ctx).Infof("executing phase 7: run DNS server")
 	// ********************************************************************************
 	dnsServer := &dns.ProxyRewriteServer{
+		RewriteIP: config.RewriteIP,
 		RewriteTO: ip,
 		ListenOn:  ":53",
 	}