dns: extract 'nameserver' lines from /etc/resolv.conf

3 files changed, 31 insertions, 6 deletions

diff --git a/firewall.py b/firewall.py
index 8ec67bc..ed576a2 100644
--- a/firewall.py
+++ b/firewall.py
@@ -82,11 +82,13 @@ def do_iptables(port, dnsport, subnets):
                         '--to-ports', str(port))
                 
     if dnsport:
-        ipt_ttl('-A', chain, '-j', 'REDIRECT',
-                '--dest', '192.168.42.1/32',
-                '-p', 'udp',
-                '--dport', '53',
-                '--to-ports', str(dnsport))
+        nslist = resolvconf_nameservers()
+        for ip in nslist:
+            ipt_ttl('-A', chain, '-j', 'REDIRECT',
+                    '--dest', '%s/32' % ip,
+                    '-p', 'udp',
+                    '--dport', '53',
+                    '--to-ports', str(dnsport))
 
 
 def ipfw_rule_exists(n):
diff --git a/helpers.py b/helpers.py
index 18871a2..d8d7e85 100644
--- a/helpers.py
+++ b/helpers.py
@@ -35,3 +35,26 @@ def list_contains_any(l, sub):
         if i in l:
             return True
     return False
+
+
+def resolvconf_nameservers():
+    l = []
+    for line in open('/etc/resolv.conf'):
+        words = line.lower().split()
+        if len(words) >= 2 and words[0] == 'nameserver':
+            l.append(words[1])
+    return l
+
+
+def resolvconf_random_nameserver():
+    l = resolvconf_nameservers()
+    if l:
+        if len(l) > 1:
+            # don't import this unless we really need it
+            import random
+            random.shuffle(l)
+        return l[0]
+    else:
+        return '127.0.0.1'
+    
+    
diff --git a/server.py b/server.py
index 3395c9e..60eaa42 100644
--- a/server.py
+++ b/server.py
@@ -114,7 +114,7 @@ class DnsProxy(Handler):
         self.mux = mux
         self.chan = chan
         self.sock.setsockopt(socket.SOL_IP, socket.IP_TTL, 42)
-        self.sock.connect(('192.168.42.1', 53))
+        self.sock.connect((resolvconf_random_nameserver(), 53))
         self.sock.send(request)
 
     def callback(self):