package main import ( "crypto/sha256" "encoding/hex" "encoding/json" "fmt" "log" "net" "net/http" "os" "os/signal" "strings" "syscall" "time" "github.com/miekg/dns" ) type DB map[string]dns_entry var D map[string]dns_entry var DEBUG bool = false var ERRORLOG_FILE string = "/data/error.log" type dns_entry struct { Dns string `json:"dns"` Ipv4 string `json:"ipv4"` Ipv6 string `json:"ipv6"` User string `json:"user"` Token string `json:"token"` LastSeen string `json:"lastseen"` } // Daten in eine Datei schreiben func writeToFile(filename string, data DB) error { // JSON konvertieren jsonData, err := json.MarshalIndent(data, "", " ") if err != nil { WriteLog("!", "Fehler beim Serialisieren: ", err) return err } // Datei öffnen/erstellen err = os.WriteFile(filename, jsonData, 0644) if err != nil { WriteLog("!", "Fehler beim Schreiben der Datei: ", err) return err } return nil } // Daten aus einer Datei lesen func readFromFile(filename string) (DB, error) { // Datei lesen jsonData, err := os.ReadFile(filename) if err != nil { WriteLog("!", "Fehler beim Lesen der Datei: ", err) return nil, err } // JSON in DB parsen var data DB err = json.Unmarshal(jsonData, &data) if err != nil { WriteLog("!", "Fehler beim Parsen von JSON: ", err) return nil, err } return data, nil } // HashToken hashes a token using SHA-256. func HashToken(token string) string { hash := sha256.Sum256([]byte(token)) return hex.EncodeToString(hash[:]) } // VerifyToken compares a plaintext token with a stored hash. func VerifyToken(token, storedHash string) bool { return HashToken(token) == storedHash } func reverseString(s string) string { // Konvertiere den String in eine Rune-Slice, um Unicode-Zeichen zu unterstützen runes := []rune(s) n := len(runes) // Tausche die Elemente, um den String umzudrehen for i := 0; i < n/2; i++ { runes[i], runes[n-1-i] = runes[n-1-i], runes[i] } // Konvertiere die Rune-Slice zurück in einen String return string(runes) } func IPv6ToPTR(ipv6 string) (string, error) { // Parse the IPv6 address to validate it parsedIP := net.ParseIP(ipv6) if parsedIP == nil || parsedIP.To16() == nil || parsedIP.To4() != nil { return "", fmt.Errorf("invalid IPv6 address: %s", ipv6) } // Expand the IPv6 address to its full form expanded := parsedIP.To16() // Convert to a reversed nibble format for PTR var nibbles []string for i := len(expanded) - 1; i >= 0; i-- { hexByte := fmt.Sprintf("%02x", expanded[i]) // Add the nibbles in reverse order nibbles = append(nibbles, string(hexByte[1]), string(hexByte[0])) } // Join the nibbles with dots and append the reverse domain reversed := strings.Join(nibbles, ".") return reversed + ".ip6.arpa.", nil } func handler(w http.ResponseWriter, r *http.Request) { Dns := r.URL.Query().Get("DDNS") Ip := r.URL.Query().Get("IP") Ip6 := r.URL.Query().Get("IPv6") User := r.URL.Query().Get("USER") Token := r.URL.Query().Get("TOKEN") if D == nil { D = make(map[string]dns_entry) } if strings.Contains(Ip6, ".") { WriteLog("!", "IPv6 nicht möglich (IP-Version-Mismatch):", Ip6, "eventuell eine IPv4-Adresse?") Ip6 = "" } if strings.EqualFold(Dns, "") || strings.EqualFold(Ip, "") || strings.EqualFold(User, "") || strings.EqualFold(Token, "") { /* strings.ToLower(Dns) != strings.ToLower("") && strings.ToLower(Ip) != strings.ToLower("") && strings.ToLower(User) != strings.ToLower("") && strings.ToLower(Token) != strings.ToLower("")*/ WriteLog("!", "Eintrag unvollständig: ", D[Dns]) w.WriteHeader(200) w.Write([]byte("nochg")) } else { if entry, exists := D[Dns+"."]; exists { if User == entry.User && VerifyToken(Token, entry.Token) { D[Dns+"."] = dns_entry{Dns: Dns, Ipv4: Ip, Ipv6: Ip6, User: User, Token: entry.Token, LastSeen: time.Now().String()} WriteLog("~", "Eintrag aktualisiert: ", entry, D[Dns+"."]) // Datei speichern filename := "/data/data.json" err := writeToFile(filename, D) if err != nil { WriteLog("!", "Fehler beim Schreiben:", err) return } WriteLog("~", "Daten erfolgreich in Datei geschrieben.") w.WriteHeader(200) w.Write([]byte("good")) } else { WriteLog("!", "Eintrag aktualisieren abgelehnt (Benutzer/Passwort ungültig): ", entry, D[Dns]) w.WriteHeader(200) w.Write([]byte("nochg")) } } else { D[Dns+"."] = dns_entry{Dns: Dns, Ipv4: Ip, Ipv6: Ip6, User: User, Token: HashToken(Token), LastSeen: time.Now().String()} WriteLog("~", "Eintrag erstellt: ", entry, D[Dns+"."]) // Datei speichern filename := "/data/data.json" err := writeToFile(filename, D) if err != nil { WriteLog("!", "Fehler beim Schreiben:", err) return } WriteLog("~", "Daten erfolgreich in Datei geschrieben.") w.WriteHeader(200) w.Write([]byte("good")) } } } var SysLog = []string{} func WriteLog(a ...any) error { if DEBUG { fmt.Println(time.Now().String(), a) } SysLog = append(SysLog, fmt.Sprintf("%s %s", time.Now().String(), a)) // JSON konvertieren jsonData, err := json.MarshalIndent(SysLog, "", " ") if err != nil { fmt.Println("!", "Fehler beim Serialisieren: ", err) return err } // Datei öffnen/erstellen err = os.WriteFile(ERRORLOG_FILE, jsonData, 0644) if err != nil { fmt.Println("!", "Fehler beim Schreiben der Datei: ", err) return err } return nil } func handlerIP(w http.ResponseWriter, r *http.Request) { remoteIP := r.Header.Get("X-Forwarded-For") if remoteIP == "" { remoteIP = r.RemoteAddr // Fallback, wenn kein Header gesetzt ist } if DEBUG { WriteLog("~", "Remote-IP:", remoteIP) } w.WriteHeader(200) w.Write([]byte(remoteIP)) } func handleDNSRequest(w dns.ResponseWriter, r *dns.Msg) { // Bereite die Antwort vor msg := new(dns.Msg) msg.SetReply(r) msg.Authoritative = true // Durchlaufe alle Fragen in der Anfrage for _, q := range r.Question { if strings.ToLower(q.Name) != q.Name { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeANY", "strings.ToLower(q.Name) != q.Name", strings.ToLower(q.Name), q.Name) } } switch q.Qtype { case dns.TypeA: // IPv4-Anfrage ip, exists := D[strings.ToLower(q.Name)] if exists { rr, err := dns.NewRR(strings.ToLower(q.Name) + " A " + ip.Ipv4) if err == nil { if DEBUG { WriteLog("~", "handleDNSRequest", "case dns.TypeA", "D[q.Name]", D[strings.ToLower(q.Name)], "q.Name", strings.ToLower(q.Name)) } msg.Answer = append(msg.Answer, rr) } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeA", "IPv4", "error", err) } } } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeA", "not found in D", strings.ToLower(q.Name)) } } case dns.TypeAAAA: // IPv6-Anfrage // Beispielhafte IPv6-Adresse für Demonstration ip6, exists := D[strings.ToLower(q.Name)] if exists && !strings.EqualFold(ip6.Ipv6, "") { rr, err := dns.NewRR(strings.ToLower(q.Name) + " AAAA " + ip6.Ipv6) if err == nil { if DEBUG { WriteLog("~", "handleDNSRequest", "case dns.TypeAAAA", "D[q.Name]", D[strings.ToLower(q.Name)], "q.Name", strings.ToLower(q.Name)) } msg.Answer = append(msg.Answer, rr) } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeAAAA", "IPv6", "error", err) } } } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeAAAA", "not found in D", strings.ToLower(q.Name)) } } case dns.TypePTR: for a, b := range D { iptocheck := reverseString(b.Ipv4) if iptocheck+".in-addr.arpa." == strings.ToLower(q.Name) { rr, err := dns.NewRR(strings.ToLower(q.Name) + " PTR " + a) if err == nil { if DEBUG { WriteLog("~", "handleDNSRequest", "case dns.TypePTR", "IPv4", "found match", a, b) } msg.Answer = append(msg.Answer, rr) } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypePTR", "IPv4", "error", err) } } } ip6tocheck, _ := IPv6ToPTR(b.Ipv6) if ip6tocheck == strings.ToLower(q.Name) { rr, err := dns.NewRR(strings.ToLower(q.Name) + " PTR " + a) if err == nil { if DEBUG { WriteLog("~", "handleDNSRequest", "case dns.TypePTR", "IPv6", "found match", a, b) } msg.Answer = append(msg.Answer, rr) } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypePTR", "IPv6", "error", err) } } } } case dns.TypeANY: ip, exists := D[strings.ToLower(q.Name)] if exists { rr, err := dns.NewRR(strings.ToLower(q.Name) + " A " + ip.Ipv4) if err == nil { if DEBUG { WriteLog("~", "handleDNSRequest", "case dns.TypeANY", "D[q.Name]", D[strings.ToLower(q.Name)], "q.Name", strings.ToLower(q.Name)) } msg.Answer = append(msg.Answer, rr) } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeANY", "IPv4", "error", err) } } } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeANY", "not found in D", strings.ToLower(q.Name)) } } // Beispielhafte IPv6-Adresse für Demonstration ip6, exists := D[strings.ToLower(q.Name)] if exists && !strings.EqualFold(ip6.Ipv6, "") { rr, err := dns.NewRR(strings.ToLower(q.Name) + " AAAA " + ip6.Ipv6) if err == nil { if DEBUG { WriteLog("~", "handleDNSRequest", "case dns.TypeANY", "D[q.Name]", D[strings.ToLower(q.Name)], "q.Name", strings.ToLower(q.Name)) } msg.Answer = append(msg.Answer, rr) } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeANY", "IPv6", "error", err) } } } else { if DEBUG { WriteLog("!", "handleDNSRequest", "case dns.TypeANY", "not found in D", strings.ToLower(q.Name)) } } default: if DEBUG { WriteLog("+", "unhandledDNSRequest", r.Question, strings.ToLower(q.Name), q.Qclass, q.Qtype) } } } // Antwort senden w.WriteMsg(msg) } func prepareExit() { WriteLog("~", "Running exit tasks...") os.Rename("/data/error.log", "/data/error_"+time.Now().Format("2006-01-02_15-04-05")+".log") fmt.Println("~", "Exit completed.") } func StopServer(e error) { WriteLog("~", "Stopping server...") prepareExit() fmt.Println("~", "Server stopped!") } func main() { HTTP_PORT := os.Getenv("HTTP_PORT") HTTP_TLS := os.Getenv("HTTP_TLS") /* 1/0 */ HTTP_TLS_PRIVATEKEY := os.Getenv("HTTP_TLS_PRIVATEKEY") HTTP_TLS_CERTIFICATE := os.Getenv("HTTP_TLS_CERTIFICATE") ERRORLOG_FILE = os.Getenv("ERRORLOG_FILE") if os.Getenv("DEBUG") == "1" { DEBUG = true WriteLog("~", "Debug mode enabled.") } if strings.EqualFold(HTTP_TLS, "") || strings.EqualFold(HTTP_PORT, "") || strings.EqualFold(HTTP_TLS_PRIVATEKEY, "") || strings.EqualFold(HTTP_TLS_CERTIFICATE, "") { WriteLog("~", "No port or mode defined. Fallback to TLS=0 & Port=8080") WriteLog("~", "ENV's: [HTTP_PORT=8080|443], [HTTP_TLS=0|1],[HTTP_TLS_PRIVATEKEY=#],[HTTP_TLS_CERTIFICATE=#]") WriteLog("~", "Remember to set unused ENVs like [HTTP_TLS_PRIVATEKEY] or [HTTP_TLS_CERTIFICATE] to '#'") HTTP_PORT = "8080" HTTP_TLS = "0" HTTP_TLS_CERTIFICATE = "" HTTP_TLS_PRIVATEKEY = "" ERRORLOG_FILE = "/data/error.log" } else { WriteLog("~", "Port and mode defined.") } // Signal-Kanal einrichten stop := make(chan os.Signal, 1) signal.Notify(stop, syscall.SIGINT, syscall.SIGTERM) // Goroutine, die auf Signale wartet go func() { <-stop WriteLog("~", "Received stop signal") prepareExit() os.Exit(0) }() D = make(map[string]dns_entry) // Datei lesen filename := "/data/data.json" readData, err := readFromFile(filename) if err != nil { WriteLog("!", "Fehler beim Lesen:", err) } else { WriteLog("~", "Daten erfolgreich aus Datei gelesen.") D = readData } http.HandleFunc("/", handler) http.HandleFunc("/ip", handlerIP) /* DNS-PART */ dns.HandleFunc(".", handleDNSRequest) serverUDP := &dns.Server{Addr: ":53", Net: "udp"} go func() { log.Println("~", "Starting DNS server on UDP :53") if err := serverUDP.ListenAndServe(); err != nil { log.Fatalf("Failed to start UDP server: %v", err) } }() serverTCP := &dns.Server{Addr: ":53", Net: "tcp"} go func() { log.Println("~", "Starting DNS server on TCP :53") if err := serverTCP.ListenAndServe(); err != nil { log.Fatalf("Failed to start TCP server: %v", err) } }() /* HTTP-PART */ WriteLog("~", "Server listening on port :"+HTTP_PORT) if HTTP_TLS == "0" { WriteLog("~", "Protocol is http (insecure)") StopServer(http.ListenAndServe(":"+HTTP_PORT, nil)) } if HTTP_TLS == "1" { WriteLog("~", "Protocol is https (secure)") StopServer(http.ListenAndServeTLS(":"+HTTP_PORT, HTTP_TLS_CERTIFICATE, HTTP_TLS_PRIVATEKEY, nil)) } /*srv_err := http.ListenAndServe(":8080", nil) if srv_err != nil { WriteLog("Starten des Servers fehlgeschlagen!", srv_err) }*/ }