Up until now we intercepted query and DNS answers using these methods:
- Intercepting DNS queries to port 53.
- Intercepting DNS answers from port 53
- Intercepting glibc DNS functions.
Unfortunately there are scenarios where these methods are not enough:
- When using DNSSEC, DoT, DoH, etc.
- When resolvers return DNS answers from cache
- When resolvers don't use glibc functions to resolve domains.
- When applications use D-BUS to query for domain names instead of
using UDP/TCP (VPNs, flatpaks, electron based apps, etc.).
With this new DNS monitor now we're able to intercept DNS answers when
systemd-resolved is used to resolve domains.
This includes queries from flatpaks and others containerized
applications, as well as cyphered DNS queries.
Closes#874
