mirror of
https://github.com/evilsocket/opensnitch.git
synced 2025-03-04 08:34:40 +01:00
b560ad6967
Up until now we intercepted query and DNS answers using these methods: - Intercepting DNS queries to port 53. - Intercepting DNS answers from port 53 - Intercepting glibc DNS functions. Unfortunately there are scenarios where these methods are not enough: - When using DNSSEC, DoT, DoH, etc. - When resolvers return DNS answers from cache - When resolvers don't use glibc functions to resolve domains. - When applications use D-BUS to query for domain names instead of using UDP/TCP (VPNs, flatpaks, electron based apps, etc.). With this new DNS monitor now we're able to intercept DNS answers when systemd-resolved is used to resolve domains. This includes queries from flatpaks and others containerized applications, as well as cyphered DNS queries. Closes #874
18 lines
559 B
Modula-2
18 lines
559 B
Modula-2
module github.com/evilsocket/opensnitch/daemon
|
|
|
|
go 1.14
|
|
|
|
require (
|
|
github.com/fsnotify/fsnotify v1.4.7
|
|
github.com/golang/protobuf v1.5.0
|
|
github.com/google/gopacket v1.1.14
|
|
github.com/google/nftables v0.1.0
|
|
github.com/google/uuid v1.3.0
|
|
github.com/iovisor/gobpf v0.2.0
|
|
github.com/varlink/go v0.4.0
|
|
github.com/vishvananda/netlink v0.0.0-20210811191823-e1a867c6b452
|
|
golang.org/x/net v0.0.0-20211209124913-491a49abca63
|
|
golang.org/x/sys v0.0.0-20211205182925-97ca703d548d
|
|
google.golang.org/grpc v1.32.0
|
|
google.golang.org/protobuf v1.26.0 // indirect
|
|
)
|