Dns To Dns Over TLS tcp proxy

DNServer.rb

require 'socket'
require "openssl"
require "logger"

HOST        = "cloudflare-dns.com"
REMOTE_DNS  = "1.1.1.1"
REMOTE_PORT = 853
LOCAL_PORT  = 53
BLOCK_SIZE  = 1024
LOGGER      = Logger.new(STDOUT)

class DNServe
  def initialize
    self.local_server = TCPServer.open(LOCAL_PORT)
    LOGGER.info("listening on port ::53")
  end

  def run
    loop do
      server = local_server.accept
      connect(server)
    end
  end

  private

  attr_accessor :local_server, :remote_server

  def remote_server_connection
    tcp_socket = TCPSocket.new(REMOTE_DNS, REMOTE_PORT)
    ctx = OpenSSL::SSL::SSLContext.new("TLSv1_2")
    ctx.alpn_protocols = ["dot"]

    remote = OpenSSL::SSL::SSLSocket.new(tcp_socket, ctx)
    remote.sync_close = true

    remote.hostname = HOST
    remote.connect
    remote.post_connection_check HOST
    remote
  end

  def connect(local_server)
    remote_server = remote_server_connection
    # start reading from both ends
    loop do
      ready = IO.select([local_server, remote_server])

      if ready.first.include? local_server
        data = local_server.recv(BLOCK_SIZE)
        break if data.empty?
        remote_server.syswrite(data)
      end
      if ready.first.include? remote_server
        data = remote_server.sysread(BLOCK_SIZE)
        break if data.empty?
        local_server.write(data)
      end
    end

    local_server.close
    remote_server.close
  end
end

# Run the server
d = DNServe.new
d.run

Usage:

ruby dnserve.rb

dig +tcp ahmgeek.com @localhost