Add: dns leak detection

2026-01-17 18:45:24 +08:00
parent ccd4a31d21
commit cfa96bde08
30 changed files with 3973 additions and 16 deletions
--- a/crates/wtfnet-dnsleak/src/privacy.rs
+++ b/crates/wtfnet-dnsleak/src/privacy.rs
@@ -0,0 +1,35 @@
+use crate::report::LeakEvent;
+use serde::{Deserialize, Serialize};
+
+#[derive(Debug, Clone, Copy, Serialize, Deserialize)]
+#[serde(rename_all = "lowercase")]
+pub enum PrivacyMode {
+    Full,
+    Redacted,
+    Minimal,
+}
+
+pub fn apply_privacy(event: &mut LeakEvent, mode: PrivacyMode) {
+    match mode {
+        PrivacyMode::Full => {}
+        PrivacyMode::Redacted => {
+            if let Some(value) = event.qname.as_ref() {
+                event.qname = Some(redact_domain(value));
+            }
+        }
+        PrivacyMode::Minimal => {
+            event.qname = None;
+            event.qtype = None;
+            event.rcode = None;
+        }
+    }
+}
+
+fn redact_domain(value: &str) -> String {
+    let parts: Vec<&str> = value.split('.').filter(|part| !part.is_empty()).collect();
+    if parts.len() >= 2 {
+        format!("{}.{}", parts[parts.len() - 2], parts[parts.len() - 1])
+    } else {
+        value.to_string()
+    }
+}