Add color mode to dnseval ("-C" option)

and more standard constant names

.gitmodules

@@ -1,7 +1,3 @@
-[submodule "dnspython"]
-	path = dnspython
-	url = https://github.com/farrokhi/dnspython.git
-	branch = python3
 [submodule "cymruwhois"]
 	path = cymruwhois
 	url = https://github.com/JustinAzoff/python-cymruwhois.git

.travis.yml

@@ -1,5 +1,10 @@
 language: python
-python: "3.4"
-install: pip install  --process-dependency-links dnsdiag
+python:
+  - "3.3"
+  - "3.4"
+  - "3.5"
+  - "3.5-dev" # 3.5 development branch
+  - "nightly" # currently points to 3.6-dev
+install: "pip install -r requirements.txt"
 script: nosetests dnstraceroute.py
 

README.md

@@ -28,13 +28,16 @@ of view.
 # prerequisites
 This script requires python3 as well as latest
 [dnspython](http://www.dnspython.org/) and
-[cymruwhois](https://pythonhosted.org/cymruwhois/). Please note that
-"dnstraceroute" requires a modified version of dnspython module. All required
-third-party modules are included as GIT submodules. You just need to run `git
-submodule update --init` and project directory to pull the required code.
+[cymruwhois](https://pythonhosted.org/cymruwhois/).
+All required third-party modules are included as GIT submodules. You just need 
+to run `git submodule update --init` and project directory to pull the required code.
 
 # installation
 
+There are several ways that you can use this toolset. However using the sourcecode is always recommended.
+
+## From Source Code
+
 1. You can checkout this git repo and its submodules
 
 ```
@@ -49,19 +52,23 @@ git submodule update --init
 pip3 install --process-dependency-links dnsdiag
 ```
 
+## From Binary
+
+From time to time, binary version will be released for Windows, Mac OS X and Linux platforms. You can grab the latest release from [releases page](https://github.com/farrokhi/dnsdiag/releases).
+
 # dnsping
 dnsping pings a DNS resolver by sending an arbitrary DNS query for given number
 of times:
 ```
-% ./dnsping.py -c 3 -s 8.8.8.8 -t MX wikipedia.org
-dnsping.py DNS: 8.8.8.8:53, hostname: wikipedia.org, rdatatype: MX
-101 bytes from 8.8.8.8: seq=0   time=262.896 ms
-101 bytes from 8.8.8.8: seq=1   time=305.608 ms
-101 bytes from 8.8.8.8: seq=2   time=307.221 ms
+% ./dnsping.py -c 3 -t AAAA -s 8.8.8.8 dnsdiag.org
+dnsping.py DNS: 8.8.8.8:53, hostname: dnsdiag.org, rdatatype: AAAA
+4 bytes from 8.8.8.8: seq=0   time=123.509 ms
+4 bytes from 8.8.8.8: seq=1   time=115.726 ms
+4 bytes from 8.8.8.8: seq=2   time=117.351 ms
 
 --- 8.8.8.8 dnsping statistics ---
 3 requests transmitted, 3 responses received,   0% lost
-min=262.896 ms, avg=291.908 ms, max=307.221 ms, stddev=25.138 ms
+min=115.726 ms, avg=118.862 ms, max=123.509 ms, stddev=4.105 ms
 ```
 This script calculates minimum, maximum and average response time as well as
 jitter (stddev)
@@ -73,23 +80,16 @@ it to your actual network traceroute and make sure your DNS traffic is not
 routed to any unwanted path.
 
 ```
-% ./dnstraceroute.py --expert -s 8.8.4.4 yahoo.com
-dnstraceroute.py DNS: 8.8.4.4:53, hostname: yahoo.com, rdatatype: A
-1       204.109.58.53 (204.109.58.53) 1 ms
-2       208.79.80.5 (208.79.80.5) 1 ms
-3       162.223.13.177 (162.223.13.177) 1 ms
-4       208.79.80.254 (208.79.80.254) 7 ms
-5       eqixva-google-gige.google.com (206.126.236.21) 7 ms
-6       209.85.242.142 (209.85.242.142) 7 ms
-7       72.14.236.148 (72.14.236.148) 8 ms
-8       209.85.250.70 (209.85.250.70) 16 ms
-9       74.125.37.222 (74.125.37.222) 16 ms
-10       *
-11      google-public-dns-b.google.com (8.8.4.4) 15 ms
+% ./dnstraceroute.py --expert -C -t A -s 8.8.4.4 facebook.com
+dnstraceroute.py DNS: 8.8.4.4:53, hostname: facebook.com, rdatatype: A
+1	192.168.0.1 (192.168.0.1) 1 ms
+2	192.168.28.177 (192.168.28.177) 4 ms
+3	192.168.0.1 (192.168.0.1) 693 ms
+4	172.19.4.17 (172.19.4.17) 3 ms
+5	google-public-dns-b.google.com (8.8.4.4) 8 ms
 
 === Expert Hints ===
- [*] public DNS server is next to an invisible hop (probably a firewall)
-
+ [*] public DNS server is next to a private IP address (possible hijacking)
 ```
 
 Using `--expert` will instruct dnstraceroute to print expert hints (such as warnings of possible DNS traffic hijacking).
@@ -99,17 +99,21 @@ dnseval is a bulk ping utility that sends an arbitrary DNS query to a give list
 of DNS servers. This script is meant for comparing response time of multiple
 DNS servers at once:
 ```
-% ./dnseval.py wikipedia.org
-server             avg(ms)     min(ms)     max(ms)     stddev(ms)  lost(%)
---------------------------------------------------------------------------
-4.2.2.1            151.067     131.270     221.742     28.643      %10
-4.2.2.2            142.175     132.921     178.133     13.348      %0
-64.6.64.6          133.047     109.145     162.938     20.609      %0
-64.6.65.6          377.270     97.669      661.471     172.717     %0
-8.8.4.4            389.048     294.581     511.134     67.953      %0
-8.8.8.8            0.000       0.000       0.000       0.000       %100
-208.67.222.222     179.068     135.975     258.582     50.681      %0
-208.67.220.220     137.817     135.822     140.113     1.504       %0
+% ./dnseval.py -t AAAA -f public-v4.txt -c10 yahoo.com
+server           avg(ms)     min(ms)     max(ms)     stddev(ms)  lost(%)  ttl     flags
+------------------------------------------------------------------------------------------------------
+8.8.8.8          270.791     215.599     307.498     40.630      %0       298     QR -- -- RD RA -- --
+8.8.4.4          222.955     171.753     307.251     60.481      %10      291     QR -- -- RD RA -- --
+ns.ripe.net      174.855     160.949     187.458     10.099      %0       289     QR -- -- RD RA -- --
+4.2.2.1          172.798     163.892     189.918     7.823       %0       287     QR -- -- RD RA -- --
+4.2.2.2          178.594     169.158     184.696     5.067       %0       285     QR -- -- RD RA -- --
+4.2.2.3          153.574     138.509     173.439     12.015      %0       284     QR -- -- RD RA -- --
+4.2.2.4          153.182     141.023     162.323     6.700       %0       282     QR -- -- RD RA -- --
+4.2.2.5          154.840     141.557     163.889     7.195       %0       281     QR -- -- RD RA -- --
+209.244.0.3      156.270     147.320     161.365     3.958       %0       279     QR -- -- RD RA -- --
+209.244.0.4      159.329     151.283     163.726     3.958       %0       278     QR -- -- RD RA -- --
+195.46.39.39     171.098     163.612     181.147     5.067       %0       276     QR -- -- RD RA -- --
+195.46.39.40     175.335     160.920     185.618     8.726       %0       274     QR -- -- RD RA -- --
 ```
 
 ### Author
@@ -117,7 +121,7 @@ server             avg(ms)     min(ms)     max(ms)     stddev(ms)  lost(%)
 Babak Farrokhi 
 
 - twitter: [@farrokhi](https://twitter.com/farrokhi)
-- github: [/farrokhi](https://github.com/farrokhi/)
+- github: [github.com/farrokhi](https://github.com/farrokhi/)
 - website: [farrokhi.net](https://farrokhi.net/)
 
 
@@ -125,8 +129,3 @@ Babak Farrokhi
 
 dnsdiag is released under a 2 clause BSD license.
 
-### Credits
-
-- [@rthalley](https://github.com/rthalley) for invaluable [dnspython](https://github.com/rthalley/dnspython) library
-- [@JustinAzoff](https://github.com/JustinAzoff) for [python-cymruwhois](https://github.com/JustinAzoff/python-cymruwhois) library
-- [@bortzmeyer](https://github.com/bortzmeyer) for his feedback and patches

TODO.md

@@ -1,6 +1,3 @@
 # TODO
 
-- implement basic DNS client functionality into dnstraceroute to eliminate need
-  of modified dnspython module
-- add support for python 2.x for the conservatives and faint-hearted ;-)
 - dnsfingerprint.py tool to fingerprint DNS servers

dns

@@ -1 +0,0 @@
-dnspython/dns

dnseval.py

@@ -25,9 +25,10 @@
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 
+import os
+
 import getopt
 import ipaddress
-import os
 import signal
 import socket
 import sys
@@ -37,23 +38,45 @@ from statistics import stdev
 import dns.rdatatype
 import dns.resolver
 
-__VERSION__ = 1.0
-__PROGNAME__ = os.path.basename(sys.argv[0])
+__author__ = 'Babak Farrokhi (babak@farrokhi.net)'
+__license__ = 'BSD'
+__version__ = "1.6.0"
+__progname__ = os.path.basename(sys.argv[0])
 shutdown = False
 
 resolvers = dns.resolver.get_default_resolver().nameservers
 
 
+class Colors(object):
+    N = '\033[m'  # native
+    R = '\033[31m'  # red
+    G = '\033[32m'  # green
+    O = '\033[33m'  # orange
+    B = '\033[34m'  # blue
+
+    def __init__(self, mode):
+        if not mode:
+            self.N = ''
+            self.R = ''
+            self.G = ''
+            self.O = ''
+            self.B = ''
+
+
 def usage():
-    print("""%s version %1.1f
+    print("""%s version %s
 
 usage: %s [-h] [-f server-list] [-c count] [-t type] [-w wait] hostname
   -h  --help      show this help
   -f  --file      dns server list to use (default: system resolvers)
   -c  --count     number of requests to send (default: 10)
-  -w  --wait      maximum wait time for a reply (default: 5)
+  -w  --wait      maximum wait time for a reply (default: 2)
   -t  --type      DNS request record type (default: A)
-""" % (__PROGNAME__, __VERSION__, __PROGNAME__))
+  -T  --tcp       Use TCP instead of UDP
+  -e  --edns      Disable EDNS0 (Default: Enabled)
+  -C  --color     Print colorful output
+  -v  --verbose   Print actual dns response
+""" % (__progname__, __version__, __progname__))
     sys.exit()
 
 
@@ -69,41 +92,92 @@ def maxlen(names):
     return len(sn[-1])
 
 
-def dnsping(host, server, dnsrecord, timeout, count):
+def _order_flags(table):
+    return sorted(table.items(), reverse=True)
+
+
+def flags_to_text(flags):
+    # Standard DNS flags
+
+    QR = 0x8000
+    AA = 0x0400
+    TC = 0x0200
+    RD = 0x0100
+    RA = 0x0080
+    AD = 0x0020
+    CD = 0x0010
+
+    # EDNS flags
+
+    DO = 0x8000
+
+    _by_text = {
+        'QR': QR,
+        'AA': AA,
+        'TC': TC,
+        'RD': RD,
+        'RA': RA,
+        'AD': AD,
+        'CD': CD
+    }
+
+    _by_value = dict([(y, x) for x, y in _by_text.items()])
+    _flags_order = _order_flags(_by_value)
+
+    _by_value = dict([(y, x) for x, y in _by_text.items()])
+
+    order = sorted(_by_value.items(), reverse=True)
+    text_flags = []
+    for k, v in order:
+        if flags & k != 0:
+            text_flags.append(v)
+        else:
+            text_flags.append('--')
+
+    return ' '.join(text_flags)
+
+
+def dnsping(host, server, dnsrecord, timeout, count, use_tcp=False, use_edns=False):
     resolver = dns.resolver.Resolver()
     resolver.nameservers = [server]
     resolver.timeout = timeout
     resolver.lifetime = timeout
     resolver.retry_servfail = 0
+    flags = 0
+    ttl = None
+    answers = None
+    if use_edns:
+        resolver.use_edns(edns=0, payload=8192, ednsflags=dns.flags.edns_from_text('DO'))
 
-    response_time = []
+    response_times = []
     i = 0
 
     for i in range(count):
-        if shutdown:
+        if shutdown:  # user pressed CTRL+C
             break
         try:
-            stime = time.time()
-            answers = resolver.query(host, dnsrecord)  # todo: response validation in future
-            etime = time.time()
+            stime = time.perf_counter()
+            answers = resolver.query(host, dnsrecord, tcp=use_tcp,
+                                     raise_on_no_answer=False)  # todo: response validation in future
+            etime = time.perf_counter()
         except (dns.resolver.NoNameservers, dns.resolver.NoAnswer):
             break
         except dns.resolver.Timeout:
             pass
         else:
             elapsed = (etime - stime) * 1000  # convert to milliseconds
-            response_time.append(elapsed)
+            response_times.append(elapsed)
 
     r_sent = i + 1
-    r_received = len(response_time)
+    r_received = len(response_times)
     r_lost = r_sent - r_received
     r_lost_percent = (100 * r_lost) / r_sent
-    if response_time:
-        r_min = min(response_time)
-        r_max = max(response_time)
-        r_avg = sum(response_time) / r_received
-        if len(response_time) > 1:
-            r_stddev = stdev(response_time)
+    if response_times:
+        r_min = min(response_times)
+        r_max = max(response_times)
+        r_avg = sum(response_times) / r_received
+        if len(response_times) > 1:
+            r_stddev = stdev(response_times)
         else:
             r_stddev = 0
     else:
@@ -112,29 +186,39 @@ def dnsping(host, server, dnsrecord, timeout, count):
         r_avg = 0
         r_stddev = 0
 
-    return (server, r_avg, r_min, r_max, r_stddev, r_lost_percent)
+    if answers is not None:
+        flags = answers.response.flags
+        if len(answers.response.answer) > 0:
+            ttl = answers.response.answer[0].ttl
+
+    return server, r_avg, r_min, r_max, r_stddev, r_lost_percent, flags, ttl, answers
 
 
 def main():
     try:
         signal.signal(signal.SIGTSTP, signal.SIG_IGN)  # ignore CTRL+Z
-        signal.signal(signal.SIGINT, signal_handler)  # ignore CTRL+C
-    except AttributeError:  # Some systems may not support all signals
+        signal.signal(signal.SIGINT, signal_handler)  # catch CTRL+C
+    except AttributeError:  # Some systems (e.g. Windows) may not support all signals
         pass
 
     if len(sys.argv) == 1:
         usage()
 
+    # defaults
     dnsrecord = 'A'
     count = 10
-    waittime = 5
+    waittime = 2
     inputfilename = None
     fromfile = False
+    use_tcp = False
+    use_edns = True
+    verbose = False
+    color_mode = False
     hostname = 'wikipedia.org'
 
     try:
-        opts, args = getopt.getopt(sys.argv[1:], "hf:c:t:w:",
-                                   ["help", "file=", "count=", "type=", "wait="])
+        opts, args = getopt.getopt(sys.argv[1:], "hf:c:t:w:TevC",
+                                   ["help", "file=", "count=", "type=", "wait=", "tcp", "edns", "verbose", "color"])
     except getopt.GetoptError as err:
         print(err)
         usage()
@@ -156,10 +240,20 @@ def main():
             waittime = int(a)
         elif o in ("-t", "--type"):
             dnsrecord = a
+        elif o in ("-T", "--tcp"):
+            use_tcp = True
+        elif o in ("-e", "--edns"):
+            use_edns = False
+        elif o in ("-C", "--color"):
+            color_mode = True
+        elif o in ("-v", "--verbose"):
+            verbose = True
         else:
             print("Invalid option: %s" % o)
             usage()
 
+    color = Colors(color_mode)
+
     try:
         if fromfile:
             with open(inputfilename, 'rt') as flist:
@@ -172,10 +266,13 @@ def main():
         f = [name.strip() for name in f]
         width = maxlen(f)
         blanks = (width - 5) * ' '
-        print('server ', blanks, ' avg(ms)     min(ms)     max(ms)     stddev(ms)  lost(%)')
-        print((60 + width) * '-')
+        print('server ', blanks, ' avg(ms)     min(ms)     max(ms)     stddev(ms)  lost(%)  ttl        flags')
+        print((93 + width) * '-')
         for server in f:
             # check if we have a valid dns server address
+            if server.lstrip() == '':  # deal with empty lines
+                continue
+            server = server.replace(' ', '')
             try:
                 ipaddress.ip_address(server)
             except ValueError:  # so it is not a valid IPv4 or IPv6 address, so try to resolve host name
@@ -184,20 +281,50 @@ def main():
                 except OSError:
                     print('Error: cannot resolve hostname:', server)
                     s = None
+                except:
+                    pass
             else:
                 s = server
 
             if not s:
                 continue
-            (s, r_avg, r_min, r_max, r_stddev, r_lost_percent) = dnsping(hostname, s, dnsrecord, waittime,
-                                                                         count)
+
+            try:
+                (s, r_avg, r_min, r_max, r_stddev, r_lost_percent, flags, ttl, answers) = dnsping(hostname, s,
+                                                                                                  dnsrecord,
+                                                                                                  waittime,
+                                                                                                  count,
+                                                                                                  use_tcp=use_tcp,
+                                                                                                  use_edns=use_edns)
+            except dns.resolver.NXDOMAIN:
+                print('%-15s  NXDOMAIN' % server)
+                continue
+            except Exception as e:
+                print('%s: %s' % (server, e))
+                continue
 
             s = server.ljust(width + 1)
-            print("%s    %-8.3f    %-8.3f    %-8.3f    %-8.3f    %%%d" % (
-                s, r_avg, r_min, r_max, r_stddev, r_lost_percent), flush=True)
+            text_flags = flags_to_text(flags)
+
+            s_ttl = str(ttl)
+            if s_ttl == "None":
+                s_ttl = "N/A"
+
+            if r_lost_percent > 0:
+                l_color = color.O
+            else:
+                l_color = color.N
+            print("%s    %-8.3f    %-8.3f    %-8.3f    %-8.3f    %s%%%-3d%s     %-8s  %21s" % (
+                s, r_avg, r_min, r_max, r_stddev, l_color, r_lost_percent, color.N, s_ttl, text_flags), flush=True)
+            if verbose and hasattr(answers, 'response'):
+                ans_index = 1
+                for answer in answers.response.answer:
+                    print("Answer %d [ %s%s%s ]" % (ans_index, color.B, answer, color.N))
+                    ans_index += 1
+                print("")
 
     except Exception as e:
-        print('error: %s' % e)
+        print('%s: %s' % (server, e))
         sys.exit(1)
 
 

dnsping.py

@@ -34,17 +34,20 @@ import sys
 import time
 from statistics import stdev
 
+import dns.flags
 import dns.rdatatype
 import dns.resolver
 
-__VERSION__ = 1.1
-__PROGNAME__ = os.path.basename(sys.argv[0])
+__author__ = 'Babak Farrokhi (babak@farrokhi.net)'
+__license__ = 'BSD'
+__version__ = "1.6.0"
+__progname__ = os.path.basename(sys.argv[0])
 shutdown = False
 
 
 def usage():
-    print("""%s version %1.1f
-usage: %s [-h] [-q] [-v] [-s server] [-p port] [-P port] [-S address] [-c count] [-t type] [-w wait] hostname
+    print("""%s version %s
+usage: %s [-ehqv] [-s server] [-p port] [-P port] [-S address] [-c count] [-t type] [-w wait] hostname
   -h  --help      Show this help
   -q  --quiet     Quiet
   -v  --verbose   Print actual dns response
@@ -56,9 +59,11 @@ usage: %s [-h] [-q] [-v] [-s server] [-p port] [-P port] [-S address] [-c count]
   -P  --srcport   Query source port number (default: 0)
   -S  --srcip     Query source IP address (default: default interface address)
   -c  --count     Number of requests to send (default: 10)
-  -w  --wait      Maximum wait time for a reply (default: 5)
+  -w  --wait      Maximum wait time for a reply (default: 2 seconds)
+  -i  --interval  Time between each request (default: 0 seconds)
   -t  --type      DNS request record type (default: A)
-""" % (__PROGNAME__, __VERSION__, __PROGNAME__))
+  -e  --edns      Disable EDNS0 (default: Enabled)
+""" % (__progname__, __version__, __progname__))
     sys.exit(0)
 
 
@@ -82,7 +87,8 @@ def main():
     # defaults
     dnsrecord = 'A'
     count = 10
-    timeout = 5
+    timeout = 2
+    interval = 0
     quiet = False
     verbose = False
     dnsserver = dns.resolver.get_default_resolver().nameservers[0]
@@ -90,13 +96,14 @@ def main():
     src_port = 0
     src_ip = None
     use_tcp = False
+    use_edns = True
     af = socket.AF_INET
     hostname = 'wikipedia.org'
 
     try:
-        opts, args = getopt.getopt(sys.argv[1:], "qhc:s:t:w:vp:P:S:T46",
-                                   ["help", "output=", "count=", "server=", "quiet", "type=", "wait=", "verbose",
-                                    "port", "dstport=", "srcip=", "tcp", "ipv4", "ipv6"])
+        opts, args = getopt.getopt(sys.argv[1:], "qhc:s:t:w:i:vp:P:S:T46e",
+                                   ["help", "count=", "server=", "quiet", "type=", "wait=", "interval=", "verbose",
+                                    "port=", "srcip=", "tcp", "ipv4", "ipv6", "srcport=", "edns"])
     except getopt.GetoptError as err:
         # print help information and exit:
         print(err)  # will print something like "option -a not recognized"
@@ -123,6 +130,8 @@ def main():
             verbose = False
         elif o in ("-w", "--wait"):
             timeout = int(a)
+        elif o in ("-i", "--interval"):
+            interval = int(a)
         elif o in ("-t", "--type"):
             dnsrecord = a
         elif o in ("-T", "--tcp"):
@@ -131,6 +140,8 @@ def main():
             af = socket.AF_INET
         elif o in ("-6", "--ipv6"):
             af = socket.AF_INET6
+        elif o in ("-e", "--edns"):
+            use_edns = False
         elif o in ("-P", "--srcport"):
             src_port = int(a)
             if src_port < 1024:
@@ -157,18 +168,22 @@ def main():
     resolver.port = dst_port
     resolver.retry_servfail = 0
 
+    if use_edns:
+        resolver.use_edns(edns=0, payload=8192, ednsflags=dns.flags.edns_from_text('DO'))
+
     response_time = []
     i = 0
 
-    print("%s DNS: %s:%d, hostname: %s, rdatatype: %s" % (__PROGNAME__, dnsserver, dst_port, hostname, dnsrecord))
+    print("%s DNS: %s:%d, hostname: %s, rdatatype: %s" % (__progname__, dnsserver, dst_port, hostname, dnsrecord))
 
     for i in range(count):
         if shutdown:
             break
         try:
-            stime = time.time()
-            answers = resolver.query(hostname, dnsrecord, source_port=src_port, source=src_ip, tcp=use_tcp, af=af)
-            etime = time.time()
+            stime = time.perf_counter()
+            answers = resolver.query(hostname, dnsrecord, source_port=src_port, source=src_ip, tcp=use_tcp,
+                                     raise_on_no_answer=False)
+            etime = time.perf_counter()
         except dns.resolver.NoNameservers as e:
             if not quiet:
                 print("No response to dns request")
@@ -194,10 +209,15 @@ def main():
             response_time.append(elapsed)
             if not quiet:
                 print(
-                    "%d bytes from %s: seq=%-3d time=%3.3f ms" % (
+                    "%d bytes from %s: seq=%-3d time=%.3f ms" % (
                         len(str(answers.rrset)), dnsserver, i, elapsed))
             if verbose:
                 print(answers.rrset)
+                print("flags:", dns.flags.to_text(answers.response.flags))
+
+            time_to_next = (stime + interval) - etime
+            if time_to_next > 0:
+                time.sleep(time_to_next)
 
     r_sent = i + 1
     r_received = len(response_time)
@@ -218,8 +238,8 @@ def main():
         r_stddev = 0
 
     print('\n--- %s dnsping statistics ---' % dnsserver)
-    print('%d requests transmitted, %d responses received, %3.0f%% lost' % (r_sent, r_received, r_lost_percent))
-    print('min=%3.3f ms, avg=%3.3f ms, max=%3.3f ms, stddev=%3.3f ms' % (r_min, r_avg, r_max, r_stddev))
+    print('%d requests transmitted, %d responses received, %.0f%% lost' % (r_sent, r_received, r_lost_percent))
+    print('min=%.3f ms, avg=%.3f ms, max=%.3f ms, stddev=%.3f ms' % (r_min, r_avg, r_max, r_stddev))
 
 
 if __name__ == '__main__':

dnstraceroute.py

@@ -35,13 +35,28 @@ import socket
 import sys
 import time
 
+import dns.query
 import dns.rdatatype
 import dns.resolver
+
 from cymruwhois import cymruwhois
 
 __author__ = 'Babak Farrokhi (babak@farrokhi.net)'
 __license__ = 'BSD'
-__version__ = 1.3
+__version__ = "1.6.0"
+_ttl = None
+quiet = False
+
+
+class CustomSocket(socket.socket):
+    def __init__(self, *args, **kwargs):
+        super(CustomSocket, self).__init__(*args, **kwargs)
+
+    def sendto(self, *args, **kwargs):
+        global _ttl
+        if _ttl:
+            self.setsockopt(socket.SOL_IP, socket.IP_TTL, _ttl)
+        super(CustomSocket, self).sendto(*args, **kwargs)
 
 
 def test_import():
@@ -50,7 +65,7 @@ def test_import():
 
 
 # Constants
-__PROGNAME__ = os.path.basename(sys.argv[0])
+__progname__ = os.path.basename(sys.argv[0])
 WHOIS_CACHE = 'whois.cache'
 
 
@@ -76,17 +91,17 @@ shutdown = False
 
 def whoisrecord(ip):
     try:
-        currenttime = time.time()
+        currenttime = time.perf_counter()
         ts = currenttime
         if ip in whois:
-            ASN, ts = whois[ip]
+            asn, ts = whois[ip]
         else:
             ts = 0
-        if ((currenttime - ts) > 36000):
+        if (currenttime - ts) > 36000:
             c = cymruwhois.Client()
-            ASN = c.lookup(ip)
-            whois[ip] = (ASN, currenttime)
-        return ASN
+            asn = c.lookup(ip)
+            whois[ip] = (asn, currenttime)
+        return asn
     except Exception as e:
         return e
 
@@ -102,18 +117,19 @@ except IOError:
 
 
 def usage():
-    print('%s version %1.1f\n' % (__PROGNAME__, __version__))
-    print('usage: %s [-h] [-q] [-a] [-s server] [-p port] [-c count] [-t type] [-w wait] hostname' % __PROGNAME__)
+    print('%s version %s\n' % (__progname__, __version__))
+    print('usage: %s [-aeqhCx] [-s server] [-p port] [-c count] [-t type] [-w wait]  hostname' % __progname__)
     print('  -h  --help      Show this help')
     print('  -q  --quiet     Quiet')
-    print('  -e  --expert    Print expert hints if available')
+    print('  -x  --expert    Print expert hints if available')
     print('  -a  --asn       Turn on AS# lookups for each hop encountered')
     print('  -s  --server    DNS server to use (default: first system resolver)')
     print('  -p  --port      DNS server port number (default: 53)')
     print('  -c  --count     Maximum number of hops (default: 30)')
-    print('  -w  --wait      Maximum wait time for a reply (default: 5)')
+    print('  -w  --wait      Maximum wait time for a reply (default: 2)')
     print('  -t  --type      DNS request record type (default: A)')
     print('  -C  --color     Print colorful output')
+    print('  -e  --edns      Disable EDNS0 (Default: Enabled)')
     print('  ')
     sys.exit()
 
@@ -132,6 +148,7 @@ def expert_report(trace_path, color_mode):
         print(" [*] empty trace - should not happen")
         return
 
+    private_network_radius = 4  # number of hops we assume we are still inside our local network
     prev_hop = None
     if len(trace_path) > 1:
         prev_hop = trace_path[-2]
@@ -141,27 +158,34 @@ def expert_report(trace_path, color_mode):
             " %s[*]%s path too short (possible DNS hijacking, unless it is a local DNS resolver)" % (color.R, color.N))
         return
 
-    if prev_hop == '*':
+    if prev_hop == '*' and len(trace_path) > private_network_radius:
         print(" %s[*]%s public DNS server is next to an invisible hop (probably a firewall)" % (color.R, color.N))
         return
 
-    if prev_hop and ipaddress.ip_address(prev_hop).is_private:
+    if prev_hop and len(trace_path) > private_network_radius and ipaddress.ip_address(prev_hop).is_private:
         print(" %s[*]%s public DNS server is next to a private IP address (possible hijacking)" % (color.R, color.N))
         return
 
-    if prev_hop and ipaddress.ip_address(prev_hop).is_reserved:
+    if prev_hop and len(trace_path) > private_network_radius and ipaddress.ip_address(prev_hop).is_reserved:
         print(" %s[*]%s public DNS server is next to a reserved IP address (possible hijacking)" % (color.R, color.N))
         return
 
-    ## no expert info available
+    # no expert info available
     print(" %s[*]%s No expert hint available for this trace" % (color.G, color.N))
 
 
-def ping(resolver, hostname, dnsrecord, ttl):
+def ping(resolver, hostname, dnsrecord, ttl, use_edns=False):
+    global _ttl
+
     reached = False
 
+    dns.query.socket_factory = CustomSocket
+    _ttl = ttl
+    if use_edns:
+        resolver.use_edns(edns=0, payload=8192, ednsflags=dns.flags.edns_from_text('DO'))
+
     try:
-        resolver.query(hostname, dnsrecord, ipttl=ttl)
+        resolver.query(hostname, dnsrecord, raise_on_no_answer=False)
 
     except dns.resolver.NoNameservers as e:
         if not quiet:
@@ -179,8 +203,8 @@ def ping(resolver, hostname, dnsrecord, ttl):
         pass
     except SystemExit:
         pass
-    except:
-        print("unxpected error: ", sys.exc_info()[0])
+    except Exception as e:
+        print("unxpected error: ", e)
         sys.exit(1)
     else:
         reached = True
@@ -202,18 +226,18 @@ def main():
 
     dnsrecord = 'A'
     count = 30
-    timeout = 1
-    quiet = False
+    timeout = 2
     dnsserver = dns.resolver.get_default_resolver().nameservers[0]
     dest_port = 53
     hops = 0
     as_lookup = False
     expert_mode = False
     should_resolve = True
+    use_edns = True
     color_mode = False
 
     try:
-        opts, args = getopt.getopt(sys.argv[1:], "aqhc:s:t:w:p:neC",
+        opts, args = getopt.getopt(sys.argv[1:], "aqhc:s:t:w:p:nexC",
                                    ["help", "count=", "server=", "quiet", "type=", "wait=", "asn", "port", "expert",
                                     "color"])
     except getopt.GetoptError as err:
@@ -231,7 +255,7 @@ def main():
             usage()
         elif o in ("-c", "--count"):
             count = int(a)
-        elif o in ("-e", "--expert"):
+        elif o in ("-x", "--expert"):
             expert_mode = True
         elif o in ("-s", "--server"):
             dnsserver = a
@@ -249,11 +273,23 @@ def main():
             should_resolve = False
         elif o in ("-a", "--asn"):
             as_lookup = True
+        elif o in ("-e", "--edns"):
+            use_edns = False
         else:
             usage()
 
     color = Colors(color_mode)
 
+    # check if we have a valid dns server address
+    try:
+        ipaddress.ip_address(dnsserver)
+    except ValueError:  # so it is not a valid IPv4 or IPv6 address, so try to resolve host name
+        try:
+            dnsserver = socket.getaddrinfo(dnsserver, port=None, family=socket.AF_INET)[1][4][0]
+        except OSError:
+            print('Error: cannot resolve hostname:', dnsserver)
+            sys.exit(1)
+
     resolver = dns.resolver.Resolver()
     resolver.nameservers = [dnsserver]
     resolver.timeout = timeout
@@ -267,7 +303,8 @@ def main():
     trace_path = []
 
     if not quiet:
-        print("%s DNS: %s:%d, hostname: %s, rdatatype: %s" % (__PROGNAME__, dnsserver, dest_port, hostname, dnsrecord))
+        print("%s DNS: %s:%d, hostname: %s, rdatatype: %s" % (__progname__, dnsserver, dest_port, hostname, dnsrecord),
+              flush=True)
 
     while True:
         if shutdown:
@@ -291,26 +328,26 @@ def main():
         curr_host = None
 
         with concurrent.futures.ThreadPoolExecutor(max_workers=1) as pool:  # dispatch dns lookup to another thread
-            stime = time.time()
-            thr = pool.submit(ping, resolver, hostname, dnsrecord, ttl)
+            stime = time.perf_counter()
+            thr = pool.submit(ping, resolver, hostname, dnsrecord, ttl, use_edns=use_edns)
 
             try:  # expect ICMP response
                 _, curr_addr = icmp_socket.recvfrom(512)
                 curr_addr = curr_addr[0]
             except socket.error:
-                etime = time.time()
+                etime = time.perf_counter()
                 pass
             finally:
-                etime = time.time()
+                etime = time.perf_counter()
                 icmp_socket.close()
 
         reached = thr.result()
 
         if reached:
             curr_addr = dnsserver
-            stime = time.time()  # need to recalculate elapsed time for last hop without waiting for an icmp error reply
-            ping(resolver, hostname, dnsrecord, ttl)
-            etime = time.time()
+            stime = time.perf_counter()  # need to recalculate elapsed time for last hop without waiting for an icmp error reply
+            ping(resolver, hostname, dnsrecord, ttl, use_edns=use_edns)
+            etime = time.perf_counter()
 
         elapsed = abs(etime - stime) * 1000  # convert to milliseconds
 
@@ -330,11 +367,11 @@ def main():
         if curr_addr:
             as_name = ""
             if as_lookup:
-                ASN = whoisrecord(curr_addr)
+                asn = whoisrecord(curr_addr)
                 as_name = ''
                 try:
-                    if ASN and ASN.asn != "NA":
-                        as_name = "[%s %s] " % (ASN.asn, ASN.owner)
+                    if asn and asn.asn != "NA":
+                        as_name = "[%s %s] " % (asn.asn, asn.owner)
                 except AttributeError:
                     if shutdown:
                         sys.exit(0)
@@ -350,7 +387,7 @@ def main():
                 if curr_addr == dnsserver:
                     c = color.G
 
-            print("%d\t%s (%s%s%s) %s%d ms" % (ttl, curr_name, c, curr_addr, color.N, as_name, elapsed), flush=True)
+            print("%d\t%s (%s%s%s) %s%.3f ms" % (ttl, curr_name, c, curr_addr, color.N, as_name, elapsed), flush=True)
             trace_path.append(curr_addr)
         else:
             print("%d\t *" % ttl, flush=True)

public-servers.txt

@@ -11,4 +11,5 @@
 209.244.0.4
 195.46.39.39
 195.46.39.40
-
+216.146.35.35
+216.146.36.36

requirements.txt

@@ -0,0 +1 @@
+dnspython==1.15.0

rootservers.txt

@@ -0,0 +1,13 @@
+a.root-servers.net
+b.root-servers.net
+c.root-servers.net
+d.root-servers.net
+e.root-servers.net
+f.root-servers.net
+g.root-servers.net
+h.root-servers.net
+i.root-servers.net
+j.root-servers.net
+k.root-servers.net
+l.root-servers.net
+m.root-servers.net

setup.py

@@ -1,15 +1,16 @@
 from setuptools import setup, find_packages
+
 setup(
     name="dnsdiag",
-    version = "1.3.3",
+    version="1.6.0",
     packages=find_packages(),
-    scripts = ['dnsping.py', 'dnstraceroute.py', 'dnseval.py'],
     classifiers=[
         "Topic :: System :: Networking",
         "Environment :: Console",
         "Intended Audience :: Developers",
         "License :: OSI Approved :: BSD License",
-        'Programming Language :: Python :: 3.4',
+        "Programming Language :: Python :: 3.4",
+        "Topic :: Internet :: Name Service (DNS)",
         "Development Status :: 5 - Production/Stable",
         "Operating System :: OS Independent",
     ],
@@ -26,4 +27,11 @@ as well as tracing the path your DNS query takes to get to DNS server.
     license="BSD",
     keywords="dns traceroute ping",
     url="https://dnsdiag.org/",
+    entry_points={
+        'console_scripts': [
+            'dnsping = dnsping:main',
+            'dnstraceroute = dnstraceroute:main',
+            'dnseval = dnseval:main',
+        ]
+    }
 )