From 070c99b433a213e636239e1699e49162a7ade2d1 Mon Sep 17 00:00:00 2001
From: Eduardo Silva <eduardo@eth0.com.br>
Date: Tue, 9 Jul 2024 14:46:59 -0300
Subject: [PATCH] DNS diagnostic tool

---
 Dockerfile                                |  1 +
 console/views.py                          |  3 +++
 dns/scripts/test_dns_service.sh           | 33 +++++++++++++++++++++++
 dns/views.py                              |  9 +++++--
 templates/console/console.html            |  1 +
 templates/wireguard/wireguard_status.html |  2 +-
 wireguard_tools/views.py                  |  3 +++
 wireguard_webadmin/settings.py            |  2 +-
 8 files changed, 50 insertions(+), 4 deletions(-)
 create mode 100755 dns/scripts/test_dns_service.sh

diff --git a/Dockerfile b/Dockerfile
index 135fe27..014a86e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,6 +12,7 @@ RUN apt-get update && apt-get install -y \
     inetutils-traceroute \
     nano \
     openssl \
+    dnsutils \
     && rm -rf /var/lib/apt/lists/*
 
 # those are the really necessary packages
diff --git a/console/views.py b/console/views.py
index 5ce6a37..b8d59cf 100644
--- a/console/views.py
+++ b/console/views.py
@@ -46,6 +46,9 @@ def view_console(request):
     elif requested_command == 'traceroute':
         page_title = 'Console: traceroute ' + command_target
         bash_command = ['bash', '-c', 'traceroute ' + command_target]
+    elif requested_command == 'testdns':
+        page_title = 'Console: DNS container test script'
+        bash_command = ['/app/dns/scripts/test_dns_service.sh']
     else:
         bash_command = None
         command_output = ''
diff --git a/dns/scripts/test_dns_service.sh b/dns/scripts/test_dns_service.sh
new file mode 100755
index 0000000..761b5b0
--- /dev/null
+++ b/dns/scripts/test_dns_service.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+echo '--- Ping the DNS container...'
+ping -c 4 wireguard-webadmin-dns
+echo ''
+echo ''
+echo '--- Checking firewall rules...'
+iptables -t nat -L WGWADM_PREROUTING -nv |grep -e pkts -e dpt:53
+
+output=$(iptables -t nat -L WGWADM_PREROUTING -nv | grep -e dpt:53)
+if [[ -z "$output" ]]; then
+  echo ''
+  echo '=== ERROR: No firewall rules redirecting the DNS service were found.'
+else
+  if [[ "$output" == *"127.0.0.250"* ]]; then
+    echo ''
+    echo '=== ERROR: The firewall script failed to resolve the DNS service name.'
+    echo '=== The IP 127.0.0.250 is a fallback address.'
+  fi
+fi
+echo ''
+echo ''
+echo '--- Testing the DNS resolution...'
+echo 'Resolving google.com...'
+dig @wireguard-webadmin-dns google.com +short
+echo ''
+echo ''
+echo '--- Testing getent hosts...'
+getent hosts wireguard-webadmin-dns
+DNS_IP=$(getent hosts wireguard-webadmin-dns | awk '{ print $1 }')
+if [ -z "$DNS_IP" ]; then
+    DNS_IP="127.0.0.250"
+fi
+echo "DNS IP: $DNS_IP"
\ No newline at end of file
diff --git a/dns/views.py b/dns/views.py
index b11c68a..349e31d 100644
--- a/dns/views.py
+++ b/dns/views.py
@@ -8,14 +8,19 @@ from .functions import generate_dnsmasq_config
 from django.conf import settings
 
 
-@login_required
-def view_apply_dns_config(request):
+def export_dns_configuration():
     dns_settings, _ = DNSSettings.objects.get_or_create(name='dns_settings')
     dns_settings.pending_changes = False
     dns_settings.save()
     dnsmasq_config = generate_dnsmasq_config()
     with open(settings.DNS_CONFIG_FILE, 'w') as f:
         f.write(dnsmasq_config)
+    return
+
+
+@login_required
+def view_apply_dns_config(request):
+    export_dns_configuration()
     messages.success(request, 'DNS settings applied successfully')
     return redirect('/dns/')
 
diff --git a/templates/console/console.html b/templates/console/console.html
index a08e43e..4b3a7f0 100644
--- a/templates/console/console.html
+++ b/templates/console/console.html
@@ -18,6 +18,7 @@
                 <a href='?command=route' class='btn btn-outline-primary'>route -n</a>
                 <a href='javascript:void(0)' class='btn btn-outline-primary' data-command='traceroute' onclick='openCommandDialog(this)'>traceroute</a>
                 <a href='javascript:void(0)' class='btn btn-outline-primary' data-command='ping' onclick='openCommandDialog(this)'>ping</a>
+                <a href='?command=testdns' class='btn btn-outline-primary'>dns test</a>
         
                 <script>
                 function openCommandDialog(element) {
diff --git a/templates/wireguard/wireguard_status.html b/templates/wireguard/wireguard_status.html
index bc9b591..396c9be 100644
--- a/templates/wireguard/wireguard_status.html
+++ b/templates/wireguard/wireguard_status.html
@@ -7,7 +7,7 @@
 <div class="card card-primary card-outline">
     <div class="card-header">
         <a href='/status/' class='btn btn-outline-primary'>wg show</a>
-        <a href='/tools/export_wireguard_config/' class='btn btn-outline-primary'>Update Wireguard Configuration</a>
+        <a href='/tools/export_wireguard_config/' class='btn btn-outline-primary'>Update Configuration</a>
         <a href='/tools/restart_wireguard/' class='btn btn-outline-primary'>Restart Wireguard service</a>
     </div>
     <div class="card-body">
diff --git a/wireguard_tools/views.py b/wireguard_tools/views.py
index a33b0ff..ac8380b 100644
--- a/wireguard_tools/views.py
+++ b/wireguard_tools/views.py
@@ -4,6 +4,8 @@ import qrcode
 import subprocess
 from django.http import HttpResponse
 from django.shortcuts import redirect, get_object_or_404, render
+
+from dns.views import export_dns_configuration
 from firewall.tools import generate_firewall_header, generate_firewall_footer, generate_port_forward_firewall, \
     export_user_firewall, generate_redirect_dns_rules
 from user_manager.models import UserAcl
@@ -75,6 +77,7 @@ def export_wireguard_configs(request):
     base_dir = "/etc/wireguard"
 
     export_firewall_configuration()
+    export_dns_configuration()
     
     firewall_inserted = False
     for instance in instances:
diff --git a/wireguard_webadmin/settings.py b/wireguard_webadmin/settings.py
index c6b0d69..4375f8c 100644
--- a/wireguard_webadmin/settings.py
+++ b/wireguard_webadmin/settings.py
@@ -134,6 +134,6 @@ STATICFILES_DIRS = [
 DNS_CONFIG_FILE = '/etc/dnsmasq/wireguard_webadmin_dns.conf'
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
 
-WIREGUARD_WEBADMIN_VERSION = 9611
+WIREGUARD_WEBADMIN_VERSION = 9612
 
 from wireguard_webadmin.production_settings import *