#!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.1"
DESCRIPTION="DNSSpoof using DNSMasq instead of Dsniff tools"
CONF=/tmp/dnsmasq.form

: ${DIALOG_OK=0}
: ${DIALOG_CANCEL=1}
: ${DIALOG_HELP=2}
: ${DIALOG_EXTRA=3}
: ${DIALOG_ITEM_HELP=4}
: ${DIALOG_ESC=255}

function configure {

  # Add dnsmasq configuration if not already in conf file
  if ! grep -q addn-hosts=/etc/dnsmasq.hosts /etc/dnsmasq.conf; then
    echo -e "no-dhcp-interface=
server=8.8.8.8
no-hosts
addn-hosts=/etc/dnsmasq.hosts" >> /etc/dnsmasq.conf
  fi

  # Add example dnsmasq hosts if it doesn't already exist
  if [ ! -e /etc/dnsmasq.hosts ]; then
    touch /etc/dnsmasq.hosts
    echo -e "172.16.84.1 example.com www.example.com" > /etc/dnsmasq.hosts
  fi

  dialog \
    --help-button \
    --title "DNSMasq Hosts Configuration (/etc/dnsmasq.hosts)" \
    --editbox /etc/dnsmasq.hosts 18 72\
  2>$CONF
  return=$?
  case $return in
    $DIALOG_OK)
      cat $CONF | {
        cat $CONF > /etc/dnsmasq.hosts
        rm $CONF
      };;
    $DIALOG_HELP)
      dialog --title "Help" \
        --msgbox "\
As an alternative to DNSSpoof, DNSMasq can be used to forge replies to arbitrary DNS addresses / pointer queries on the LAN. \
This is useful in bypassing hostname-based access controls, or in implementing a variety of man-in-the-middle attacks.\n\n\
In some circumstances DNSMasq may perform better than DNSSpoof. The only configuration difference is the syntax of the hosts file.\n\n\
For example, the IP address returned for a client lookup of the domain \"example.com\" can be replaced with that of the LAN Turtle itself, or a 3rd party server. \
The dnsmasq.hosts editor lists the IP address and Domain names to spoof. The default example replaces example.com with the IP address 172.16.84.1 - the LAN Turtle default address.\n\n\
Each line contains the IP address and one or more domains separated by spaces or tabs. For example:\n\n\
172.16.84.1 example.com www.example.com mail.example.com\n\n
In this scenario, the computer connected to the Internet through the LAN Turtle attempting to browse to this domain may be redirected to the spoofed IP.\n\n\
" 20 72
      configure
      ;;
    $DIALOG_CANCEL)
      rm $CONF;;
    $DIALOG_ESC)
      rm $CONF;;
  esac
}

function start {
  if grep addn-hosts /etc/dnsmasq.conf &> /dev/null; then 
    echo "DNSMasq already running with spoofhost. Restarting."
    /etc/init.d/dnsmasq stop && /etc/init.d/dnsmasq start
  else 
    echo "Starting DNSMasq with spoofhost"
    echo "addn-hosts=/etc/dnsmasq.hosts" >> /etc/dnsmasq.conf
    /etc/init.d/dnsmasq stop && /etc/init.d/dnsmasq start
    echo "DNSMasq Started with spoofhost"
  fi
}

function stop {
  if grep addn-hosts /etc/dnsmasq.conf &> /dev/null; then 
    echo "Restarting DNSMasq without spoofhost"
    sed -i '/addn-hosts=\/etc\/dnsmasq.hosts/d' /etc/dnsmasq.conf
    /etc/init.d/dnsmasq stop && /etc/init.d/dnsmasq start
    echo "DNSMasq restarted without spoofhost"
  else
    echo "DNSMasq isn't running with spoofhost"
  fi
}

function status {
    if grep addn-hosts /etc/dnsmasq.conf &> /dev/null; then echo "1"; else echo "0"; fi
}