CalvinBackup/ctrld
1
0
Fork 0
mirror of https://github.com/Control-D-Inc/ctrld.git synced 2026-03-25 23:30:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: add Windows NRPT and WFP DNS interception

Browse Source 
Implement DNS interception on Windows with dual-mode support:
- NRPT for --intercept-mode=dns: catch-all rule redirecting all DNS
  to ctrld's listener, with GP vs local path detection
- WFP for --intercept-mode=hard: sublayer with callout filters
  intercepting port 53 traffic
- NRPT probe-and-heal for async Group Policy refresh race
- Service registry verification for intercept mode persistence
- NRPT diagnostics script for troubleshooting

Includes WFP technical reference docs and Windows test scripts.

Squashed from intercept mode development on v1.0 branch (#497).
This commit is contained in:
Codescribe
2026-03-03 02:07:11 -05:00
committed by Cuong Manh Le
parent 289a46dc2c
commit 768cc81855
5 changed files with 2430 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1674
cmd/cli/dns_intercept_windows.go Normal file
View File

File diff suppressed because it is too large Load Diff

2
cmd/cli/os_windows.go
View File

@@ -55,7 +55,7 @@ func setDNS(iface *net.Interface, nameservers []string) error {
mainLog.Load().Debug().Msgf("Existing forwarders content: %s", string(oldForwardersContent))
}
hasLocalIPv6Listener := needLocalIPv6Listener()
hasLocalIPv6Listener := needLocalIPv6Listener(interceptMode)
mainLog.Load().Debug().Bool("has_ipv6_listener", hasLocalIPv6Listener).Msg("IPv6 listener status")
forwarders := slices.DeleteFunc(slices.Clone(nameservers), func(s string) bool {