Do not print DNS warnings by default and drop duplicate requests.

Windows is known to use all available interfaces for DNS requests,
which is handled as a duplicate (retransmission) in dns redirector.

It's safe to just drop these duplicates.

README.md

@@ -24,6 +24,7 @@ Usage: goodbyedpi.exe [OPTION...]
  --port      additional TCP port to perform fragmentation on (and HTTP tricks with -w)
  --dns-addr  redirect UDP DNS requests to the supplied IP address (experimental)
  --dns-port  redirect UDP DNS requests to the supplied port (53 by default)
+ --dns-verb  print verbose DNS redirection messages
 
  -1          -p -r -s -f 2 -e 2 (most compatible mode, default)
  -2          -p -r -s -f 2 -e 40 (better speed yet still compatible)

dnsredir.c

@@ -23,9 +23,7 @@
 
 #ifndef debug
 #define debug(...) do {} while (0)
-#endif
-
-#ifndef debug
+#else
 #define debug(...) printf(...)
 #endif
 
@@ -146,6 +144,18 @@ void dns_cleanup() {
     }
 }
 
+int dns_is_dns_packet(const char *packet_data, const UINT packet_dataLen, const int outgoing) {
+    if (outgoing && (ntohs(*(const uint16_t*)(packet_data + 2)) & 0xFA00) == 0 &&
+        (ntohs(*(const uint32_t*)(packet_data + 6))) == 0) {
+        return TRUE;
+    }
+    else if (!outgoing &&
+        (ntohs(*(const uint16_t*)(packet_data + 2)) & 0xF800) == 0x8000) {
+        return TRUE;
+    }
+    return FALSE;
+}
+
 int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport,
                         const uint32_t dstip, const uint16_t dstport,
                         const char *packet_data, const UINT packet_dataLen) {
@@ -155,8 +165,7 @@ int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport,
 
     dns_cleanup();
 
-    if ((ntohs(*(const uint16_t*)(packet_data + 2)) & 0xFA00) == 0 &&
-        (ntohs(*(const uint32_t*)(packet_data + 6))) == 0) {
+    if (dns_is_dns_packet(packet_data, packet_dataLen, 1)) {
         /* Looks like DNS request */
         debug("trying to add srcport = %hu, dstport = %hu\n", ntohs(srcport), ntohs(dstport));
         return add_udp_conntrack(srcip, srcport, dstip, dstport);
@@ -178,7 +187,7 @@ int dns_handle_incoming(const uint32_t srcip, const uint16_t srcport,
 
     dns_cleanup();
 
-    if ((ntohs(*(const uint16_t*)(packet_data + 2)) & 0xF800) == 0x8000) {
+    if (dns_is_dns_packet(packet_data, packet_dataLen, 0)) {
         /* Looks like DNS response */
         construct_key(srcip, srcport, key);
         if (check_get_udp_conntrack_key(key, &tmp_connrecord) && tmp_connrecord) {

dnsredir.h

@@ -17,3 +17,4 @@ int dns_handle_outgoing(const uint32_t srcip, const uint16_t srcport,
                         const char *packet_data, const UINT packet_dataLen);
 
 void flush_dns_cache();
+int dns_is_dns_packet(const char *packet_data, const UINT packet_dataLen, const int outgoing);

goodbyedpi.c

@@ -62,6 +62,7 @@ static struct option long_options[] = {
     {"port",      required_argument, 0,  'z' },
     {"dns-addr",  required_argument, 0,  'd' },
     {"dns-port",  required_argument, 0,  'g' },
+    {"dns-verb",  no_argument,       0,  'v' },
     {0,           0,                 0,   0  }
 };
 
@@ -242,7 +243,8 @@ int main(int argc, char *argv[]) {
         do_fragment_https = 0, do_host = 0,
         do_host_removespace = 0, do_additional_space = 0,
         do_http_allports = 0,
-        do_host_mixedcase = 0, do_dns_redirect = 0;
+        do_host_mixedcase = 0, do_dns_redirect = 0,
+        do_dns_verb = 0;
     int http_fragment_size = 2;
     int https_fragment_size = 2;
     uint32_t dns_addr = 0;
@@ -359,6 +361,9 @@ int main(int argc, char *argv[]) {
                 }
                 dns_port = ntohs(dns_port);
                 break;
+            case 'v':
+                do_dns_verb = 1;
+                break;
             default:
                 printf("Usage: goodbyedpi.exe [OPTION...]\n"
                 " -p          block passive DPI\n"
@@ -578,7 +583,13 @@ int main(int argc, char *argv[]) {
                         should_recalc_checksum = 1;
                     }
                     else {
-                        printf("[DNS] Error handling incoming packet!\n");
+                        if (dns_is_dns_packet(packet_data, packet_dataLen, 0))
+                            should_reinject = 0;
+
+                        if (do_dns_verb && !should_reinject) {
+                            printf("[DNS] Error handling incoming packet: srcport = %hu, dstport = %hu\n",
+                               ntohs(ppUdpHdr->SrcPort), ntohs(ppUdpHdr->DstPort));
+                        }
                     }
                 }
 
@@ -594,7 +605,13 @@ int main(int argc, char *argv[]) {
                         should_recalc_checksum = 1;
                     }
                     else {
-                        printf("[DNS] Error handling outgoing packet!\n");
+                        if (dns_is_dns_packet(packet_data, packet_dataLen, 1))
+                            should_reinject = 0;
+
+                        if (do_dns_verb && !should_reinject) {
+                            printf("[DNS] Error handling outgoing packet: srcport = %hu, dstport = %hu\n",
+                               ntohs(ppUdpHdr->SrcPort), ntohs(ppUdpHdr->DstPort));
+                        }
                     }
                 }
             }