Fix FortiGate DDNS Update NOTZONE problem

dns_forward.py

#!/usr/bin/env python3

from __future__ import print_function

from netfilterqueue import NetfilterQueue
from scapy.layers.dns import *


def modify(pkt):
    ip = IP(pkt.get_payload())
    udp = ip.payload
    if udp.name == 'UDP' and udp.dport == 53:  # is a DNS request
        ns = udp.payload.ns
        while isinstance(ns, DNSRR):
            name = ns.rrname
            pos = name.find(b'tusimple.ai')
            if pos >= 0:
                print('alter', name, 'to', name[:pos + 11])
                ns.rrname = name[:pos + 11]
            ns = ns.payload
        # recalculate checksum
        del udp.len, udp.chksum, ip.len, ip.chksum
        ip = IP(bytes(ip))
        pkt.set_payload(bytes(ip))
    pkt.accept()


def main():
    if len(sys.argv) < 2:
        return print('Usage: {} <IP of FortiGate>'.format(sys.argv[0]))
    nfqueue = NetfilterQueue()
    suf = '-s {} -p udp --dport 53'.format(sys.argv[1])
    nfqueue.bind(1, modify)
    os.system('iptables -I INPUT ' + suf + ' -j NFQUEUE --queue-num 1')
    try:
        nfqueue.run()
    except KeyboardInterrupt:
        print('')
    nfqueue.unbind()
    os.system('iptables -D INPUT ' + suf + ' -j NFQUEUE --queue-num 1')


if __name__ == '__main__':
    main()