How to intercept DNS Requests?

Question

Created Oct ’20

Replies 2

Boosts 0

Views 2.4k

Participants 2

Hi,

What I want to do is be able to intercept all DNS requests a user would make. After intercepting the request, I would then send the request to a server which would then check if the domain name matches one in it's list. If it does match I want to send back to the client another domain name or IP address that they should use. I need this to work on macOS.

I've looked briefly at NEDNSProxyManager. Will I be able to intercept DNS requests with this? Are there any other libraries or code examples I can use to intercept DNS requests? Preferably, in Swift.

Example:

User tries to access "test.fakedomain.com"
Intercept DNS request and send request to Server (through established web socket connection)
Server responds with "not in list go to testsite.com" message if the domain name is not in it's list and the User can continue to proceed to the specified URL
If the Server responds with "in list" message the User does not proceed to go to "test.fakedomain.com" and the user will go to the specified URL in the Server's message instead.

Please do not hesitate to ask for any clarification. Thank you!

Answered by DTS Engineer in 643210022

A DNS proxy provider is indeed the correct way to intercept DNS requests on our platforms. It seems like you’re targeting the Mac, which is good because there are serious limits to using DNS proxy providers on our other platforms (on iOS it requires a supervised device, and it’s not available on tvOS or watchOS).

Will I be able to intercept DNS requests with this?

You’ll see all DNS requests run via the system DNS resolver. Some third-party apps do their own DNS resolution — something we strongly recommend against, but there you go — and you won’t see those requests.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

Boost

Answer 1

DTS Engineer OP

Apple

Oct ’20

Accepted Answer

A DNS proxy provider is indeed the correct way to intercept DNS requests on our platforms. It seems like you’re targeting the Mac, which is good because there are serious limits to using DNS proxy providers on our other platforms (on iOS it requires a supervised device, and it’s not available on tvOS or watchOS).

Will I be able to intercept DNS requests with this?

You’ll see all DNS requests run via the system DNS resolver. Some third-party apps do their own DNS resolution — something we strongly recommend against, but there you go — and you won’t see those requests.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

1

Answer 2

AppleSwift999 OP

Oct ’20

Thank you for the input. I'll be sure to come back to this post/create a new post if I encounter any problems with my implementation.

0