added system resolver as default, updated CLI commands description, bumped to v0.0.7

shadowy-pycoder · shadowy-pycoder · commit 7d370a7c28dc · 2026-04-01T02:32:06.000+03:00
diff --git a/README.md b/README.md
@@ -39,7 +39,9 @@ OPTIONS:
   -I           Display list of network interfaces and exit
   -d           Enable debug logging
   -nocolor     Disable colored output
-  -auto        Automatically set kernel parameters (Linux/Android) and network settings
+  -auto        Automatically set kernel parameters (Linux/Android) and network settings. When RA spoofing is enabled and no -rdnss flag
+               is provided, RDNSS option is included in each packet with host IP as DNS server for targets. DNS server is setup using
+               resolv.conf or Google DNS as fallback nameserver.
   -i           The name of the network interface. Example: eth0 (Default: default interface)
   -interval    Interval between sent packets (Default: 5s)
 
@@ -51,9 +53,9 @@ OPTIONS:
 
   RA spoofing:
   -ra          Enable RA (router advertisement) spoofing. It is enabled when no spoofing mode specified
-  -p           IPv6 prefix for RA spoofing (Example: 2001:db8:7a31:4400::/64)
+  -p           IPv6 prefix for RA spoofing (Example: 2001:db8:7a31:4400::/64). See RFC 4862 for more info
   -mtu         MTU value to send in RA packet (Default: interface value)
-  -rlt         Router lifetime value
+  -rlt         Router lifetime value. Tells targets how long router should be used as default gateway. See RFC 4682 for more info
   -rdnss       Comma separated list of DNS servers for RDNSS mode (Example: "2001:4860:4860::8888,2606:4700:4700::1111")
   -E           Specify IPv6 extension headers for RA Guard evasion. The packet structure should contain at least one fragment (F)
                that is used to separate per-fragment headers (PFH) and headers for fragmentable part. PFH get included in each fragment,
diff --git a/cmd/nf/main.go b/cmd/nf/main.go
@@ -42,7 +42,9 @@ OPTIONS:
   -I           Display list of network interfaces and exit
   -d           Enable debug logging
   -nocolor     Disable colored output
-  -auto        Automatically set kernel parameters (Linux/Android) and network settings
+  -auto        Automatically set kernel parameters (Linux/Android) and network settings. When RA spoofing is enabled and no -rdnss flag
+               is provided, RDNSS option is included in each packet with host IP as DNS server for targets. DNS server is setup using
+               resolv.conf or Google DNS as fallback nameserver.
   -i           The name of the network interface. Example: eth0 (Default: default interface)
   -interval    Interval between sent packets (Default: 5s)
 
@@ -54,9 +56,9 @@ OPTIONS:
 
   RA spoofing:
   -ra          Enable RA (router advertisement) spoofing. It is enabled when no spoofing mode specified
-  -p           IPv6 prefix for RA spoofing (Example: 2001:db8:7a31:4400::/64)
+  -p           IPv6 prefix for RA spoofing (Example: 2001:db8:7a31:4400::/64). See RFC 4862 for more info
   -mtu         MTU value to send in RA packet (Default: interface value)
-  -rlt         Router lifetime value
+  -rlt         Router lifetime value. Tells targets how long router should be used as default gateway. See RFC 4682 for more info
   -rdnss       Comma separated list of DNS servers for RDNSS mode (Example: "2001:4860:4860::8888,2606:4700:4700::1111")
   -E           Specify IPv6 extension headers for RA Guard evasion. The packet structure should contain at least one fragment (F)
                that is used to separate per-fragment headers (PFH) and headers for fragmentable part. PFH get included in each fragment,
diff --git a/ndpspoof.go b/ndpspoof.go
@@ -412,12 +412,7 @@ func NewNDPSpoofer(conf *NDPSpoofConfig) (*NDPSpoofer, error) {
 				return nil, fmt.Errorf("[ndp spoofer] failed creating DNS server on %s:53: %v", nr.hostIP, err)
 			}
 			nr.gwConn = pconn.(*net.UDPConn)
-			var gwIPv4 netip.Addr
-			gwIPv4, err = network.GetGatewayIPv4FromInterface(nr.iface.Name)
-			if err != nil {
-				gwIPv4 = netip.MustParseAddr("8.8.8.8")
-			}
-			nr.gwDNSAddr = &net.UDPAddr{IP: net.ParseIP(gwIPv4.String()), Port: 53}
+			nr.gwDNSAddr = nr.getResolver()
 		}
 		if conf.PacketQuery != "" {
 			ra := nr.newRAPacket(nr.rlt)
@@ -1222,3 +1217,18 @@ func (nr *NDPSpoofer) handleDNSConnection(conn *udpConn) {
 		return
 	}
 }
+
+func (nr *NDPSpoofer) getResolver() *net.UDPAddr {
+	if resolvers, err := network.GetSystemNameservers(); err == nil {
+		for _, r := range resolvers {
+			if network.Is6(r) {
+				var zone string
+				if r.IsLinkLocalUnicast() {
+					zone = nr.iface.Name
+				}
+				return &net.UDPAddr{IP: net.ParseIP(r.String()), Port: 53, Zone: zone}
+			}
+		}
+	}
+	return &net.UDPAddr{IP: net.ParseIP("2001:4860:4860::8888"), Port: 53}
+}
diff --git a/version.go b/version.go
@@ -1,3 +1,3 @@
 package ndpspoof
 
-const Version string = "nf v0.0.6"
+const Version string = "nf v0.0.7"

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`package ndpspoof`
`2`	`2`
`3`		`-const Version string = "nf v0.0.6"`
	`3`	`+const Version string = "nf v0.0.7"`