Add example addon for DNS flows (mitmproxy#7973)

mhils · autofix-ci[bot] · web-flow · commit 7093e50826eb · 2025-11-11T16:02:35.000Z
* add example addon for DNS flows

* [autofix.ci] apply automated fixes

* fix mypy

---------

Co-authored-by: autofix-ci[bot] &lt;114827586+autofix-ci[bot]@users.noreply.github.com&gt;
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -20,6 +20,8 @@
   ([#7933](https://github.com/mitmproxy/mitmproxy/pull/7933), @caiquejjx, @mhils)
 - Fix various issues in infer_content_encoding
   ([#7928](https://github.com/mitmproxy/mitmproxy/pull/7928), @xu-cheng)
+- Add example addon to spoof DNS responses.
+  ([#7973](https://github.com/mitmproxy/mitmproxy/pull/7973), @mhils)
 - Gracefully handle decoding of raw binary payloads that previously caused 
   "Raw cannot decode" or "failed to parse as JSON" errors
   ([#7940](https://github.com/mitmproxy/mitmproxy/pull/7940), @AdityaPatadiya)
diff --git a/examples/addons/dns-simple.py b/examples/addons/dns-simple.py
@@ -0,0 +1,38 @@
+"""
+Spoof DNS responses.
+
+In this example, we fiddle with IPv6 (AAAA) records:
+ - For example.com, `::1` is returned.
+   (domain is hosted on localhost)
+ - For example.org, an NXDOMAIN error is returned.
+   (domain does not exist)
+ - For all other domains, return a non-error response without any records.
+   (domain exists, but has no IPv6 configured)
+"""
+
+import ipaddress
+import logging
+
+from mitmproxy import dns
+
+
+def dns_request(flow: dns.DNSFlow) -> None:
+    q = flow.request.question
+    if q and q.type == dns.types.AAAA:
+        logging.info(f"Spoofing IPv6 records for {q.name}...")
+        if q.name == "example.com":
+            flow.response = flow.request.succeed(
+                [
+                    dns.ResourceRecord(
+                        name="example.com",
+                        type=dns.types.AAAA,
+                        class_=dns.classes.IN,
+                        ttl=dns.ResourceRecord.DEFAULT_TTL,
+                        data=ipaddress.ip_address("::1").packed,
+                    )
+                ]
+            )
+        elif q.name == "example.org":
+            flow.response = flow.request.fail(dns.response_codes.NXDOMAIN)
+        else:
+            flow.response = flow.request.succeed([])
