import * as plugins from './plugins.js';
import { type IIpcDnsQuestion } from './classes.rustdnsbridge.js';
export interface IDnsServerOptions {
    httpsKey: string;
    httpsCert: string;
    httpsPort: number;
    udpPort: number;
    /** Port for TCP DNS queries. Defaults to udpPort. */
    tcpPort?: number;
    dnssecZone: string;
    udpBindInterface?: string;
    /** IP to bind TCP DNS. Defaults to udpBindInterface or 0.0.0.0. */
    tcpBindInterface?: string;
    httpsBindInterface?: string;
    manualUdpMode?: boolean;
    manualTcpMode?: boolean;
    manualHttpsMode?: boolean;
    primaryNameserver?: string;
    enableLocalhostHandling?: boolean;
}
export interface DnsAnswer {
    name: string;
    type: string;
    class: string | number;
    ttl: number;
    data: any;
}
export interface IDnsQuestion {
    name: string;
    type: string;
    class?: string;
}
export interface IDnsHandler {
    domainPattern: string;
    recordTypes: string[];
    handler: (question: IDnsQuestion) => DnsAnswer | null;
}
interface LetsEncryptOptions {
    email?: string;
    staging?: boolean;
    certDir?: string;
}
export interface IDnsQueryCompletedEvent {
    /** The original questions from the query */
    questions: IIpcDnsQuestion[];
    /** Whether any handler answered the query */
    answered: boolean;
    /** How long handler resolution took (ms) */
    responseTimeMs: number;
    /** Timestamp of the query */
    timestamp: number;
}
export declare class DnsServer extends plugins.events.EventEmitter {
    private options;
    private bridge;
    private handlers;
    private bridgeSpawned;
    private httpsServer;
    private udpServer;
    private tcpServer;
    constructor(options: IDnsServerOptions);
    /**
     * Register a DNS handler for a domain pattern and record types.
     */
    registerHandler(domainPattern: string, recordTypes: string[], handler: (question: IDnsQuestion) => DnsAnswer | null): void;
    /**
     * Unregister a specific handler.
     */
    unregisterHandler(domainPattern: string, recordTypes: string[]): boolean;
    /**
     * Start the DNS server.
     */
    start(): Promise<void>;
    /**
     * Stop the DNS server.
     */
    stop(): Promise<void>;
    /**
     * Initialize servers (no-op with Rust bridge, kept for API compatibility).
     */
    initializeServers(): void;
    /**
     * Initialize UDP server (no-op with Rust bridge).
     */
    initializeUdpServer(): void;
    /**
     * Initialize HTTPS server (no-op with Rust bridge).
     */
    initializeHttpsServer(): void;
    /**
     * Handle a raw TCP socket for HTTPS/DoH.
     * In Rust mode, this is not directly supported — use processRawDnsPacket instead.
     */
    handleHttpsSocket(socket: plugins.net.Socket): void;
    /**
     * Handle a UDP message manually.
     */
    handleUdpMessage(msg: Buffer, rinfo: plugins.dgram.RemoteInfo, responseCallback?: (response: Buffer, rinfo: plugins.dgram.RemoteInfo) => void): void;
    /**
     * Process a raw DNS packet asynchronously via Rust bridge.
     */
    processRawDnsPacketAsync(packet: Buffer): Promise<Buffer>;
    /**
     * Retrieve SSL certificate for specified domains using Let's Encrypt
     */
    retrieveSslCertificate(domainNames: string[], options?: LetsEncryptOptions): Promise<{
        cert: string;
        key: string;
        success: boolean;
    }>;
    /**
     * Filter domains to include only those the server is authoritative for.
     */
    filterAuthorizedDomains(domainNames: string[]): string[];
    /**
     * Resolve a DNS query event from Rust using TypeScript handlers.
     */
    private resolveQuery;
    private getDnsRecordValueForChallenge;
    private isValidIpAddress;
    private isAuthorizedForDomain;
}
export {};