Documentation
¶
Overview ¶
Package main is responsible for command-line interface of dnsproxy.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var VersionString = "dev" // nolint:gochecknoglobals
VersionString will be set through ldflags, contains current version
Functions ¶
Types ¶
type Options ¶
type Options struct {
// Configuration file path (yaml), the config path should be read without
// using goFlags in order not to have default values overriding yaml
// options.
ConfigPath string `` /* 194-byte string literal not displayed */
// Should we write
Verbose bool `yaml:"verbose" short:"v" long:"verbose" description:"Verbose output (optional)" optional:"yes" optional-value:"true"`
// Path to a log file
LogOutput string `yaml:"output" short:"o" long:"output" description:"Path to the log file. If not set, write to stdout."`
// Server listen address
ListenAddrs []string `yaml:"listen-addrs" short:"l" long:"listen" description:"Listening addresses"`
// Server listen ports
ListenPorts []int `yaml:"listen-ports" short:"p" long:"port" description:"Listening ports. Zero value disables TCP and UDP listeners"`
// HTTPS listen ports
HTTPSListenPorts []int `yaml:"https-port" short:"s" long:"https-port" description:"Listening ports for DNS-over-HTTPS"`
// TLS listen ports
TLSListenPorts []int `yaml:"tls-port" short:"t" long:"tls-port" description:"Listening ports for DNS-over-TLS"`
// QUIC listen ports
QUICListenPorts []int `yaml:"quic-port" short:"q" long:"quic-port" description:"Listening ports for DNS-over-QUIC"`
// DNSCrypt listen ports
DNSCryptListenPorts []int `yaml:"dnscrypt-port" short:"y" long:"dnscrypt-port" description:"Listening ports for DNSCrypt"`
// Path to the .crt with the certificate chain
TLSCertPath string `yaml:"tls-crt" short:"c" long:"tls-crt" description:"Path to a file with the certificate chain"`
// Path to the file with the private key
TLSKeyPath string `yaml:"tls-key" short:"k" long:"tls-key" description:"Path to a file with the private key"`
// Minimum TLS version
TLSMinVersion float32 `yaml:"tls-min-version" long:"tls-min-version" description:"Minimum TLS version, for example 1.0" optional:"yes"`
// Maximum TLS version
TLSMaxVersion float32 `yaml:"tls-max-version" long:"tls-max-version" description:"Maximum TLS version, for example 1.3" optional:"yes"`
// Disable TLS certificate verification
Insecure bool `yaml:"insecure" long:"insecure" description:"Disable secure TLS certificate validation" optional:"yes" optional-value:"false"`
// Path to the DNSCrypt configuration file
DNSCryptConfigPath string `` /* 177-byte string literal not displayed */
// HTTP3 controls whether HTTP/3 is enabled for this instance of dnsproxy.
// It enables HTTP/3 support for both the DoH upstreams and the DoH server.
HTTP3 bool `yaml:"http3" long:"http3" description:"Enable HTTP/3 support" optional:"yes" optional-value:"false"`
// DNS upstreams
Upstreams []string `` /* 191-byte string literal not displayed */
// Bootstrap DNS
BootstrapDNS []string `` /* 142-byte string literal not displayed */
// Fallback DNS resolver
Fallbacks []string `` /* 210-byte string literal not displayed */
// PrivateRDNSUpstreams are upstreams to use for reverse DNS lookups of
// private addresses.
PrivateRDNSUpstreams []string `` /* 178-byte string literal not displayed */
// If true, parallel queries to all configured upstream servers
AllServers bool `` /* 166-byte string literal not displayed */
// Respond to A or AAAA requests only with the fastest IP address
// detected by ICMP response time or TCP connection time
FastestAddress bool `` /* 153-byte string literal not displayed */
// Timeout for outbound DNS queries to remote upstream servers in a
// human-readable form. Default is 10s.
Timeout timeutil.Duration `` /* 142-byte string literal not displayed */
// If true, DNS cache is enabled
Cache bool `yaml:"cache" long:"cache" description:"If specified, DNS cache is enabled" optional:"yes" optional-value:"true"`
// Cache size value
CacheSizeBytes int `yaml:"cache-size" long:"cache-size" description:"Cache size (in bytes). Default: 64k"`
// DNS cache minimum TTL value - overrides record value
CacheMinTTL uint32 `` /* 194-byte string literal not displayed */
// DNS cache maximum TTL value - overrides record value
CacheMaxTTL uint32 `yaml:"cache-max-ttl" long:"cache-max-ttl" description:"Maximum TTL value for DNS entries, in seconds."`
// CacheOptimistic, if set to true, enables the optimistic DNS cache. That means that cached results will be served even if their cache TTL has already expired.
CacheOptimistic bool `` /* 144-byte string literal not displayed */
// Ratelimit value
Ratelimit int `yaml:"ratelimit" short:"r" long:"ratelimit" description:"Ratelimit (requests per second)"`
// If true, refuse ANY requests
RefuseAny bool `yaml:"refuse-any" long:"refuse-any" description:"If specified, refuse ANY requests" optional:"yes" optional-value:"true"`
// Use EDNS Client Subnet extension
EnableEDNSSubnet bool `yaml:"edns" long:"edns" description:"Use EDNS Client Subnet extension" optional:"yes" optional-value:"true"`
// Use Custom EDNS Client Address
EDNSAddr string `yaml:"edns-addr" long:"edns-addr" description:"Send EDNS Client Address"`
// Defines whether DNS64 functionality is enabled or not
DNS64 bool `` /* 126-byte string literal not displayed */
// DNS64Prefix defines the DNS64 prefixes that dnsproxy should use when it
// acts as a DNS64 server. If not specified, dnsproxy uses the default
// Well-Known Prefix. This option can be specified multiple times.
DNS64Prefix []string `` /* 199-byte string literal not displayed */
// If true, all AAAA requests will be replied with NoError RCode and empty answer
IPv6Disabled bool `` /* 176-byte string literal not displayed */
// Transform responses that contain at least one of the given IP addresses into NXDOMAIN
BogusNXDomain []string `` /* 205-byte string literal not displayed */
// UDP buffer size value
UDPBufferSize int `` /* 136-byte string literal not displayed */
// The maximum number of go routines
MaxGoRoutines int `` /* 139-byte string literal not displayed */
// Pprof defines whether the pprof information needs to be exposed via
// localhost:6060 or not.
Pprof bool `` /* 133-byte string literal not displayed */
// Print DNSProxy version (just for the help)
Version bool `yaml:"version" long:"version" description:"Prints the program version"`
}
Options represents console arguments. For further additions, please do not use the default option since it will cause some problems when config files are used.
Source Files
Click to show internal directories.
Click to hide internal directories.