README
¶
CoreDNS XPF
This coredns plugin appends an XPF record to the DNS request, containing the Source & Destination Address & Port. This aims to allow you to use CoreDNS as a DNS proxy, while still passing client information through for audit/analysis purposes.
Getting Started
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.
Prerequisites
- Go 1.12 or later
- Go modules should be enabled
Installing
- First clone the CoreDNS repository CoreDNS
- Add
xpf:github.com/tomsanbear/xpfto the plugins.cfg file within the repo (IMPORTANT NOTE: this must appear before any other resolving plugin you may be using. See below for more details) - Build the binary with 'make', or if you are building on OSX and want to target a linux docker container 'GOOS=linux make'
Plugin Note: Due to the way the server chains plugins, you need to ensure that any plugin that comes after this one, in the plugin.cfg, does not care about the record being there. See the plugins.cfg file comments for more detail.
Corefile Configuration
Example usage within a Corefile:
.:53 {
xpf {
rr_type 65422
}
forward . 8.8.8.8
}
Note: Do consider the security risks of forwarding this record to the upstream server. You (should) only be doing this for internal resolvers
Running the tests
Test coverage is still a little lacking, but I'm looking to get the full thing tested, with performance metrics as well in the future.
Just run go test ./... for the main suite, and
Code Style Tests
Enforcing style with the golangci-lint tool
Contributing
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
Versioning
We use SemVer for versioning. For the versions available, see the tags on this repository.
Authors
- Thomas Santerre - Initial work - tomsanbear
See also the list of contributors who participated in this project.
License
This project is licensed under the MIT License - see the LICENSE.md file for details
Acknowledgments
- CoreDNS for being a great DNS server/project
- Ray Bellis for the initial draft on DNS XPF
- PurpleBooth for the nice Readme template
Documentation
¶
Index ¶
- Constants
- func NewXPFPrivateRR() dns.PrivateRdata
- type Error
- type XPF
- type XPFPrivateRR
- func (rr *XPFPrivateRR) Copy(dest dns.PrivateRdata) error
- func (rr *XPFPrivateRR) Len() int
- func (rr *XPFPrivateRR) Pack(msg []byte) (off int, err error)
- func (rr *XPFPrivateRR) Parse(txt []string) (err error)
- func (rr *XPFPrivateRR) String() string
- func (rr *XPFPrivateRR) Unpack(msg []byte) (off int, err error)
Constants ¶
const DefaultTypeXPF uint16 = 65422
DefaultTypeXPF uses the default rrtype used in wireshark
const PluginName string = "xpf"
PluginName is the name of our plugin
Variables ¶
This section is empty.
Functions ¶
func NewXPFPrivateRR ¶
func NewXPFPrivateRR() dns.PrivateRdata
Types ¶
type Error ¶
type Error struct {
// contains filtered or unexported fields
}
Error type for the xpf plugin
type XPF ¶
XPF type captures anything needed to append the XPF record to our queries
func (*XPF) OnShutdown ¶
OnShutdown handles any plugin specific startup logic
type XPFPrivateRR ¶
type XPFPrivateRR struct {
IPVersion uint8
Protocol uint8
SrcAddress net.IP
DestAddress net.IP
SrcPort uint16
DestPort uint16
}
XPFPrivateRR type captures the data used to create the XPF record, in the form of a Private RR in CoreDNS
func (*XPFPrivateRR) Copy ¶
func (rr *XPFPrivateRR) Copy(dest dns.PrivateRdata) error
Copy the existing RR to a new RR
func (*XPFPrivateRR) Len ¶
func (rr *XPFPrivateRR) Len() int
func (*XPFPrivateRR) Parse ¶
func (rr *XPFPrivateRR) Parse(txt []string) (err error)
func (*XPFPrivateRR) String ¶
func (rr *XPFPrivateRR) String() string
Source Files