gudgeon

module
v0.6.29 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 4, 2020 License: MIT

README

Gudgeon

Build Status Go Report Card FOSSA Status Copr build status

Overview

Gudgeon is a caching/blocking DNS proxy server. What sets Gudgeon apart is the ability to segregate machines, subnets, and IP ranges into different groups that all receive different blocking rules. The motivation for Gudgeon comes from the proliferation of devices on my home network that belong either to outside entities (Google, AT&T, Amazon), kids, or unwise adults. Different groups, classes of user, and devices need different blocking rules.

Take, for example, a user who has shown persistent inability to avoid internet scams. You can assign that user's machine(s) to group(s) that block more suspicious DNS requests. On the other hand you might want to allow a device like a Google Home or Alexa unit to have full access to the internet except for tracking/advert websites. You might want to create extensive blocklists to protect kids who use the internet from their devices.

For all of these reasons Gudgeon has been created to allow more flexibility in host-based DNS blocking.

Dashboard Screenshot

Documentation

Features

  • Go Routines for non-blocking request handling enables high-throughput especially with simultaneous requests
  • Systemd Integration to run as non-root user (with access to privileged ports through Systemd sockets)
  • Configure upstream DNS types (tcp-tls/dns-over-tls, tcp, and udp) explicitly
  • Use regular expressions and wildcards to block DNS names
  • Match a client address (or subnet, or subnet range) to a group and determining what blocklists to use
  • Resolvers and resolver groups for certain/specific subnets based on matching incoming connections
  • Inline host file entries in configuration file as well as external host files
  • Enhanced (and backwards-compatible) hostname format supports wildcard names, CNAME/PTR entries, and reverse lookups
  • Use Zone DB files to support more record types than hostnames
  • A Web UI to show details about current system status
  • Query logging with the ability to view recent queries in the Web UI
  • Reloading source resolver files when they change

How Do I Install Gudgeon?

There are a few different ways to install Gudgeon that don't require you to build it yourself. Gudgeon aims to support recent of releases Debian, Ubuntu, RHEL/CentOS, and Fedora. ARM and MIPS platform builds have been disabled until a cross-compile solution can be created for those architectures.

GitHub Releases

New tagged releases are automatically built by Travis-CI and uploaded to GitHub for download. Functionally these releases are identical to releases available in other channels. You can find these releases here.

Fedora Releases

Gudgeon has a COPR repository for versions of CentOS and RHEL.

#optional, may be required for CentOS/EL linux
[user@host] yum install yum-plugin-copr
# enable COPR and install gudgeon, use appropriate yum commands on non-dnf platforms
[user@host] sudo dnf copr enable cruffalo/gudgeon
[user@host] sudo dnf install -y gudgeon
Docker Releases

Gudgeon also comes in container form from gudgeon/gudgeon.

The Docker container exposes ports 5354 (dns) and 9009 (http) and those ports should be published via the docker command. Remember to use /tcp and /udp when exposing the DNS ports. For persisting/modifying the configuration and for persisting data, metrics, and logs there are two directories in the container. The first directory /etc/gudgeon is for configuration files. The data is stored in /var/lib/gudgeon. The version can be any tag v0.3.13 or later. See the docker hub page for tags and more details.

[user@host] docker run -ti -p 53:5354/tcp -p 53:5354/udp -p 9009:9009 -v /etc/gudgeon:/etc/gudgeon -v /var/lib/gudgeon:/var/lib/gudgeon gudgeon/gudgeon:${version}
Direct Binary Download

Alongside the release artifacts Gudgeon also provides These files can be downloaded and put on your local path and executed. To do this you will also need a configuration file (example configuration files are provided in the root of this project) and a directory to use as the home directory. (Both /usr/local/gudgeon and /var/lib/gudgeon are good examples but /opt/gudgeon is also acceptable.)

Once these files are in place you can run Gudgeon directly with gudgeon -c /path/to/your/gudgeon.yml.

Building

Prerequisites

  • Ability to use Makefiles (make command installed)
  • Git
  • Go >= 1.11 (module support is required)
  • Docker (for building docker images or xgo support)
  • System specific static artifacts for Ruby, NPM, GLIBC, and Sqlite3
    • Fedora: make automake gcc gcc-c++ curl sqlite sqlite-devel glibc glibc-static glibc-headers glibc-devel npm
    • Ubuntu: ruby ruby-dev build-essential rpm libsqlite3-dev gcc-multilib and g++-multilib npm
    • OSX:
      • Install brew
      • Install golang: brew install golang
      • Install gnu-sed: brew install gnu-sed
      • Install NodeJS OSX package
  • fpm (for building deb/rpm) with gem install fpm

With the prerequisites installed you can build Gudgeon by...

  • Preparing your environment with needed Go tools with []$ make prepare
  • Prepare NPM environment with []$ make npm
  • Downloading vendor assets (react, etc) with []$ make webpack
    • This needs to be done each time web assets change
    • You can use hot reloading in dev mode with: []$ npm run build:dev and using go run --tags "json1" gudgeon.go
  • Building the binary for your target platform with []$ make build

The npm target is used to download new dependencies when needed. The prepare target is only needed if the required Go tools change. The output of the process is a statically compiled for a few different platforms. The binary is statically compiled to make it easily portable to platforms and other systems that do not have libc, recent Golang compilers, or other required libraries.

Code of Conduct

Gudgeon falls under the Contributor Covenant.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL