Documentation
¶
Overview ¶
Package intel is responsible for fetching intelligence data, including DNS, on remote entities.
DNS Servers ¶
Internal lists of resolvers to use are built on start and rebuilt on every config or network change. Configured DNS servers are prioritized over servers assigned by dhcp. Domain and search options (here referred to as "search scopes") are being considered.
Security ¶
Usage of DNS Servers can be regulated using the configuration:
DoNotUseAssignedDNS // Do not use DNS servers assigned by DHCP DoNotUseMDNS // Do not use mDNS DoNotForwardSpecialDomains // Do not forward special domains to local resolvers, except if they have a search scope for it
Note: The DHCP options "domain" and "search" are ignored for servers assigned by DHCP that do not reside within local address space.
Resolving DNS ¶
Various different queries require the resolver to behave in different manner:
Queries for "localhost." are immediately responded with 127.0.0.1 and ::1, for A and AAAA queries and NXDomain for others. Reverse lookups on local address ranges (10/8, 172.16/12, 192.168/16, fe80::/7) will be tried against every local resolver and finally mDNS until a successful, non-NXDomain answer is received. Special domains ("example.", "example.com.", "example.net.", "example.org.", "invalid.", "test.", "onion.") are resolved using search scopes and local resolvers. All other domains are resolved using search scopes and all available resolvers.
Index ¶
- Constants
- func GetIntelAndRRs(ctx context.Context, domain string, qtype dns.Type, securityLevel uint8) (intel *Intel, rrs *RRCache)
- func ResolveIPAndValidate(ip string, securityLevel uint8) (domain string, err error)
- func SetLocalAddrFactory(laf func(network string) net.Addr)
- type IPInfo
- type Intel
- type NameRecord
- type RRCache
- func (m *RRCache) Clean(minExpires uint32)
- func (m *RRCache) ExportAllARecords() (ips []net.IP)
- func (m *RRCache) Flags() string
- func (m *RRCache) IsNXDomain() bool
- func (m *RRCache) RequestingNew() bool
- func (m *RRCache) Save() error
- func (m *RRCache) ServedFromCache() bool
- func (m *RRCache) ShallowCopy() *RRCache
- func (m *RRCache) ToNameRecord() *NameRecord
- type Resolver
- type Scope
Constants ¶
const (
DNSClassMulticast = dns.ClassINET | 1<<15
)
DNS Classes
Variables ¶
This section is empty.
Functions ¶
func GetIntelAndRRs ¶
func GetIntelAndRRs(ctx context.Context, domain string, qtype dns.Type, securityLevel uint8) (intel *Intel, rrs *RRCache)
GetIntelAndRRs returns intel and DNS resource records for the given domain.
func ResolveIPAndValidate ¶
ResolveIPAndValidate finds (reverse DNS), validates (forward DNS) and returns the domain name assigned to the given IP.
func SetLocalAddrFactory ¶ added in v0.2.5
SetLocalAddrFactory supplied the intel package with a function to set local addresses for connections.
Types ¶
type IPInfo ¶
IPInfo represents various information about an IP.
func (*IPInfo) AddDomain ¶
AddDomain adds a domain to the list and reports back if it was added, or was already present.
func (*IPInfo) FmtDomains ¶
FmtDomains returns a string consisting of the domains that have seen to use this IP, joined by " or "
type Intel ¶
Intel holds intelligence data for a domain.
func GetIntelFromDB ¶
GetIntelFromDB gets an Intel record from the database.
type NameRecord ¶
type NameRecord struct {
record.Base
sync.Mutex
Domain string
Question string
Answer []string
Ns []string
Extra []string
TTL int64
Server string
ServerScope int8
}
NameRecord is helper struct to RRCache to better save data to the database.
func GetNameRecord ¶
func GetNameRecord(domain string, question string) (*NameRecord, error)
GetNameRecord gets a NameRecord from the database.
func (*NameRecord) Save ¶
func (rec *NameRecord) Save() error
Save saves the NameRecord to the database.
type RRCache ¶
type RRCache struct {
Domain string
Question dns.Type
Answer []dns.RR
Ns []dns.RR
Extra []dns.RR
TTL int64
Server string
ServerScope int8
Filtered bool
FilteredEntries []string
// contains filtered or unexported fields
}
RRCache is used to cache DNS data
func GetRRCache ¶
GetRRCache tries to load the corresponding NameRecord from the database and convert it.
func Resolve ¶
Resolve resolves the given query for a domain and type and returns a RRCache object or nil, if the query failed.
func (*RRCache) ExportAllARecords ¶
ExportAllARecords return of a list of all A and AAAA IP addresses.
func (*RRCache) Flags ¶
Flags formats ServedFromCache and RequestingNew to a condensed, flag-like format.
func (*RRCache) IsNXDomain ¶
IsNXDomain returnes whether the result is nxdomain.
func (*RRCache) RequestingNew ¶
RequestingNew informs that it has expired and new RRs are being fetched.
func (*RRCache) ServedFromCache ¶
ServedFromCache marks the RRCache as served from cache.
func (*RRCache) ShallowCopy ¶ added in v0.2.2
ShallowCopy returns a shallow copy of the cache. slices are not copied, but referenced.
func (*RRCache) ToNameRecord ¶
func (m *RRCache) ToNameRecord() *NameRecord
ToNameRecord converts the RRCache to a NameRecord for cleaner persistence.
type Resolver ¶
type Resolver struct {
sync.Mutex
// static
Server string
ServerType string
ServerAddress string
ServerIP net.IP
ServerIPScope int8
ServerPort uint16
VerifyDomain string
Source string
Search *[]string
SkipFqdnBeforeInit string
InitLock sync.Mutex
// contains filtered or unexported fields
}
Resolver holds information about an active resolver.
func (*Resolver) FailReason ¶
FailReason returns the internal failreason value while locking the Resolver.
func (*Resolver) Fails ¶ added in v0.2.5
Fails returns the internal fails value while locking the Resolver.
func (*Resolver) Initialized ¶
Initialized returns the internal initialized value while locking the Resolver.
Source Files