Documentation
¶
Index ¶
- type Server
- func (s *Server) AddListenAddr(addr string)
- func (s *Server) ApplyRulesToTrackedHostnames()
- func (s *Server) EnableQueryFiltering(enable bool)
- func (s *Server) SetAuditLogger(auditLogger *events.AuditLogger)
- func (s *Server) SetFirewall(fw firewall.Firewall)
- func (s *Server) Start(ctx context.Context) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is a DNS proxy that intercepts queries and updates BPF maps
func NewServer ¶
func NewServer(cfg *config.Manager, fw firewall.Firewall, upstream, listenAddr string, logger *slog.Logger) *Server
NewServer creates a new DNS proxy server
func (*Server) AddListenAddr ¶
AddListenAddr adds an additional address for the DNS server to listen on. This is used for Docker container DNS (listening on docker bridge IP).
func (*Server) ApplyRulesToTrackedHostnames ¶
func (s *Server) ApplyRulesToTrackedHostnames()
ApplyRulesToTrackedHostnames applies newly loaded firewall rules to any hostnames we've already tracked This is called after loading config to handle hostnames that were resolved before rules were loaded
func (*Server) EnableQueryFiltering ¶
EnableQueryFiltering enables DNS query filtering. When enabled, only queries for domains that match allowed hostname rules will be forwarded. Queries for non-allowed domains will receive REFUSED responses. This prevents DNS tunneling attacks where data is exfiltrated via DNS queries.
func (*Server) SetAuditLogger ¶
func (s *Server) SetAuditLogger(auditLogger *events.AuditLogger)
SetAuditLogger sets the audit logger for DNS events
func (*Server) SetFirewall ¶
SetFirewall updates the firewall instance after server creation
Source Files