1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
-- SPDX-License-Identifier: CC0-1.0
-- vim:syntax=lua:set ts=4 sw=4:
-- Refer to manual: https://knot-resolver.readthedocs.io/en/stable/
print('Knot Resolver ' .. package_version())
-- Smaller cache size
cache.size = 10 * MB
local ffi = require('ffi')
function interactive_mode()
-- Listen on all interfaces (localhost would not work in Docker)
net.listen('0.0.0.0', 53, { kind = 'dns' })
net.listen('0.0.0.0', 853, { kind = 'tls' })
net.listen('0.0.0.0', 443, { kind = 'doh2' })
net.listen('0.0.0.0', 8453, { kind = 'webmgmt' })
-- Load Useful modules
modules = {
'stats', -- Track internal statistics
'http',
}
function print_help()
print('\nUsage\n'
.. '=====\n'
.. 'Run this container using command:\n'
.. '$ docker run -Pti cznic/knot-resolver\n'
.. '\n'
.. 'Docker will map ports 53, 443, 853, and 8453 to some other numbers, see\n'
.. '$ docker ps\n'
.. '(column PORTS)\n'
.. '53 -> DNS protocol over UDP and TCP\n'
.. '443 -> DNS-over-HTTPS protocol\n'
.. '853 -> DNS-over-TLS protocol\n'
.. '8453 -> web interface\n'
.. '\n'
.. 'For verbose logging enter following command to prompt below:\n'
.. 'log_level("debug")\n')
end
print_help()
end
function debug_mode(qname, qtype)
event.after(20*sec, function()
print('ERROR: timeout which cannot happen actually happened, exiting')
os.exit(1)
end)
env.KRESD_NO_LISTEN = 1
-- limit noise in verbose logs
modules.unload('detect_time_skew')
modules.unload('priming')
modules.unload('ta_signal_query')
modules.unload('ta_update')
-- always empty cache so this config works reliably outside Docker
cache.clear()
local cqueues = require('cqueues')
-- execute query right after start up and exit when the query is finished
event.after(0, function()
-- ultra verbose log
log_level('debug')
policy.add(policy.all(policy.DEBUG_ALWAYS))
log_debug(ffi.C.LOG_GRP_RESOLVER, 'starting DNS query for %s %s', qname, kres.tostring.type[qtype])
local starttime = cqueues.monotime()
resolve({
name = qname,
type = qtype,
options = {'DNSSEC_WANT'},
finish = function(pkt)
-- delay exit after packet is finished
-- to prevent us from losing policy.DEBUG finish callback
event.after(1, -- milisecond
function()
local endtime = cqueues.monotime()
log_debug(ffi.C.LOG_GRP_RESOLVER, '\nrequest finished in %f ms', (endtime - starttime) * 1000)
os.exit()
end)
end
})
end)
end
local qname = os.getenv('QNAME')
local qtype = os.getenv('QTYPE')
if qname and qtype then
qtypenum = kres.type[qtype]
if not qtypenum then
log_error(ffi.C.LOG_GRP_RESOLVER, 'ERROR: unsupported query type "%s", use TYPE12345 notation', qtype)
os.exit()
end
debug_mode(qname, qtypenum)
else
interactive_mode()
end
|