config

package
v1.6.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 7, 2026 License: MIT Imports: 13 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	Version          string
	Directory        string
	BlockLists       []string
	BlockListDir     string
	RootServers      []string
	Root6Servers     []string
	DNSSEC           string
	RootKeys         []string
	FallbackServers  []string
	ForwarderServers []string
	AccessList       []string
	LogLevel         string
	AccessLog        string
	Bind             string
	BindTLS          string
	BindDOH          string
	BindDOQ          string
	TLSCertificate   string
	TLSPrivateKey    string
	API              string
	BearerToken      string //nolint:gosec // G117 - not a hardcoded credential, loaded from config file
	Nullroute        string
	Nullroutev6      string
	HostsFile        string
	OutboundIPs      []string
	OutboundIP6s     []string
	Timeout          Duration
	QueryTimeout     Duration
	Expire           uint32
	CacheSize        int
	Prefetch         uint32
	Maxdepth         int
	RateLimit        int
	ClientRateLimit  int
	NSID             string
	Blocklist        []string
	Whitelist        []string
	Chaos            bool
	QnameMinLevel    int `toml:"qname_min_level"`
	EmptyZones       []string

	// Views are per-client static answers, evaluated in order. A
	// query whose source IP falls in a view's Sources gets that
	// view's Records as the response; non-matching queries fall
	// through to the rest of the middleware chain (blocklist,
	// resolver, etc.).
	Views []ViewConfig

	// Dnstap configuration
	DnstapSocket        string
	DnstapIdentity      string
	DnstapVersion       string
	DnstapLogQueries    bool
	DnstapLogResponses  bool
	DnstapFlushInterval int

	// Domain metrics configuration
	DomainMetrics      bool
	DomainMetricsLimit int

	// Kubernetes middleware configuration as a section
	Kubernetes KubernetesConfig `toml:"kubernetes"`

	Plugins map[string]Plugin

	CookieSecret string
	IPv6Access   bool `toml:"ipv6access"`

	// TCP connection pooling configuration
	TCPKeepalive      bool
	RootTCPTimeout    Duration // Timeout for root server TCP connections
	TLDTCPTimeout     Duration // Timeout for TLD server TCP connections
	TCPMaxConnections int      // Maximum number of TCP connections to pool

	// Resolver concurrency limits
	MaxConcurrentQueries int // Maximum concurrent DNS queries (default 10000)

	// Reflex: DNS amplification/reflection attack detection
	ReflexEnabled      bool    // Enable amplification attack detection
	ReflexBlockMode    bool    // If false, only log but don't block
	ReflexLearningMode bool    // If true, log detections but don't block
	ReflexThreshold    float64 // Suspicion threshold (0.0-1.0, default: 0.7)
	// contains filtered or unexported fields
}

Config type.

func Load 

func Load(cfgfile, version string) (*Config, error)

Load loads the given config file.

func (*Config) ServerVersion added in v1.0.0 

func (c *Config) ServerVersion() string

(*Config).ServerVersion serverVersion return current server version.

type Duration added in v0.3.0 

type Duration struct {
	time.Duration
}

Duration type.

func (*Duration) UnmarshalText added in v0.3.0 

func (d *Duration) UnmarshalText(text []byte) error

(*Duration).UnmarshalText unmarshalText for duration type.

type KubernetesConfig added in v1.6.0 

type KubernetesConfig struct {
	Enabled       bool   `toml:"enabled"`
	ClusterDomain string `toml:"cluster_domain"`
	// KillerMode is deprecated and ignored. The kubernetes middleware
	// always uses the sharded registry; the field is retained so
	// older configs parse without error. Remove it from new configs.
	KillerMode bool   `toml:"killer_mode"`
	Kubeconfig string `toml:"kubeconfig"`
	// Demo populates the registry with synthetic services so the
	// middleware can be exercised without a real cluster
	// (development / tests). It is NEVER safe to enable in
	// production: the middleware will answer synthesised names
	// that look real. Independent from Enabled.
	Demo bool                `toml:"demo"`
	TTL  KubernetesTTLConfig `toml:"ttl"`
}

KubernetesConfig holds Kubernetes middleware configuration

type KubernetesTTLConfig added in v1.6.0 

type KubernetesTTLConfig struct {
	Service uint32 `toml:"service"`
	Pod     uint32 `toml:"pod"`
	SRV     uint32 `toml:"srv"`
	PTR     uint32 `toml:"ptr"`
}

KubernetesTTLConfig holds TTL settings for different record types

type Plugin added in v1.1.0 

type Plugin struct {
	Path   string
	Config map[string]any
}

Plugin type.

type ViewConfig added in v1.6.6 

type ViewConfig struct {
	Zone     string
	Networks []string
	Answers  []string
}

ViewConfig describes a single per-client static-answer view. Zone is a free-form label that names the view in logs and errors. Networks are CIDR strings; a query is dispatched to this view if its source IP is contained in any of them. Answers are DNS resource records in standard zone-file format; wildcard owners (e.g. "*.example.lan.") match any name strictly more specific than the suffix per RFC 4592.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.