This coredns plugin appends an XPF record to the DNS request, containing the Source & Destination Address & Port. This aims to allow you to use CoreDNS as a DNS proxy, while still passing client information through for audit/analysis purposes.
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.
- Go 1.12 or later
- Go modules should be enabled
- First clone the CoreDNS repository CoreDNS
- Add
xpf:github.com/tomsanbear/xpf
to the plugins.cfg file within the repo (IMPORTANT NOTE: this must appear before any other resolving plugin you may be using. See below for more details) - Build the binary with 'make', or if you are building on OSX and want to target a linux docker container 'GOOS=linux make'
Plugin Note: Due to the way the server chains plugins, you need to ensure that any plugin that comes after this one, in the plugin.cfg, does not care about the record being there. See the plugins.cfg file comments for more detail.
Example usage within a Corefile:
.:53 {
xpf {
rr_type 65422
}
forward . 8.8.8.8
}
Note: Do consider the security risks of forwarding this record to the upstream server. You (should) only be doing this for internal resolvers
Currently, there is missing functionality on getting the Local IP Address for the CoreDNS server, if the user bound 0.0.0.0 (or ::), aka using the most common config. There is no convenient solution for this yet, and there are some different approaches to this. Check out this issue for more details.
Test coverage is still a little lacking, but I'm looking to get the full thing tested, with performance metrics as well in the future.
Just run go test ./...
for the main suite, and
Enforcing style with the golangci-lint tool
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
We use SemVer for versioning. For the versions available, see the tags on this repository.
- Thomas Santerre - Initial work - tomsanbear
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the LICENSE.md file for details
- CoreDNS for being a great DNS server/project
- Ray Bellis for the initial draft on DNS XPF
- PurpleBooth for the nice Readme template