diff --git a/config.yml b/config.yml index 6c3fa804..9293421e 100644 --- a/config.yml +++ b/config.yml @@ -26,6 +26,7 @@ global: # - timestamp-unixns: unix timestamp with nano support # - localtime: local time # - identity: dnstap identity + # - peer-name: hostname or ip address of the dnstap sender # - version: dnstap version # - extra: dnstap extra as string # - operation: dnstap operation diff --git a/dnsutils/message.go b/dnsutils/message.go index 0537be14..6330e9bb 100644 --- a/dnsutils/message.go +++ b/dnsutils/message.go @@ -147,6 +147,7 @@ type DNSTap struct { PolicyMatch string `json:"policy-match" msgpack:"policy-match"` PolicyAction string `json:"policy-action" msgpack:"policy-action"` PolicyValue string `json:"policy-value" msgpack:"policy-value"` + PeerName string `json:"peer-name" msgpack:"peer-name"` } type PowerDNS struct { @@ -264,6 +265,7 @@ func (dm *DNSMessage) Init() { PolicyMatch: "-", PolicyAction: "-", PolicyValue: "-", + PeerName: "-", } dm.DNS = DNS{ @@ -603,6 +605,8 @@ func (dm *DNSMessage) ToTextLine(format []string, fieldDelimiter string, fieldBo s.WriteString(ts.Format("2006-01-02 15:04:05.999999999")) case directive == "identity": s.WriteString(dm.DNSTap.Identity) + case directive == "peer-name": + s.WriteString(dm.DNSTap.PeerName) case directive == "version": s.WriteString(dm.DNSTap.Version) case directive == "extra": diff --git a/dnsutils/message_test.go b/dnsutils/message_test.go index 381fb3e0..b1e95026 100644 --- a/dnsutils/message_test.go +++ b/dnsutils/message_test.go @@ -204,7 +204,8 @@ func TestDnsMessage_Json_Reference(t *testing.T) { "policy-action": "-", "policy-match": "-", "policy-value": "-", - "policy-rule": "-" + "policy-rule": "-", + "peer-name": "-" } } ` @@ -260,6 +261,7 @@ func TestDnsMessage_JsonFlatten_Reference(t *testing.T) { "dnstap.policy-action": "-", "dnstap.policy-match": "-", "dnstap.policy-value": "-", + "dnstap.peer-name": "-", "edns.dnssec-ok": 0, "edns.options": [], "edns.rcode": 0, @@ -590,6 +592,11 @@ func TestDnsMessage_TextFormat_DefaultDirectives(t *testing.T) { PolicyValue: "value"}}, expected: "rule type action match value", }, + { + format: "peer-name", + dm: DNSMessage{DNSTap: DNSTap{PeerName: "testpeer"}}, + expected: "testpeer", + }, } for _, tc := range testcases { diff --git a/docs/configuration.md b/docs/configuration.md index 56c6977e..b7f09fe2 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -67,6 +67,7 @@ Default directives: - `timestamp-unixns`: unix timestamp with nano support - `localtime`: local time - `identity`: dnstap identity +- `peer-name`: hostname or ip address of the dnstap sender - `version`: dnstap version - `extra`: dnstap extra as string - `operation`: dnstap operation diff --git a/docs/dnsjson.md b/docs/dnsjson.md index 55b4ecd0..16c5d7c3 100644 --- a/docs/dnsjson.md +++ b/docs/dnsjson.md @@ -72,6 +72,7 @@ Example: "dnstap": { "operation": "CLIENT_RESPONSE", "identity": "dnsdist1", + "peer-name": "172.16.0.2", "version": "-", "extra": "-", "timestamp-rfc3339ns": "2021-12-27T14:33:44.559002118Z", @@ -113,6 +114,7 @@ Using flat-json requires more processing on the host running go-dnscollector but "dns.resource-records.ar": [], "dns.resource-records.ns": [], "dnstap.identity": "foo", + "dnstap.peer-name": "172.16.0.2", "dnstap.latency": "0.000000", "dnstap.operation": "CLIENT_RESPONSE", "dnstap.timestamp-rfc3339ns": "2023-03-31T10:14:46.664534902Z", diff --git a/processors/dnstap.go b/processors/dnstap.go index 91796e99..6eb03342 100644 --- a/processors/dnstap.go +++ b/processors/dnstap.go @@ -181,6 +181,8 @@ RUN_LOOP: dm := dnsutils.DNSMessage{} dm.Init() + dm.DNSTap.PeerName = d.PeerName + // init dns message with additionnals parts transforms.InitDNSMessageFormat(&dm)