From db16141ee426e5267792d7c91970096d24c040f1 Mon Sep 17 00:00:00 2001 From: Denis Machard <5562930+dmachard@users.noreply.github.com> Date: Wed, 18 Dec 2024 14:43:21 +0100 Subject: [PATCH] feat(powerdns): add hex value for MessageId and InitialRequestorId (#907) * feat(powerdns): add hex value for MessageId and InitialRequestorId --- README.md | 4 +-- dnsutils/dnsmessage.go | 2 ++ dnsutils/dnsmessage_json_test.go | 6 ++++- dnsutils/dnsmessage_text.go | 12 +++++++++ dnsutils/dnsmessage_text_test.go | 14 +++++++--- docs/collectors/collector_powerdns.md | 39 ++++++++++++++++++++++++++- workers/powerdns.go | 5 ++++ 7 files changed, 74 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index b28713d9..f125b1f1 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@

Go Report Go version - Go tests + Go tests Go bench - Go lines + Go lines

diff --git a/dnsutils/dnsmessage.go b/dnsutils/dnsmessage.go index 95eced01..fa372d94 100644 --- a/dnsutils/dnsmessage.go +++ b/dnsutils/dnsmessage.go @@ -122,6 +122,8 @@ type PowerDNS struct { AppliedPolicyType string `json:"applied-policy-type"` Metadata map[string]string `json:"metadata"` HTTPVersion string `json:"http-version"` + MessageID string `json:"message-id"` + InitialRequestorID string `json:"initial-requestor-id"` } type TransformDNSGeo struct { diff --git a/dnsutils/dnsmessage_json_test.go b/dnsutils/dnsmessage_json_test.go index de3cdfae..41dc702e 100644 --- a/dnsutils/dnsmessage_json_test.go +++ b/dnsutils/dnsmessage_json_test.go @@ -111,6 +111,8 @@ func TestDnsMessage_Json_Collectors_Reference(t *testing.T) { Tags: []string{"tag1"}, Metadata: map[string]string{"stream_id": "collector"}, HTTPVersion: "http3", + MessageID: "27c3e94ad6284eec9a50cfc5bd7384d6", + InitialRequestorID: "5e006236c8a74f7eafc6af126e6d0689", }}, jsonRef: `{ @@ -125,7 +127,9 @@ func TestDnsMessage_Json_Collectors_Reference(t *testing.T) { "metadata": { "stream_id": "collector" }, - "http-version": "http3" + "http-version": "http3", + "message-id": "27c3e94ad6284eec9a50cfc5bd7384d6", + "initial-requestor-id": "5e006236c8a74f7eafc6af126e6d0689" } }`, }, diff --git a/dnsutils/dnsmessage_text.go b/dnsutils/dnsmessage_text.go index ea52490e..afa68dd0 100644 --- a/dnsutils/dnsmessage_text.go +++ b/dnsutils/dnsmessage_text.go @@ -102,6 +102,18 @@ func (dm *DNSMessage) handlePdnsDirectives(directive string, s *strings.Builder) } else { s.WriteString("-") } + case directive == "powerdns-message-id": + if len(dm.PowerDNS.MessageID) > 0 { + s.WriteString(dm.PowerDNS.MessageID) + } else { + s.WriteString("-") + } + case directive == "powerdns-initial-requestor-id": + if len(dm.PowerDNS.InitialRequestorID) > 0 { + s.WriteString(dm.PowerDNS.InitialRequestorID) + } else { + s.WriteString("-") + } case directive == "powerdns-original-request-subnet": if len(dm.PowerDNS.OriginalRequestSubnet) > 0 { s.WriteString(dm.PowerDNS.OriginalRequestSubnet) diff --git a/dnsutils/dnsmessage_text_test.go b/dnsutils/dnsmessage_text_test.go index dec529a3..63bdab51 100644 --- a/dnsutils/dnsmessage_text_test.go +++ b/dnsutils/dnsmessage_text_test.go @@ -471,10 +471,16 @@ func TestDnsMessage_TextFormat_Directives_Pdns(t *testing.T) { expected: "-", }, { - name: "http_version", - format: "powerdns-http-version", - dm: DNSMessage{PowerDNS: &PowerDNS{HTTPVersion: "HTTP2"}}, - expected: "HTTP2", + name: "message_id", + format: "powerdns-message-id", + dm: DNSMessage{PowerDNS: &PowerDNS{MessageID: "27c3e94ad6284eec9a50cfc5bd7384d6"}}, + expected: "27c3e94ad6284eec9a50cfc5bd7384d6", + }, + { + name: "initial_requestor_id", + format: "powerdns-initial-requestor-id", + dm: DNSMessage{PowerDNS: &PowerDNS{InitialRequestorID: "5e006236c8a74f7eafc6af126e6d0689"}}, + expected: "5e006236c8a74f7eafc6af126e6d0689", }, } diff --git a/docs/collectors/collector_powerdns.md b/docs/collectors/collector_powerdns.md index 02e6c6d1..70138955 100644 --- a/docs/collectors/collector_powerdns.md +++ b/docs/collectors/collector_powerdns.md @@ -69,6 +69,8 @@ If you logs your DNS traffic in basic text format, you can use the specific dire * `powerdns-applied-policy-type`: get applied policy type * `powerdns-metadata[:KEY]`: get all metadata separated by comma or specific one if a valid [KEY](https://dnsdist.org/rules-actions.html#RemoteLogAction) is provided * `powerdns-http-version`: http version used with DoH queries +* `powerdns-message-id`: message id +* `powerdns-initial-requestor-id`: initial requestor id Configuration example: @@ -96,7 +98,9 @@ If you logs your DNS traffic in JSON output, the following part will be added in "agent":"Go-http-client/1.1", "selected_pool":"pool_internet" }, - "http-version": "HTTP3" + "http-version": "HTTP3", + "message-id": "27c3e94ad6284eec9a50cfc5bd7384d6", + "initial-requestor-id": "5e006236c8a74f7eafc6af126e6d0689" } ``` @@ -118,6 +122,39 @@ addCacheHitResponseAction(AllRule(), RemoteLogResponseAction(rl, nil, true, {ser Example to enable logging in your **pdns-recursor** +Since version > 5 + +```yaml +recursor: + include_dir: /etc/powerdns/recursor.d + +incoming: + listen: + - 0.0.0.0:53 + - '[::]:53' + allow_from: + - 0.0.0.0/0 + - ::/0 + +logging: + protobuf_servers: + - servers: [192.168.1.16:6000] + logQueries: true + logResponses: true + + outgoing_protobuf_servers: + - servers: [192.168.1.16:6000] + logQueries: true + logResponses: true + + dnstap_framestream_servers: + - servers: [192.168.1.16:6000] + logQueries: true + logResponses: true +``` + +Old configuration style + */etc/pdns-recursor/recursor.conf* ```lua diff --git a/workers/powerdns.go b/workers/powerdns.go index cee73895..70e67132 100644 --- a/workers/powerdns.go +++ b/workers/powerdns.go @@ -2,6 +2,7 @@ package workers import ( "bufio" + "encoding/hex" "errors" "io" "net" @@ -357,6 +358,10 @@ func (w *PdnsProcessor) StartCollect() { pdns.HTTPVersion = pbdm.GetHttpVersion().String() } + // get id + pdns.MessageID = hex.EncodeToString(pbdm.MessageId) + pdns.InitialRequestorID = hex.EncodeToString(pbdm.InitialRequestId) + // finally set pdns to dns message dm.PowerDNS = &pdns