97 lines
2.7 KiB
Lua
97 lines
2.7 KiB
Lua
-- SPDX-License-Identifier: CC0-1.0
|
|
-- vim:syntax=lua:set ts=4 sw=4:
|
|
-- Refer to manual: https://knot-resolver.readthedocs.io/en/stable/
|
|
print('Knot Resolver ' .. package_version())
|
|
|
|
-- Smaller cache size
|
|
cache.size = 10 * MB
|
|
|
|
local ffi = require('ffi')
|
|
|
|
function interactive_mode()
|
|
-- Listen on all interfaces (localhost would not work in Docker)
|
|
net.listen('0.0.0.0', 53, { kind = 'dns' })
|
|
net.listen('0.0.0.0', 853, { kind = 'tls' })
|
|
net.listen('0.0.0.0', 443, { kind = 'doh2' })
|
|
net.listen('0.0.0.0', 8453, { kind = 'webmgmt' })
|
|
|
|
-- Load Useful modules
|
|
modules = {
|
|
'stats', -- Track internal statistics
|
|
'http',
|
|
}
|
|
|
|
function print_help()
|
|
print('\nUsage\n'
|
|
.. '=====\n'
|
|
.. 'Run this container using command:\n'
|
|
.. '$ docker run -Pti cznic/knot-resolver\n'
|
|
.. '\n'
|
|
.. 'Docker will map ports 53, 443, 853, and 8453 to some other numbers, see\n'
|
|
.. '$ docker ps\n'
|
|
.. '(column PORTS)\n'
|
|
.. '53 -> DNS protocol over UDP and TCP\n'
|
|
.. '443 -> DNS-over-HTTPS protocol\n'
|
|
.. '853 -> DNS-over-TLS protocol\n'
|
|
.. '8453 -> web interface\n'
|
|
.. '\n'
|
|
.. 'For verbose logging enter following command to prompt below:\n'
|
|
.. 'log_level("debug")\n')
|
|
end
|
|
print_help()
|
|
end
|
|
|
|
function debug_mode(qname, qtype)
|
|
event.after(20*sec, function()
|
|
print('ERROR: timeout which cannot happen actually happened, exiting')
|
|
os.exit(1)
|
|
end)
|
|
env.KRESD_NO_LISTEN = 1
|
|
|
|
-- limit noise in verbose logs
|
|
modules.unload('detect_time_skew')
|
|
modules.unload('priming')
|
|
modules.unload('ta_signal_query')
|
|
modules.unload('ta_update')
|
|
|
|
-- always empty cache so this config works reliably outside Docker
|
|
cache.clear()
|
|
|
|
local cqueues = require('cqueues')
|
|
|
|
-- execute query right after start up and exit when the query is finished
|
|
event.after(0, function()
|
|
log_level('info')
|
|
policy.add(policy.all(policy.DEBUG_ALWAYS))
|
|
log_info(ffi.C.LOG_GRP_RESOLVER, 'starting DNS query for %s %s', qname, kres.tostring.type[qtype])
|
|
local starttime = cqueues.monotime()
|
|
resolve({
|
|
name = qname,
|
|
type = qtype,
|
|
options = {'DNSSEC_WANT'},
|
|
finish = function(pkt)
|
|
-- delay exit after packet is finished
|
|
-- to prevent us from losing policy.DEBUG finish callback
|
|
event.after(1, -- millisecond
|
|
function()
|
|
local endtime = cqueues.monotime()
|
|
log_info(ffi.C.LOG_GRP_RESOLVER, 'request finished in %f ms', (endtime - starttime) * 1000)
|
|
os.exit()
|
|
end)
|
|
end
|
|
})
|
|
end)
|
|
end
|
|
|
|
local qname = os.getenv('QNAME')
|
|
local qtype = os.getenv('QTYPE')
|
|
if qname and qtype then
|
|
qtypenum = kres.type[qtype]
|
|
if not qtypenum then
|
|
log_error(ffi.C.LOG_GRP_RESOLVER, 'ERROR: unsupported query type "%s", use TYPE12345 notation', qtype)
|
|
os.exit()
|
|
end
|
|
debug_mode(qname, qtypenum)
|
|
else
|
|
interactive_mode()
|
|
end
|