Add a logged_qtypes feature to log only some query types

2018-01-19 12:57:47 +01:00 · 2018-01-19 12:57:47 +01:00 · 7103229609
parent 414d366cb2
commit 7103229609
4 changed files with 31 additions and 8 deletions
--- a/dnscrypt-proxy/config.go
+++ b/dnscrypt-proxy/config.go
@ -68,6 +68,7 @@ type SourceConfig struct {
 type QueryLogConfig struct {
 	File         string
 	Format       string
+	LoggedQtypes []string `toml:"logged_qtypes"`
 }

 type BlockNameConfig struct {
@ -120,6 +121,7 @@ func ConfigLoad(proxy *Proxy, svcFlag *string, config_file string) error {
 	}
 	proxy.queryLogFile = config.QueryLog.File
 	proxy.queryLogFormat = config.QueryLog.Format
+	proxy.queryLogLoggedQtypes = config.QueryLog.LoggedQtypes

 	if len(config.BlockName.Format) == 0 {
 		config.BlockName.Format = "tsv"
--- a/dnscrypt-proxy/dnscrypt-proxy.toml
+++ b/dnscrypt-proxy/dnscrypt-proxy.toml
@ -126,6 +126,10 @@ cache_neg_ttl = 60
 format = 'tsv'


+## Only log these query types, to reduce verbosity. Keep empty to log everything.
+
+# logged_qtypes = ['A', 'MX']
+

 ######################################################
 #        Pattern-based blocking (blacklists)        #
--- a/dnscrypt-proxy/main.go
+++ b/dnscrypt-proxy/main.go
@ -38,6 +38,7 @@ type Proxy struct {
 	cacheMaxTTL                  uint32
 	queryLogFile                 string
 	queryLogFormat               string
+	queryLogLoggedQtypes         []string
 	blockNameFile                string
 	blockNameLogFile             string
 	blockNameFormat              string
--- a/dnscrypt-proxy/plugin_query_log.go
+++ b/dnscrypt-proxy/plugin_query_log.go
@ -5,6 +5,7 @@ import (
 	"fmt"
 	"net"
 	"os"
+	"strings"
 	"sync"
 	"time"

@ -16,6 +17,7 @@ type PluginQueryLog struct {
 	sync.Mutex
 	outFd        *os.File
 	format       string
+	loggedQTypes []string
 }

 func (plugin *PluginQueryLog) Name() string {
@ -35,6 +37,7 @@ func (plugin *PluginQueryLog) Init(proxy *Proxy) error {
 	}
 	plugin.outFd = outFd
 	plugin.format = proxy.queryLogFormat
+	plugin.loggedQTypes = proxy.queryLogLoggedQtypes

 	return nil
 }
@ -53,6 +56,22 @@ func (plugin *PluginQueryLog) Eval(pluginsState *PluginsState, msg *dns.Msg) err
 		return nil
 	}
 	question := questions[0]
+	qType, ok := dns.TypeToString[question.Qtype]
+	if !ok {
+		qType = string(qType)
+	}
+	if len(plugin.loggedQTypes) > 0 {
+		found := false
+		for _, loggedQtype := range plugin.loggedQTypes {
+			if strings.EqualFold(loggedQtype, qType) {
+				found = true
+				break
+			}
+		}
+		if !found {
+			return nil
+		}
+	}
 	var clientIPStr string
 	if pluginsState.clientProto == "udp" {
 		clientIPStr = (*pluginsState.clientAddr).(*net.UDPAddr).IP.String()
@ -60,10 +79,7 @@ func (plugin *PluginQueryLog) Eval(pluginsState *PluginsState, msg *dns.Msg) err
 		clientIPStr = (*pluginsState.clientAddr).(*net.TCPAddr).IP.String()
 	}
 	qName := StripTrailingDot(question.Name)
-	qType, ok := dns.TypeToString[question.Qtype]
-	if !ok {
-		qType = string(qType)
-	}
+
 	var line string
 	if plugin.format == "tsv" {
 		now := time.Now()