Packetbeat: add support for EDNS/DNSSEC #1292
Conversation
|
Jenkins standing by to test this. If you aren't a maintainer, you can ignore this comment. Someone with commit access, please review this and clear it for Jenkins to run; then say 'jenkins, test it'. |
| data, ok := mapStr["data"] | ||
| delete(mapStr, "data") | ||
|
|
||
| // Warn: Fields order is not guaranteed...if we want keys could be sorted though... |
There was a problem hiding this comment.
Order is not guaranteed but this loop frees us of implementing a second switch case for the different RR types. This makes RR type code maintenance easier.
Maybe we could find a way to guaranty the order. An alternative would be to autogenerate rrToMapStr/rrToString functions.
There was a problem hiding this comment.
e.g. if keys to be extracted are known beforehand:
var keys := []string{ ... }
for _, k := range keys {
v, ok := mapStr[k]
if !ok {
continue
}
...
}
There was a problem hiding this comment.
I definitely think we should sort by the map keys so that the string is rendered in a deterministic manner each time.
There was a problem hiding this comment.
Keys are known beforehand but they are numerous and for code maintenance it would be best to only set the keys in one spot, such as in rrToMapStr.
If we want it to be deterministic and sorted, can we consider using sort.Strings on the keys?
Of course that is not ideal because it runs yet another loop on the hashMap elements. But it would get the job done and ease RR types maintenance.
I guess the best solution would be to generate code with Golang from a file containing the RR types. But I have never used Golang code generation so I don't see it done in this PR.
There was a problem hiding this comment.
If we want it to be deterministic and sorted, can we consider using sort.Strings on the keys?
Yeah, iterate over the map and put the keys into an slice, call sort.Strings on the slice of keys, then iterate over the sorted keys when building up the string.
|
The OPT RR is referred to as a pseudo-RR because it contains metadata. If this is introduced, a []mapStr could be used (something like this) in the unit tests instead of the current []string for Answers, Additionals,... |
| @@ -24,6 +24,10 @@ import ( | |||
| "golang.org/x/net/publicsuffix" | |||
| ) | |||
|
|
|||
| var ( | |||
| debug = logp.MakeDebug("dns") | |||
There was a problem hiding this comment.
+1 consider naming debugf as some linters might check the format string then
Sounds like a good idea. For the specific case of the OPT RR, another option would be to move the contents of this RR to |
Terrific. I think I will go in this direction. Users capturing DNS traffic will most likely want to know how many EDNS or DNSSEC ( |
|
dependency miekg/dns very recently got a fix for edns, so vendor will be updated on this PR |
|
Waiting for miekg/dns#341 to close before updating vendor again. |
McStork
force-pushed
the
packetbeat-edns-dnssec
branch
from
ae18d9a
to
bcccd9f
Compare
* Add EDNS OPT meta-RR information in `dns.opt` field * Document EDNS fields * Do some EDNS checks (UDP packet size, OPT RR present in request and response) * Update vendor miekg/dns (EDNS fix) * Add DNSSEC RRs * Add new tests: begin `names_test.go` for RRs specific tests * Refactor rrToMapStr/rrToString to use only one switch case * Instantiate a logp.MakeDebug and use it throughout the dns package
McStork
force-pushed
the
packetbeat-edns-dnssec
branch
from
20f9085
to
0ee63f9
Compare
|
Squashed and rebased |
| // It would require some changes in unit tests | ||
| func rrToString(rr mkdns.RR) string { | ||
| var st string | ||
| var keys []string |
There was a problem hiding this comment.
A small optimization would be to allocate the slice once since we know the number of keys. keys = make([]string, 0, len(mapStr))
|
LGTM. I'm going to deploy the nightlies and test it out. 😄 Thanks |
EDNS
dns.optfieldDNSSEC
Other
names_test.gofor RRs specific tests