Skip to content

Instantly share code, notes, and snippets.

@alexzorin

alexzorin/unbound-poll.go

Created June 1, 2018 02:09
Show Gist options
  • Save alexzorin/e696001e58d314476365b0df68335af3 to your computer and use it in GitHub Desktop.
Save alexzorin/e696001e58d314476365b0df68335af3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
unbound-poll.go
package main
import (
"fmt"
"log"
"os"
"time"
"github.com/miekg/dns"
"github.com/miekg/unbound"
)
func main() {
domains := os.Args[1:]
if len(domains) == 0 {
log.Fatal("Please provide at least one domain as CLI arguments")
}
for range time.Tick(time.Minute) {
if err := poll(domains); err != nil {
log.Fatal(err.Error())
}
}
}
func poll(domains []string) error {
ub := unbound.New()
defer ub.Destroy()
if err := setUnboundConfig(ub); err != nil {
return err
}
log.Println("Start")
var start time.Time
var elapsed time.Duration
for _, d := range domains {
start = time.Now()
result, err := ub.Resolve(d, dns.TypeCAA, dns.ClassINET)
elapsed = time.Now().Sub(start)
if err != nil {
log.Printf("Failed to look up %s in %s: %v", d, elapsed.String(), err)
}
if result == nil {
continue
}
if result.Bogus {
log.Printf("Response for %s was bogus: %s", d, result.WhyBogus)
}
log.Printf("%s for %s/CAA in %s", dns.RcodeToString[result.Rcode], d, elapsed.String())
}
log.Println("End")
return nil
}
func setUnboundConfig(ub *unbound.Unbound) error {
opts := []struct {
Opt string
Val string
}{
{"verbosity:", "0"},
{"use-syslog:", "no"},
{"do-ip4:", "yes"},
{"do-ip6:", "yes"},
{"do-udp:", "yes"},
{"do-tcp:", "yes"},
{"tcp-upstream:", "no"},
{"harden-glue:", "yes"},
{"harden-dnssec-stripped:", "yes"},
{"cache-min-ttl:", "0"},
{"cache-max-ttl:", "0"},
{"cache-max-negative-ttl:", "0"},
{"neg-cache-size:", "0"},
{"prefetch:", "no"},
{"unwanted-reply-threshold:", "10000"},
{"do-not-query-localhost:", "yes"},
{"val-clean-additional:", "yes"},
{"harden-algo-downgrade:", "yes"},
{"use-caps-for-id", "yes"},
}
for _, opt := range opts {
if err := ub.SetOption(opt.Opt, opt.Val); err != nil {
return fmt.Errorf("Failed to configure unbound with option %s %v", opt.Opt, err)
}
}
return ub.AddTa(`. 111013 IN DNSKEY 257 3 8 AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq QxA+Uk1ihz0=
. 111013 IN DNSKEY 256 3 8 AwEAAdU4aKlDgEpXWWpH5aXHJZI1Vm9Cm42mGAsqkz3akFctS6zsZHC3 pNNMug99fKa7OW+tRHIwZEc//mX8Jt6bcw5bPgRHG6u2eT8vUpbXDPVs 1ICGR6FhlwFWEOyxbIIiDfd7Eq6eALk5RNcauyE+/ZP+VdrhWZDeEWZR rPBLjByBWTHl+v/f+xvTJ3Stcq2tEqnzS2CCOr6RTJepprYhu+5Yl6aR ZmEVBK27WCW1Zrk1LekJvJXfcyKSKk19C5M5JWX58px6nB1IS0pMs6aC IK2yaQQVNUEg9XyQzBSv/rMxVNNy3VAqOjvh+OASpLMm4GECbSSe8jtj wG0I78sfMZc=
. 111013 IN DNSKEY 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3 +/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF 0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+e oZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfd RUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwN R1AkUTV74bU=`)
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment