GitHub - genua/pfresolved: Resolve DNS names from file and write them into OpenBSD pf table.

genua / pfresolved Public

Notifications You must be signed in to change notification settings
Fork 1
Star 7

Resolve DNS names from file and write them into OpenBSD pf table.

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 50 Commits
.github/workflows		.github/workflows
pfresolvectl		pfresolvectl
regress		regress
Changes		Changes
LICENSE		LICENSE
Makefile		Makefile
README		README
control.c		control.c
forwarder.c		forwarder.c
log.c		log.c
parse.y		parse.y
pfresolved.8		pfresolved.8
pfresolved.c		pfresolved.c
pfresolved.conf.5		pfresolved.conf.5
pfresolved.h		pfresolved.h
pftable.c		pftable.c
proc.c		proc.c
timer.c		timer.c
util.c		util.c

Repository files navigation

Convert files with FQDN into IP addreses and write them into pf
tables.  The daemon pfresolved allows to consume lists of hostnames
that can be used in pf rules.  Thses lists are updated dynamically
using DNS.

Short description of notable files:

pfresolved.c:
	Main file for the parent process. Keeps track of resolve
	timeouts, send resolve requests to the forwarder process
	and updates internal data structures and the pf(4) tables
	with the results.

forwarder.c:
	Main file for the forwarder process. Sets up libunbound in
	the beginning and uses it to process resolve requests it
	receives from the parent.

pftable.c:
	Contains the functions necessary to update pf(4) tables.

util.c:
	Contains a few minor utility functions.

parse.y:
	Responsible for parsing the configuration file. The general
	lexing/parsing infrastructure was copied from iked's parse.y.

proc.c:
	Responsible for setting up the privsep infrastructure. Copied
	from iked's proc.c with minor changes to disable control sockets
	for now.

log.c:
	Contains logging utilities. Mostly copied from iked's log.c
	with a few changes to the log levels.

timer.c:
	Contains utility functions for setting up timeouts with
	libevent. Mostly copied from iked's timer.c.