The main goal of this code is to create a basic dnstap printing tool based on the golang-dnstap library.
The output is supposed to mimic the "short summary format" of
dnstap-read
from BIND but with the possibility of adding additional information via flags
so you can easily grep for such things (currently DNS ID via -id)
Usage of ./dnstap-parse:
-cpuprofile string
write cpu profile to file
-file string
read dnstap data from file
-id
include DNS ID in output
The -cpuprofile flag is not helpful for ordinary usage, it is just there to
be able to profile the tool.
From investigating dnstap files in the wild I have noticed some instances where the output of this tool and dnstap-read differs. Specifically the character escaping rules used by dnstap-read and miekg/dns differ somewhat.
One example of this is how 0x20 (space) is represented in domain names, where miekg/dns
will present it as \ and dnstap-read will present it as \032 leading to
this tool outputting example\ lookup/IN/A while dnstap-read will print
example\032lookup/IN/A.
Another example of this is the 0x27 (') character which is not escaped at
all by dnstap-read, but is escpaed in miekg/dns due to being defined as special
in isDomainNameLabelSpecial()
This results in dnstap-read outputting example'lookup/IN/A while this
tool prints example\'lookup/IN/A.
The overall character espacing rules used by miekg/dns can be found in UnpackDomainName()