forked from dmachard/DNS-collector
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuse-case-5.yml
31 lines (27 loc) · 894 Bytes
/
use-case-5.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Example 5: Read from UNIX DNSTap socket and forward it to TLS stream
#
# As prerequisites, we assume you have
# - a DNS server which supports DNSTap (unbound, bind, powerdns, etc) for more informations about dnstap,
# read the following page: https://dmachard.github.io/posts/0001-dnstap-testing/
# - a remote DNSTap collector with TLS support
# If turned on, debug messages are printed in the standard output
global:
trace:
verbose: true
multiplexer:
# Read DNSTap stream from a UNIX socket
collectors:
- name: tap_unix
dnstap:
sock-path: /tmp/dnstap.sock
# Sends to another DNSTap collector with TLS
loggers:
- name: tap_tls
dnstap:
remote-address: 127.0.0.1
remote-port: 6000
tls-support: true
# Routes DNS messages from the Unix socket to TLS tap destination
routes:
- from: [tap_unix]
to: [tap_tls]