libs
libs copied to clipboard
falcosecurity
keep lookup history when refreshing cache
Signed-off-by: vadim.zyarko [email protected]
What type of PR is this?
/kind feature
Any specific area of the project related to this PR?
/area libsinsp
What this PR does / why we need it:
This PR is to refactor dns_manager:
- introduce a client API to clear the DNS cache, it might be required when client configuration has changed but the cache keeps on refreshing with all values.
- introduces new logic to retain previously discovered records while refreshing the cache. Currently, records discovered in previous refreshes are discarded and replaced with newly received ones. This makes the cache less useful in cases of multiple records for a name. eg loginmicrofsoft.com can resolve to 40 entries but DNS system reports only 8 records at a time. Thus keeping more records gives more precision to the cache.
Does this PR introduce a user-facing change?: yes
update: introduce a client API to clear the DNS cache, it might be required when client configuration has changed
but the cache keeps on refreshing with all values.
new: introduce new logic to retain previously discovered records while refreshing the cache.
Hi @VadimZy. Thanks for your PR.
I'm waiting for a falcosecurity member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.
Once the patch is verified, the new status will be reflected by the ok-to-test label.
I understand the commands that are listed here.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
[APPROVALNOTIFIER] This PR is NOT APPROVED
This pull-request has been approved by: VadimZy
To complete the pull request process, please assign fntlnz after the PR has been reviewed.
You can assign the PR to them by writing /assign @fntlnz in a comment when ready.
The full list of commands accepted by this bot can be found here.
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
@VadimZy as far as I can tell, there's a Prow automation plugin on the release-note block, so please update it to have something meaningful.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle rotten
@FedeDP Hi Federico, sorry for the delay. This PR is obsolete. We no longer use reverse DNS lookup in the agent. We moved to the bad IPs list matching.