vector icon indicating copy to clipboard operation
vector copied to clipboard
verified publisher icon vectordotdev

feat(sources): add TCP mode to DNSTAP source

Open esensar opened this issue 1 year ago • 0 comments

This adds TCP mode to DNSTAP source, while leaving the current one ("unix") as the default. This required a minor hack (https://stackoverflow.com/questions/61216723/how-can-i-deserialize-an-enum-with-an-optional-internal-tag/61219284#61219284) in serde deserialization. Unix is the default when cfg!(unix) is true, otherwise TCP is the default on port 9000. This can be changed to never default to TCP without explicitly mode to TCP.

This is implemented as a different framestream source, reusing some parts of TCP source code and some parts of framestream unix source.

This is just the first version that can successfully receive DNSTAP data over TCP. There is still work to be done:

  • [ ] Clean up unused things
  • [ ] Reuse/refactor TCP and framestream code to reduce duplication
  • [ ] Support max_connections configuration
  • [ ] Add integration tests similar to unix mode
  • [ ] Document new configuration options

Fixes: #19735

esensar avatar Feb 16 '24 14:02 esensar