| Age | Commit message (Collapse) | Author |
|---|
|
**💧 all: remove prefix "rescached:" on logging**
Adding those prefix make the log context redundant in journald.
**💧 block.d: update blocked hosts for pgl.yoyo.org and someonewhocares.org**
The pgl.yoyo.org updated to "Mon, 19 Jan 2026 15:51:36 GMT".
The someonewhocares.org updated to version "Tue, 27 Jan 2026 at 00:07:12
GMT".
**🌱 all: add option to set minimum TTL**
In the rescached.cfg, we add option where user can force the minimum
TTL in the DNS answer.
This option is not a standard and not recommended used in public
facing network.
It should be used only for personal and private network.
|
|
In the rescached.cfg, we add option where user can force the minimum
TTL in the DNS answer.
This option is not a standard and not recommended used in public
facing network.
It should be used only for personal and private network.
|
|
This release mostly chores.
**💧 all: replace golangci-lint with "go vet"**
**💧 all: replace debug package with internal Debug variabel**
The [debug.Value] will be removed in the next release of pakakeh.go.
**💧 internal/cmd/gocheck: add internal static analyzers**
Instead of using binary fieldalignment and shadow, run them by creating
command that call the same Analyzer internally.
This analyzers help finding possible panic on httpd.go.
**💧 make: remove build task from install tasks**
The build task should be run by user, while install tasks run by root.
If we make build depends on install then the binaries will rebuild by
user root.
**💧 Makefile: do not run "embed" when building rescached**
The embed command should be run once when the assets file in _www changes.
**💧 all: cleaning README and expand the index in documentation**
In the README, we remove the EXIT STATUS and AUTHOR sections.
Those sections are not informative.
In the index, we expand the preamble to include short information about
what is rescached.
**💧 make: fix building resolver**
Seems like the "go tool doc" subcommand has been removed on latest
release of Go.
|
|
=== Enhancements
* cmd/rescached: add sub command to print the current version
Running "rescached version" now will print the program version.
* support SVCB record (type 64) and HTTPS record (type 65)
The latest update on "lib/dns" package support RFC 9460, SVCB record
(type 64) and HTTPS record (type 65).
=== Chores
* all: replace module "share" with "pakakeh.go"
The module "share" has been moved to new repository at SourceHut and
we rename it to make it more unique instead of common English words
"share".
* all: move repository to SourceHut
The new repository and project page for rescached is at
https://sr.ht/~shulhan/rescached .
|
|
* all: remove loading system hosts file::
Loading and caching system hosts file (for example, /etc/hosts in
POSIX) will leaks internal hosts if the rescached server is open to
public.
The system hosts file are handled by nssswitch.conf "files" internally
so no need to loading it.
* cmd/resolver: replace "math/rand" with "crypto/rand"::
The random number from "math/rand" is predictable if the seed is
known. Even though the random number here is only for generating unique
request ID, we still need to prevent this by using more secure random
number.
|
|
=== Enhancements
* go.mod: set Go version to 1.19 and update share module
The latest share module has several fixes and enhancements regarding
DNS library, including
* lib/dns: simplify unpackDomainName return value for end
* lib/dns: use the packet length to derive current offset
* lib/dns: handle zone file with CRLF line ending
* lib/dns: allow parsing TXT rdata without quote in zone file
* lib/dns: fix parsing SRV record from zone file
* lib/dns: fix packing and unpacking resource record HINFO
* lib/dns: fix packing, parsing, and saving MINFO resource data
* _www/doc: update the index and resolver documentation
|
|
This release refactoring the resolver command as CLI to rescached server.
The resolver command now can manage environment, caches, hosts.d, and
zone.d in the server; not just query.
|
|
This release re-licensing the rescached under GPL 3.0 or later.
See https://kilabit.info/journal/2022/gpl/ for more information.
|
|
See https://kilabit.info/journal/2022/gpl/ for more information.
|
|
=== New features
* www: implement functionality to remove cache by record name
=== Bug fixes
* www: check for possible null on NameServers environment
* www: fix caches record type showing "undefined"
=== Chores
* all: fix format of all asciidoc files
* cmd/rescached: add command "embed" and to run in development mode
|
|
The CHANGELOG.adoc file is formatted using asciidoc markup.
So, to make the rendered HTML readable, it must adhere to the asciidoc
format, especially when formatting the list content.
|
|
== Breaking changes
* all: remove using tcp scheme in config and documentation
Using TCP for parent name server is discouraged, because most of server
disallow keeping the connection alive.
The valid use case for TCP connection is when server received truncated
UDP answer.
Using UDP as parent scheme, will automatically assume that the server
also capable of handling query in TCP.
This is required when client (for example, your browser) re-send the query
after receiving truncated UDP answer.
Any query received by rescached through TCP will forwarded to the parent
name server as TCP too, using the same address and port defined in one of
UDP parent.
While at it, use Cloudflare DNS server as default in configuration
and as example in documentation.
== New features
* Add support to save and load caches to/from storage upon restart
rescached now able to save and load caches to local storage upon restart.
On POSIX, the caches is stored in /var/cache/rescached/rescached.gob,
encoded using gob.
Update #9
== Bug fixes
* make the TCP forwarders as complementary of UDP
The TCP forwarders only active when client send the DNS request as TCP.
When the server receive that request it should also forward the request
as TCP not as UDP to prevent the truncated response.
Another use case for TCP is when the response is truncated, the client
will send the query back through TCP connection. The server should
forward this request using TCP instead of UDP.
== Enhancements
* remove the fallback name servers (NS) from server options
The original idea of fallback NS is to send the query to the one
define in resolv.conf, instead of using the one defined by user in
ServerOptions NameServers, when an error occured.
But, most of error usually caused by network (disconnected, time out),
so re-sending query to fallback NS does not have any effect if the
network it self is not working.
This changes remove the unnecessary and complex fallback NS from
server.
* Do not cache truncated answer
Previously only answer with non-zero response code is ignored.
This changes ignore also answer where response header is truncated.
|
|
The update bring new features and enhancements for DNS server.
* add support to save and load caches to/from storage
rescached now able to save and load caches to local storage upon
restart.
On POSIX, the caches is stored in /var/cache/rescached/rescached.gob,
encoded using gob.
Update #9
* remove the fallback name servers (NS) from server options
The original idea of fallback NS is to send the query to the one
define in resolv.conf, instead of using the one defined by user in
ServerOptions NameServers, when an error occured.
But, most of error usually caused by network (disconnected, time out),
so re-sending query to fallback NS does not have any effect if the
network it self is not working.
This changes remove the unnecessary and complex fallback NS from
server.
* do not cache truncated answer
Previously only answer with non-zero response code is ignored.
This changes ignore also answer where response header is truncated.
* lib/dns: make the TCP forwarders as complementary of UDP
The TCP forwarders only active when client send the DNS request as TCP.
When the server receive that request it should also forward the request
as TCP not as UDP to prevent the truncated response.
Another use case for TCP is when the response is truncated, the client
will send the query back through TCP connection. The server should
forward this request using TCP instead of UDP.
|
|
== New features
Rescached now have a web user interface (wui) that can be accessed at
http://127.0.0.1:5380.
The interface can be used to monitoring caches, managing caches, environment,
blocked hosts, internal hosts files, and zone files.
== Breaking changes
* The `rescached::dir.hosts` now default to "/etc/rescached/hosts.d"
* The `rescached::dir.master` now default to "/etc/rescached/zone.d"
|
|
|
|
This cause package is unbuildable using normal go get or clone.
Fix #6.
|
|
== Enhancements
* dns: change the mark of input/output in log output
Previously, the character '<' is used to indicate incoming request
from client and '>' to indicate outgoing response.
This change reverse it because '<' make more sense for output and '>'
is for input (looks like cin and cout on C++ world)
== Bug fixes
* dns: fix index out of range when unpacking OPT RR
* dns: forward the request to fallback queue if there is no forwarders
== Chores
* Add prefix "_" to all non-Go source directories.
This is to ignore the directory being scanned by Go tools.
|
|
== Enhancements
* Makefile: remove unused option "CGO_ENABLED=0"
== Bug Fixes
* Makefile: remove invalid task "install-service-systemd"
* cmd: fix formatting arguments
|
|
All the server core functionalities (caches and forwarding) now
implemented inside "dns.Server". The main function of this package are
for reading options from configuration file (or from command line options)
and watching changes from system resolv.conf.
== New Features
* Support serving and forwarding DNS over TLS
* Add launchd script for macOS and make tasks to install and uninstall on
macOS
== Breaking Changes
There are also some major changes on configuration file.
All configuration now break into two section '[rescached]' and
'[dns "server"]'.
For more information see new rescached.cfg manual page or an example in
`cmd/rescached/rescached.cfg`.
Some detailed changes are,
* "parent" option now use URI format instead of IP:PORT.
This will allow parent name servers to be UDP, TCP, and/or DoH
simultaneously.
* "server.doh.parent" and "server.parent.connection" are removed,
redundant with new "server.parent" format.
* "cache.threshold" is renamed to "cache.prune_threshold".
* "file.pid" is removed.
The concept of writing PID file when the program start on networking
service is not applicable or relevant anymore on systemd or launchd.
If the program already started, the second program will fail because
the port is already used.
|
|
|
|
The configuration file now group into two section: the '[rescached]' and
'[dns "server"]' sections. All of the configuration values are loaded
using ini.Unmarshal instead of using manual parsing.
|
|
The concept of writing PID file when the program start on networking
service is not applicable or relevant anymore on systemd or launchd.
If the program already started, the second program will fail because
the port is already used.
|
|
This changes add the macOS launchd script and make tasks to install
and uninstall in macOS.
|
|
|
|
All the server core functionalities (caches and forwarding) now
implemented inside "dns.Server". The main function of this package are
for reading options from configuration file (or from command line options)
and watching changes from system resolv.conf.
There are also some major changes on configuration file.
* "server.parent" option now use URI format instead of IP:PORT.
This will allow parent name servers to be UDP, TCP, and/or DoH
simultaneusly.
* "server.doh.parent" and "server.parent.connection" are removed,
redundant with new "server.parent" format.
* "cache.threshold" is renamed to "cache.prune_threshold".
|
|
== Bug Fix
Use single Go routine to handle request. This fix mismatched ID in
response due to single response is being use by multiple routines.
|
|
== Enhancements
* Run multiple (4) go routines to handle request
* Make the debug output to be more human readable
== Bug Fixes
* cmd/resolver: fix query with zero ID
|
|
== New Features
- Change default parent nameservers to Cloudflare DNS.
We believe in Cloudflare!
Please read Cloudflare DNS policy for more information,
https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/
== Enhancements
- Improve response performance. Previously we can serve around 93k
request per second (RPS).
The new enhancement increase the RPS to around 115k.
== Bug Fixes
- Fix the example certificate and key for DNS over HTTPS
- Fix the hosts.block destination file in script to update blocked host
file
- Fix response with different query type that may not get pruned
|
|
We believe in Cloudflare!
Please read Cloudflare DNS policy for more information,
https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/
|
|
|
|
Features
- Enable to handle request from UDP and TCP connections
- Enable to forward request using UDP or TCP connection
- Load and serve addresses and hostnames in `/etc/hosts`
- Load and serve hosts formated files inside directory
`/etc/rescached/hosts.d/`
- Blocking ads and/or malicious websites through host list in
`/etc/rescached/hosts.d/hosts.block`
- Support loading and serving master (zone) file format from
`/etc/rescached/master.d`
- Integration with openresolv
- Support DNS over HTTPS (DoH) (draft 14)
|
