Tools to work with the Google DNS over HTTPS API in R https://cinc.rud.is/web/packages/gdns/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

81 lines
3.3 KiB

6 years ago
% Generated by roxygen2: do not edit by hand
% Please edit documentation in R/zgdns.r
6 years ago
\name{query}
\alias{query}
\alias{dig}
6 years ago
\title{Perform DNS over HTTPS queries using Google}
\usage{
query(name, type = "1", cd = FALSE, do = FALSE,
edns_client_subnet = "0.0.0.0/0", random_padding = NULL)
dig(name, type = "1", cd = FALSE, do = FALSE,
edns_client_subnet = "0.0.0.0/0", random_padding = NULL)
6 years ago
}
\arguments{
\item{name}{item to lookup. Valid characters are numbers, letters, hyphen, and dot. Length
must be between 1 and 255. Names with escaped or non-ASCII characters
are not supported. Internationalized domain names must use the
6 years ago
punycode format (e.g. "\code{xn--qxam}").\cr
\cr If an IPv4 string is input, it will be transformed into
a proper format for reverse lookups.}
6 years ago
\item{type}{RR type can be represented as a number in [1, 65535] or canonical
6 years ago
string (A, aaaa, etc). More information on RR types can be
found \href{http://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4}{here}.
You can use \code{255} for an \code{ANY} query.}
6 years ago
\item{cd}{(Checking Disabled) flag. Use `TRUE` to disable DNSSEC validation;
Default: `FALSE`.}
\item{do}{(DNSSEC OK) flag. Use `TRUE` include DNSSEC records (RRSIG, NSEC, NSEC3);
Default: `FALSE`.}
6 years ago
\item{edns_client_subnet}{The edns0-client-subnet option. Format is an IP
address with a subnet mask. Examples: \code{1.2.3.4/24},
\code{2001:700:300::/48}.\cr
If you are using DNS-over-HTTPS because of privacy concerns, and do
not want any part of your IP address to be sent to authoritative
nameservers for geographic location accuracy, use
\code{edns_client_subnet=0.0.0.0/0}. Google Public DNS normally sends
approximate network information (usually replacing the last part of
6 years ago
your IPv4 address with zeroes). \code{0.0.0.0/0} is the default.}
\item{random_padding}{clients concerned about possible side-channel privacy
attacks using the packet sizes of HTTPS GET requests can use this to
make all requests exactly the same size by padding requests with random data.
To prevent misinterpretation of the URL, restrict the padding characters to
the unreserved URL characters: upper- and lower-case letters, digits,
hyphen, period, underscore and tilde.}
6 years ago
}
\value{
a \code{list} with the query result or \code{NULL} if an error occurred
}
\description{
Traditional DNS queries and responses are sent over UDP or TCP without
encryption. This is vulnerable to eavesdropping and spoofing (including
DNS-based Internet filtering). Responses from recursive resolvers to clients
are the most vulnerable to undesired or malicious changes, while
communications between recursive resolvers and authoritative nameservers
often incorporate additional protection.\cr
\cr
To address this problem, Google Public DNS offers DNS resolution over an
encrypted HTTPS connection. DNS-over-HTTPS greatly enhances privacy and
security between a client and a recursive resolver, and complements DNSSEC
to provide end-to-end authenticated DNS lookups.
}
6 years ago
\details{
To perform vectorized queries with only answers (and no metadata) use
\code{bulk_query()}).
}
6 years ago
\examples{
query("rud.is")
dig("example.com", "255") # ANY query
6 years ago
query("microsoft.com", "MX")
dig("google-public-dns-a.google.com", "TXT")
6 years ago
query("apple.com")
dig("17.142.160.59", "PTR")
6 years ago
}
6 years ago
\references{
<https://developers.google.com/speed/public-dns/docs/doh/json>
6 years ago
}