dnstap: store information about protocot (UDP/TCP/QUIC) into tap file

src/contrib/dnstap/convert.c

-/*  Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+/*  Copyright (C) 2023 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
 
     This program is free software: you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -21,6 +21,7 @@
 
 #include "contrib/dnstap/convert.h"
 #include "contrib/dnstap/dnstap.pb-c.h"
+#include "libknot/probe/data.h"
 
 /*!
  * \brief Translation between real and Dnstap value.
@@ -43,8 +44,11 @@ static const mapping_t SOCKET_FAMILY_MAPPING[] = {
  * \brief Mapping from network protocol.
  */
 static const mapping_t SOCKET_PROTOCOL_MAPPING[] = {
-	{ IPPROTO_UDP, DNSTAP__SOCKET_PROTOCOL__UDP },
-	{ IPPROTO_TCP, DNSTAP__SOCKET_PROTOCOL__TCP },
+	{ KNOT_PROBE_PROTO_UDP,   DNSTAP__SOCKET_PROTOCOL__UDP },
+	{ KNOT_PROBE_PROTO_TCP,   DNSTAP__SOCKET_PROTOCOL__TCP },
+	{ KNOT_PROBE_PROTO_TLS,   DNSTAP__SOCKET_PROTOCOL__DOT },
+	{ KNOT_PROBE_PROTO_HTTPS, DNSTAP__SOCKET_PROTOCOL__DOH },
+	{ KNOT_PROBE_PROTO_QUIC,  DNSTAP__SOCKET_PROTOCOL__DOQ },
 	{ 0 }
 };
 
@@ -53,7 +57,7 @@ static const mapping_t SOCKET_PROTOCOL_MAPPING[] = {
  */
 static int encode(const mapping_t *mapping, int real)
 {
-	for (const mapping_t *m = mapping; m->real != 0; m += 1) {
+	for (const mapping_t *m = mapping; m->dnstap != 0; m += 1) {
 		if (m->real == real) {
 			return m->dnstap;
 		}
@@ -67,7 +71,7 @@ static int encode(const mapping_t *mapping, int real)
  */
 static int decode(const mapping_t *mapping, int dnstap)
 {
-	for (const mapping_t *m = mapping; m->real != 0; m += 1) {
+	for (const mapping_t *m = mapping; m->dnstap != 0; m += 1) {
 		if (m->dnstap == dnstap) {
 			return m->real;
 		}

src/knot/modules/dnstap/dnstap.c

@@ -87,19 +87,12 @@ static knotd_state_t log_message(knotd_state_t state, const knot_pkt_t *pkt,
 		msgtype = DNSTAP__MESSAGE__TYPE__AUTH_RESPONSE;
 	}
 
-	/* Determine whether we run on UDP/TCP. */
-	/* TODO: distinguish QUIC. */
-	int protocol = IPPROTO_UDP;
-	if (qdata->params->proto == KNOTD_QUERY_PROTO_TCP) {
-		protocol = IPPROTO_TCP;
-	}
-
 	/* Create a dnstap message. */
 	Dnstap__Message msg;
 	int ret = dt_message_fill(&msg, msgtype,
 	                          (const struct sockaddr *)knotd_qdata_remote_addr(qdata),
 	                          (const struct sockaddr *)knotd_qdata_local_addr(qdata),
-	                          protocol, pkt->wire, pkt->size, &tv);
+	                          qdata->params->proto, pkt->wire, pkt->size, &tv);
 	if (ret != KNOT_EOK) {
 		return state;
 	}

src/utils/kdig/kdig_exec.c

@@ -31,9 +31,10 @@
 #include "contrib/ucw/lists.h"
 
 #if USE_DNSTAP
-# include "contrib/dnstap/convert.h"
-# include "contrib/dnstap/message.h"
-# include "contrib/dnstap/writer.h"
+#include "contrib/dnstap/convert.h"
+#include "contrib/dnstap/message.h"
+#include "contrib/dnstap/writer.h"
+#include "libknot/probe/data.h"
 
 static int write_dnstap(dt_writer_t           *writer,
                         const bool            is_query,
@@ -109,16 +110,19 @@ static void fill_remote_addr(net_t *net, Dnstap__Message *message, bool is_initi
 
 	struct sockaddr_storage ss = { 0 };
 	int family = dt_family_decode(message->socket_family);
-	int proto = dt_protocol_decode(message->socket_protocol);
+	knot_probe_proto_t proto = dt_protocol_decode(message->socket_protocol);
 	int sock_type = 0;
 
 	switch (proto) {
-	case IPPROTO_TCP:
-		sock_type = SOCK_STREAM;
-		break;
-	case IPPROTO_UDP:
+	case KNOT_PROBE_PROTO_UDP:
+	case KNOT_PROBE_PROTO_QUIC:
 		sock_type = SOCK_DGRAM;
 		break;
+	case KNOT_PROBE_PROTO_TCP:
+	case KNOT_PROBE_PROTO_TLS:
+	case KNOT_PROBE_PROTO_HTTPS:
+		sock_type = SOCK_STREAM;
+		break;
 	default:
 		break;
 	}