A tiny command line DNS client with support for UDP, DoT, DoH, and DoQ.

Overview

q

A tiny command line DNS client with support for UDP, DoT, DoH, and DoQ.

Go Report License Release

q screenshot

Usage

q command line DNS client (https://github.com/natesales/q)

Usage:
  q [OPTIONS] @<protocol>://<server>:[port] <rr types> <qname>

Options:
  -d, --dnssec  Request DNSSEC
  -r, --raw     Output raw DNS string format
  -h, --help    Display help menu
  -v, --verbose Enable verbose logging
  -q, --quiet   Don't display DNS response

Protocols:
  dns    RFC 1034 UDP/TCP DNS
  tls    RFC 7858 DNS over TLS
  https  RFC 8484 DNS over HTTPS
  quic   draft-ietf-dprive-dnsoquic-02 DNS over QUIC

Demo

asciicast

Protocol Support

Installation

q is available as a single binary under releases and in my public code repositories.

Comments
  • Not working correctly in Powershell 7.2.6 on Windows 10

    Not working correctly in Powershell 7.2.6 on Windows 10

    Hi there, thanks for sharing this project! I ran into an issue when trying to run q on Windows.

    When installing with Go [go install github.com/natesales/[email protected]] and running q example.com the only output I get are debug messages.

    Running in Powershell 7.2.6 image

    What I've tried

    • Running the binaries instead of installing via Go, I got no output at all that way.
    • Installing an older version [v0.8.0], same issue
    • Running q with commandprompt instead of powershell I still get the debug messages, but I do also get an output!

    Running in cmd image

    I'm not sure why I'm getting the debug messages when I install via Go, and not in the binaries. Am I missing an option somewhere? Im also not sure why it refuses to work in Powershell. If I can help let me know, I'd love to try this out as you intended it to work!

    opened by CorruptedPixl 14
  • --stats not showing query time

    --stats not showing query time

    Hi, the document states that " --stats Show time statistics". However, --stats did not show any additional information.

    PS F:\Software\q_0.8.0_windows_amd64> ./q -q xp.apple.com -s quic://b.iqiq.io:784 --stats
    xp.apple.com. 58m42s CNAME xp.itunes-apple.com.akadns.net.
    xp.itunes-apple.com.akadns.net. 3m42s CNAME ioshost.qtlcdn.com.
    ioshost.qtlcdn.com. 1m0s A 111.31.17.153
    ioshost.qtlcdn.com. 1m0s A 122.70.142.168
    xp.apple.com. 58m59s CNAME xp.itunes-apple.com.akadns.net.
    xp.itunes-apple.com.akadns.net. 3m59s CNAME ioshost.qtlcdn.com.
    xp.apple.com. 5m28s CNAME xp.itunes-apple.com.akadns.net.
    xp.itunes-apple.com.akadns.net. 2m51s CNAME xp.apple.com.edgekey.net.
    xp.apple.com.edgekey.net. 5m28s CNAME e17437.dsct.akamaiedge.net.
    xp.apple.com. 5m28s CNAME xp.itunes-apple.com.akadns.net.
    xp.itunes-apple.com.akadns.net. 2m51s CNAME xp.apple.com.edgekey.net.
    xp.apple.com.edgekey.net. 5m28s CNAME e17437.dsct.akamaiedge.net.
    xp.apple.com. 5m28s CNAME xp.itunes-apple.com.akadns.net.
    xp.itunes-apple.com.akadns.net. 2m51s CNAME xp.apple.com.edgekey.net.
    xp.apple.com.edgekey.net. 5m28s CNAME e17437.dsct.akamaiedge.net.
    xp.apple.com. 37m3s CNAME xp.itunes-apple.com.akadns.net.
    
    opened by godlikeanyone 3
  • CNAME multiple identical lines in output

    CNAME multiple identical lines in output

    Hi, Thank's for sharing q

    I understand not putting a record type, test/output the results for MX TXT NS, A AAAA CNAME .. (which is nice default)

    But in some cases, this will report the identical CNAME answer for each of those records types. Which may be quite confusing into the output as all exact same CNAME line.

    $ q -V
    https://github.com/natesales/q version 0.5.8 (e84c6bbbfaa762f904ffbbd402f83630fa67589e 2022-04-18T20:59:46Z)
    $
    $ q www.eff.org
    www.eff.org. 2h0m0s CNAME eff.map.fastly.net.
    www.eff.org. 2h0m0s CNAME eff.map.fastly.net.
    www.eff.org. 2h0m0s CNAME eff.map.fastly.net.
    www.eff.org. 2h0m0s CNAME eff.map.fastly.net.
    www.eff.org. 2h0m0s CNAME eff.map.fastly.net.
    www.eff.org. 2h0m0s CNAME eff.map.fastly.net.
    eff.map.fastly.net. 30s AAAA 2a04:4e42:1d::201
    eff.map.fastly.net. 30s A 151.101.120.201
    $
    $ q www.eff.org | sort -u
    eff.map.fastly.net. 30s A 151.101.120.201
    eff.map.fastly.net. 30s AAAA 2a04:4e42:1d::201
    www.eff.org. 1h48m16s CNAME eff.map.fastly.net.
    
    opened by uggyuggy 2
  • odoh not working with all targets

    odoh not working with all targets

    Hello,

    does the odoh support only works with specific versions/implementations? I am using the doh-server as a target and when I query it, I always get the error target provided no valid odoh configs.

    q a aaaa example.com --server=https://odoh-target.marco.cx --odoh-proxy=https://odoh-relay.marco.cx
    FATA[0002] target provided no valid odoh configs
    

    It works works fine when I use other odoh clients.

    opened by mschirrmeister 2
  • "read: connection refused" After Update to 0.3.0 and Later

    Hello,

    After update to 0.3.0 and later, attempt to q a domain will result to fellowing error.

    $ q  google.com
    FATA[0000] upstream query: read udp 127.0.0.1:48651->127.0.0.1:53: read: connection refused
    

    It can be bypassed by manuely specify an external DNS server, e.g.

    $ q -s 8.8.8.8 google.com
    google.com. 1m36s A 216.58.196.142
    google.com. 4m59s AAAA 2404:6800:4006:805::200e
    google.com. 1h18m4s NS ns2.google.com.
    google.com. 1h18m4s NS ns1.google.com.
    google.com. 1h18m4s NS ns3.google.com.
    google.com. 1h18m4s NS ns4.google.com.
    google.com. 59m59s TXT "google-site-verification=TV9-DBe4R80X4v0M4U_bd_J9cpOJM0nikft0jAgjmsQ"
    google.com. 59m59s TXT "MS=E4A68B9AB2BB9670BCE15412F62916164C0B20BB"
    google.com. 59m59s TXT "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
    

    Best wishes

    opened by CaringCat 2
  • fix: Handle /etc/resolv.conf more cautiously

    fix: Handle /etc/resolv.conf more cautiously

    On my machine, dhcpcd had taken control of /etc/resolv.conf and populated it with nothing but comments. This led to a runtime panic as conf.Servers was well-defined, but empty. This branch adds handling for this case.

    ...I just love this program, by the way.

    opened by adamroyjones 1
  • fix(resolver): Generate message ID for DNS query

    fix(resolver): Generate message ID for DNS query

    Zero ID is undefined in spec, some DNS servers might treat this as a malformed query.

    For example in my WSL:

    q google.com A
    

    The local DNS server will receive the following request with ID 0:

    tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
    listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
    16:06:31.693003 IP 172.30.70.197.48108 > ..domain: 0+ A? google.com. (28)
    16:06:31.698901 IP ..domain > 172.30.70.197.48108: 62696- 1/0/0 A 172.217.163.46 (54)
    

    The request will return a timeout error

    FATA[0010] read udp 172.30.70.197:48108->172.30.64.1:53: i/o timeout
    

    And dig will correctly generate a random ID 45960 and get the response.

    q google.com A
    
    tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
    listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
    16:11:39.973448 IP 172.30.70.197.33234 > ..domain: 45960+ [1au] A? google.com. (51)
    16:11:39.973898 IP ..domain > 172.30.70.197.33234: 45960-$ 1/0/0 A 142.251.43.14 (54)
    

    Here is the related issue: https://github.com/microsoft/WSL/issues/7964

    opened by paulip1792 1
  • Unable to build: x448 indirect dependency hosting infra is down

    Unable to build: x448 indirect dependency hosting infra is down

    The indirect dependency git.schwanenlied.me/yawning/x448.git v0.0.0-20170617130356-01b048fb03d6 cannot be downloaded because the host seems unreachable. This makes it impossible to build q.

    Related issue from a year ago: https://github.com/lightninglabs/faraday/issues/131

    Given how long ago that issue was filed, this doesn't seem like a temporary problem.

    opened by Seirdy 1
  • QUIC port number

    QUIC port number

    Since the ratification of DNS over QUIC (RFC9250), the official port for DoQ is 853. Would it make sense to change this default?

    https://github.com/natesales/q/blob/d0b049f0ce13676accc5423daa3dc91ae1b89395/main.go#L226

    References:

    https://datatracker.ietf.org/doc/html/rfc9250#section-4.1.1 https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=853

    opened by mdavids 1
  • README: Update installation section

    README: Update installation section

    Update the installation section in the README and tell the user how to produce a non-debug version from source. Useful since q doesn't seem to use go tags but rather GoReleaser, which is third-party (currently the user has to figure out how to produce a release version with/without GoReleaser).

    opened by lacamera 1
  • Color codes output

    Color codes output

    Hi, Thank's for sharing q

    Noticed output to file keeps the color codes.

    $  q -V
    https://github.com/natesales/q version 0.5.8 (e84c6bbbfaa762f904ffbbd402f83630fa67589e 2022-04-18T20:59:46Z)
    $
    $ q ns eff.org > /tmp/a
    $
    $ cat -A /tmp/a | head -1
    ^[[1;34meff.org.^[[0m ^[[1;32m1h43m58s^[[0m ^[[1;35mNS^[[0m ns4.eff.org.$
    $
    

    Sure we could easily strip the color codes from the output. This may be useful (as implemented into some other programs) to "detect" if the output is into the console (add color) or not (remove color codes) and/or add some --[no]color option to force

    opened by uggyuggy 1
  • q does not work well with IPv6 scope ID

    q does not work well with IPv6 scope ID

    Hi,

    How to reproduce the problem:

    ❯ q -v google.com
    DEBU[0000] RR types: [CNAME A AAAA NS MX TXT]
    DEBU[0000] found server fe80::1%en0 from /etc/resolv.conf
    DEBU[0000] Using scheme: plain host: [fe80::1%en0] port:
    FATA[0000] parse "plain://[fe80::1%en0]:53": invalid URL escape "%en"
    
    ❯ cat /etc/resolv.conf
    #
    # macOS Notice
    #
    # This file is not consulted for DNS hostname resolution, address
    # resolution, or the DNS query routing mechanism used by most
    # processes on this system.
    #
    # To view the DNS configuration used by this system, use:
    #   scutil --dns
    #
    # SEE ALSO
    #   dns-sd(1), scutil(8)
    #
    # This file is automatically generated.
    #
    search speedport.ip
    nameserver fe80::1%en0
    nameserver 192.168.2.1
    

    It works fine with other clients

    ❯ dig google.com
    
    ; <<>> DiG 9.10.6 <<>> google.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8654
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;google.com.                    IN      A
    
    ;; ANSWER SECTION:
    google.com.             25      IN      A       142.250.185.110
    
    ;; Query time: 22 msec
    ;; SERVER: fe80::1%6#53(fe80::1%6)
    ;; WHEN: Fri Nov 18 18:29:17 CET 2022
    ;; MSG SIZE  rcvd: 55
    
    ❯ nslookup google.com
    Server:         fe80::1%6
    Address:        fe80::1%6#53
    
    Non-authoritative answer:
    Name:   google.com
    Address: 142.250.186.110
    

    More info about Scope ID https://superuser.com/questions/99746/why-is-there-a-percent-sign-in-the-ipv6-address

    Thanks!

    opened by kam1kaze 0
  • Package/program name conflict

    Package/program name conflict

    On at least Fedora and Archlinux, there are already packages with the same name and executable name.

    https://packages.fedoraproject.org/pkgs/q/q/ https://aur.archlinux.org/packages/q

    This means that if I install q_0.8.2_linux_amd64.rpm on Fedora, dnf see the distribution q package as an update.

    opened by hwti 5
  • New flags

    New flags

    • [x] --tls-sni
    • [x] --padding
    • [ ] --retry
    • [ ] --cookie
    • [ ] --tap-dump (dump to DNSTAP file)
    • [ ] --tap-read (read from DNSTAP file instead of making a query. Alternatively prefix server name with a slash for an absolute path)
    • [x] Query type int
    • [x] Query class int
    opened by natesales 0
Releases(v0.8.4)
Owner
Nate Sales
Student, software developer, and infrastructure engineer interested in security and network technologies.
Nate Sales
UDP Transport: compress, encrypt and send any data reliably over unreliable UDP connections

udpt UDP Transport Compresses, encrypts and transfers data between a sender and receiver using UDP protocol. Features and Design Aims: Avoid the overh

Ali Bala 42 Nov 5, 2022
UDP output for beats to send events over UDP.

beats-udp-output How To Use Clone this project to elastic/beats/libbeat/output/ Modify elastic/beats/libbeat/publisher/includes/includes.go : // add i

ichx 0 Dec 11, 2021
Hetzner-dns-updater - A simple tool to update a DNS record via Hetzner DNS API. Used for simple HA together with Nomad

hetzner-dns-updater A small utility tool to update a single record via Hetzner D

Patrick Pacher 0 Feb 12, 2022
The Dual-Stack Dynamic DNS client, the world's first dynamic DNS client built for IPv6.

dsddns DsDDNS is the Dual-Stack Dynamic DNS client. A dynamic DNS client keeps your DNS records in sync with the IP addresses associated with your hom

Ryan Young 15 Sep 27, 2022
Forked Version of Miekg's DNS library that recycles UDP sockets

Alternative (more granular) approach to a DNS library Less is more. Complete and usable DNS library. All Resource Records are supported, including the

null 0 Jan 20, 2022
SOCKS Protocol Version 5 Library in Go. Full TCP/UDP and IPv4/IPv6 support

socks5 中文 SOCKS Protocol Version 5 Library. Full TCP/UDP and IPv4/IPv6 support. Goals: KISS, less is more, small API, code is like the original protoc

TxThinking 509 Jan 8, 2023
DNS Ping: to check packet loss and latency issues with DNS servers

DNSping DNS Ping checks packet loss and latency issues with DNS servers Installation If you have golang, easiest install is go get -u fortio.org/dnspi

Fortio (Φορτίο) 61 Nov 18, 2022
Verify IP addresses of respectful crawlers like Googlebot by reverse dns and forward dns lookups

goodbots - trust but verify goodbots verifies the IP addresses of respectful crawlers like Googlebot by performing reverse dns and forward dns lookups

Eric Wu 30 Aug 16, 2022
netcup DNS module for caddy: dns.providers.netcup

netcup DNS module for Caddy This package contains a DNS provider module for Caddy. It can be used to manage DNS records with the netcup DNS API using

null 7 Nov 9, 2022
A fork on miekg/dns (since I've already forked zmap/dns)

Alternative (more granular) approach to a DNS library Less is more. Complete and usable DNS library. All Resource Records are supported, including the

null 0 Jan 19, 2022
A simple DNS forwarder that forwards DNS queries to various upstreams

A simple DNS forwarder that forwards DNS queries to various upstreams. If an upstream returns NXDomain, the next upstream is tried.

null 1 Jul 8, 2022
Golang pow implementation client <-> server over UDP and TCP protocols

Client <-> server over UDP and TCP pow protocol Denial-of-Service-attacks are a typical situation when providing services over a network. A method for

Nikita Kryuchkov 0 Jan 13, 2022
QUIC-PING: A UDP client for sending QUIC PINGs.

QUIC-PING A UDP client for sending "QUIC PING"s. What is a QUIC PING? A QUIC Initial packet with random payload and the version 0xbabababa to force Ve

null 5 Dec 14, 2022
Privacy important, fast, recursive dns resolver server with dnssec support

?? Privacy important, fast, recursive dns resolver server with dnssec support Installation go get github.com/semihalev/sdns Pre-build Binaries Downloa

Yasar Alev 720 Dec 26, 2022
Designed to support DNS brute-forcing with a minimal number of network connections

Fast Use of DNS Resolvers Designed to support DNS brute-forcing with a minimal number of network connections. Installation go get -v -u github.com/caf

Jeff Foley 35 Dec 8, 2022
A tiny client and server for tinysql

Tiny Client/Server a tiny client and server for tinysql. Start // start server

null 1 Dec 21, 2021
Command-line tool and library for Windows remote command execution in Go

WinRM for Go Note: if you're looking for the winrm command-line tool, this has been splitted from this project and is available at winrm-cli This is a

Brice Figureau 389 Nov 29, 2022
A toy MMO example built using Ebiten and WebRTC DataChannels (UDP)

Ebiten WebRTC Toy MMO ⚠️ This is a piece of incomplete hobby work and not robust. Please read the "Why does this project exist?" section. What is this

Jae Bentvelzen 14 Aug 28, 2022