DNS Custom Tool — Policy-Based Resolver in Go by Leonardo DutraDNS Custom Tool — Policy-Based Resolver in Go by Leonardo Dutra

DNS Custom Tool — Policy-Based Resolver in Go

Leonardo Dutra

Security Engineer

Web Developer

Docker

Prometheus

Electronics

I built a custom DNS tool in Go that works as a cached proxy/resolver with policy enforcement. It centralizes domain control, blocks risky categories, and provides detailed audit logs. Features: per-client policies (IP/VLAN/group), block/allow lists, cache with prefetch, DoH/DoT with configurable fallback, conditional forwarding & split-horizon, optional DNSSEC and QNAME minimization, Prometheus metrics, JSON logs, Admin API + CLI, YAML hot-reload. Packaging: single binary, systemd, Docker on Linux/macOS/Windows. Outcome: reduced attack surface, standardized and auditable resolution, lower median latency via local cache.

Like this project

Posted Sep 29, 2025

Go DNS proxy/resolver with cache, per-client policies, blocklists, and DoH/DoT. Increased control, auditability, and security.

Likes

Views

Timeline

Jun 10, 2023 - Jul 20, 2023