DNS Custom Tool — Policy-Based Resolver in Go

Leonardo

Leonardo Dutra

Security Engineer

Web Developer

Docker

Docker

Go

Go

Prometheus

Prometheus

Electronics

I built a custom DNS tool in Go that works as a cached proxy/resolver with policy enforcement. It centralizes domain control, blocks risky categories, and provides detailed audit logs. Features: per-client policies (IP/VLAN/group), block/allow lists, cache with prefetch, DoH/DoT with configurable fallback, conditional forwarding & split-horizon, optional DNSSEC and QNAME minimization, Prometheus metrics, JSON logs, Admin API + CLI, YAML hot-reload. Packaging: single binary, systemd, Docker on Linux/macOS/Windows. Outcome: reduced attack surface, standardized and auditable resolution, lower median latency via local cache.
Like this project

Posted Sep 29, 2025

Go DNS proxy/resolver with cache, per-client policies, blocklists, and DoH/DoT. Increased control, auditability, and security.

Likes

0

Views

2

Timeline

Jun 10, 2023 - Jul 20, 2023

Tags

Security Engineer

Web Developer

Docker

Docker

Go

Go

Prometheus

Prometheus

Electronics

Leonardo

Leonardo Dutra

Building high-performance Go APIs and observability

a link to the video instead.
Cross-Platform Diagnostic Tool Development
Modernizing Legacy Java with IaC (Security & Portability)
Modernizing Legacy Java with IaC (Security & Portability)