diff --git a/probe/endpoint/dns_snooper_linux_amd64.go b/probe/endpoint/dns_snooper_linux_amd64.go index 6ebd99b5e2..2a9d6be583 100644 --- a/probe/endpoint/dns_snooper_linux_amd64.go +++ b/probe/endpoint/dns_snooper_linux_amd64.go @@ -5,6 +5,7 @@ import ( "encoding/binary" "fmt" "math" + "sync" "time" log "github.com/Sirupsen/logrus" @@ -23,8 +24,10 @@ const ( // DNSSnooper is a snopper of DNS queries type DNSSnooper struct { - stop chan struct{} - pcapHandle *pcap.Handle + stop chan struct{} + pcapHandle *pcap.Handle + // gcache is goroutine-safe, but the cached values aren't + reverseDNSMutex sync.RWMutex reverseDNSCache gcache.Cache decodingErrorCounts map[string]uint64 // for limiting } @@ -101,10 +104,11 @@ func (s *DNSSnooper) CachedNamesForIP(ip string) []string { if err != nil { return result } - + s.reverseDNSMutex.RLock() for domain := range domains.(map[string]struct{}) { result = append(result, domain) } + s.reverseDNSMutex.RUnlock() return result } @@ -272,7 +276,9 @@ func (s *DNSSnooper) processDNSMessage(dns *layers.DNS) { s.reverseDNSCache.Set(ip, map[string]struct{}{newDomain: {}}) } else { // TODO: Be smarter about the expiration of entries with pre-existing associated domains + s.reverseDNSMutex.Lock() existingDomains.(map[string]struct{})[newDomain] = struct{}{} + s.reverseDNSMutex.Unlock() } } }