310 lines
6.0 KiB
Plaintext
310 lines
6.0 KiB
Plaintext
NAME
|
|
|
|
awl - DNS lookup tool
|
|
|
|
SYNOPSIS
|
|
|
|
awl [ OPTIONS ] name [ @server ] [ type ], where
|
|
|
|
name is the query to make (example: froth.zone)
|
|
@server is the server to query (example: dns.froth.zone)
|
|
type is the DNS resource type (example: AAAA)
|
|
|
|
DESCRIPTION
|
|
|
|
awl (awls want licorice) is a simple tool designed to make DNS queries,
|
|
much like the venerable dig(1). An awl is a tool used to make small
|
|
holes, typically used in leatherworking.
|
|
|
|
awl is designed to be a more "modern" version of drill(1) by including
|
|
some more recent RFCs and output options.
|
|
|
|
When no arguments are given, awl will perform an NS query on the root
|
|
('.').
|
|
|
|
When a nameserver is not given, awl will query a random system
|
|
nameserver. If one cannot be found, awl will query localhost.
|
|
|
|
OPTIONS
|
|
|
|
Anything in [brackets] is optional.
|
|
|
|
-D, --dnssec, +dnssec
|
|
|
|
Enable DNSSEC. This needs to be manually enabled.
|
|
|
|
-v[=int]
|
|
|
|
Set verbosity Accepted values are as follows:
|
|
|
|
- 0: Only log errors.
|
|
|
|
- 1: Log warnings. This is the default.
|
|
|
|
- 2: Log information Default when specifying just -v.
|
|
|
|
- 3: Log information useful for debugging.
|
|
|
|
Setting a value lower than 0 disables logging entirely.
|
|
|
|
By default, specifying just -v sets the verbosity to 2 (info).
|
|
|
|
-V
|
|
|
|
Print the version and exit.
|
|
|
|
-h
|
|
|
|
Show a "short" help message.
|
|
|
|
Query Options
|
|
|
|
-4
|
|
|
|
Only make query over IPv4
|
|
|
|
-6
|
|
|
|
Only make query over IPv6
|
|
|
|
-p, --port port
|
|
|
|
Sets the port to query. Default ports listed below.
|
|
|
|
- 53 for UDP and TCP
|
|
|
|
- 853 for TLS and QUIC
|
|
|
|
- 443 for HTTPS
|
|
|
|
-q, --query domain
|
|
|
|
Domain to query (eg. example.com)
|
|
|
|
-c, --class class
|
|
|
|
DNS class to query (eg. IN, CH) The default is IN.
|
|
|
|
-t, --qType type
|
|
|
|
DNS type to query (eg. A, AAAA, NS) The default is A.
|
|
|
|
--no-truncate, +ignore
|
|
|
|
Ignore UDP truncation (by default, awl retries with TCP).
|
|
|
|
--no-bad-cookie, +[no]badcookie
|
|
|
|
[Do not] ignore BADCOOKIE responses
|
|
|
|
--tcp, +tcp, +vc
|
|
|
|
Use TCP for the query (see RFC 7766).
|
|
|
|
--dnscrypt, +dnscrypt
|
|
|
|
Use DNSCrypt.
|
|
|
|
-T, --tls, +tls
|
|
|
|
Use DNS-over-TLS, implies --tcp (see RFC 7858)
|
|
|
|
--tls-host string
|
|
|
|
Set hostname to use for TLS certificate validation. Default is the
|
|
name of the domain when querying over TLS, and empty for IPs.
|
|
|
|
--tls-no-verify
|
|
|
|
Ignore TLS validation when performing a DNS query.
|
|
|
|
-H. --https, +https
|
|
|
|
Use DNS-over-HTTPS (see RFC 8484).
|
|
|
|
-Q. --quic, +quic
|
|
|
|
Use DNS-over-QUIC (see RFC 9250).
|
|
|
|
-x, --reverse
|
|
|
|
Do a reverse lookup. Sets default type to PTR. awl automatically makes
|
|
an IP or phone number canonical.
|
|
|
|
--timeout seconds, +timeout=seconds
|
|
|
|
Set the timeout period. Floating point numbers are accepted. 0.5
|
|
seconds is the minimum.
|
|
|
|
--retries int, +tries=int, +retry=int
|
|
|
|
Set the number of retries. Retry is one more than tries, dig style.
|
|
|
|
DNS Flags
|
|
|
|
--aa[=bool], +[no]aaflag
|
|
|
|
(Set, Unset) AA (Authoritative Answer) flag.
|
|
|
|
--ad[=bool], +[no]adflag
|
|
|
|
(Set, Unset) AD (Authenticated Data) flag.
|
|
|
|
--tc[=bool], +[no]tcflag
|
|
|
|
(Set, Unset) TC (TrunCated) flag
|
|
|
|
-z[=bool], +[no]zflag
|
|
|
|
(Set, Unset) Z (Zero) flag.
|
|
|
|
--cd[=bool], +[no]cdflag
|
|
|
|
(Set, Unset) CD (Checking Disabled) flag.
|
|
|
|
--qr[=bool], +[no]qrflag
|
|
|
|
(Set, Unset) QR (QueRy) flag.
|
|
|
|
--rd[=bool], +[no]rdflag
|
|
|
|
(Set, Unset) RD (Recursion Desired) flag.
|
|
|
|
--ra[=bool], +[no]raflag
|
|
|
|
(Set, Unset) RA (Recursion Available) flag.
|
|
|
|
EDNS
|
|
|
|
All of these options except disabling EDNS imply +edns.
|
|
|
|
--no-edns, +noedns
|
|
|
|
Disable EDNS.
|
|
|
|
--edns-ver, +edns[=int]
|
|
|
|
Enable EDNS and set EDNS version. The maximum value is 255, and the
|
|
minimum (default) value is 0.
|
|
|
|
--expire. +[no]expire
|
|
|
|
Send an EDNS Expire.
|
|
|
|
--nsid, +[no]nsid
|
|
|
|
Send an EDNS name server ID request.
|
|
|
|
--no-cookie, +[no]cookie[=string]
|
|
|
|
Send an EDNS cookie. This is enabled by default with a random string.
|
|
|
|
--keep-alive, +[no]keepalive, +[no]keepopen
|
|
|
|
Send an EDNS keep-alive. This does nothing unless using TCP.
|
|
|
|
--buffer-size int, +bufize=int
|
|
|
|
Set the UDP message buffer size, using EDNS. Max is 65535, minimum is
|
|
zero. The default value is 1232.
|
|
|
|
--zflag int, +ednsflags=int
|
|
|
|
Set the must-be-zero EDNS flags. Decimal, hexadecimal and octal are
|
|
supported. Trying to set DO will be ignored.
|
|
|
|
--subnet ip[/prefix], +[no]subnet=ip[/prefix]
|
|
|
|
Send an EDNS Client Subnet option with the specified address.
|
|
|
|
Like dig(1), setting the IP to 0.0.0.0/0, ::/0 or 0 will signal the
|
|
resolver to not use any client information when returning the query.
|
|
|
|
Output Display
|
|
|
|
--no-question, +[no]question
|
|
|
|
Toggle the display of the Question section.
|
|
|
|
--no-answer, +[no]answer
|
|
|
|
Toggle the display of the Answer section.
|
|
|
|
--no-answer, +[no]answer
|
|
|
|
Toggle the display of the Answer section.
|
|
|
|
--no-authority, +[no]authority
|
|
|
|
Toggle the display of the Authority section.
|
|
|
|
--no-additional, +[no]additional
|
|
|
|
Toggle the display of the Additional section.
|
|
|
|
--no-statistics, +[no]stats
|
|
|
|
Toggle the display of the Statistics (additional comments) section.
|
|
|
|
Output Formats
|
|
|
|
-j, --json, +json
|
|
|
|
Print the query results as JSON.
|
|
|
|
-X, --xml, +xml
|
|
|
|
Print the query results as XML.
|
|
|
|
-y, --yaml, +yaml
|
|
|
|
Print the query results as YAML.
|
|
|
|
-s, --short, +short
|
|
|
|
Print just the address of the answer.
|
|
|
|
EXIT STATUS
|
|
|
|
The exit code is 0 when a query is successfully made and received. This
|
|
includes SERVFAILs, NOTIMPL among others.
|
|
|
|
EXAMPLES
|
|
|
|
awl grumbulon.xyz -j +cd
|
|
|
|
Run a query of your local resolver for the A records of grumbulon.xyz,
|
|
print them as JSON and disable DNSSEC verification.
|
|
|
|
awl +short example.com AAAA @1.1.1.1
|
|
|
|
Query 1.1.1.1 for the AAAA records of example.com, print just the
|
|
answers
|
|
|
|
awl -xT PTR 8.8.4.4 @dns.google
|
|
|
|
Query dns.google over TLS for the PTR record to the IP address 8.8.4.4
|
|
|
|
SEE ALSO
|
|
|
|
drill(1), dig(1)
|
|
|
|
STANDARDS
|
|
|
|
RFC 1034,1035 (UDP), 7766 (TCP), 7858 (TLS), 8484 (HTTPS), 9230 (QUIC)
|
|
|
|
Probably more, https://www.statdns.com/rfc
|
|
|
|
BUGS
|
|
|
|
OPT records are only printed when using a standard output, not
|
|
JSON/XML/YAML.
|
|
|
|
Full parity with dig(1) is not complete.
|
|
|
|
This man page is probably not complete.
|
|
|
|
Likely numerous more, report them either to the tracker
|
|
https://git.froth.zone/sam/awl/issues or via email
|
|
~sammefishe/awl-dev@lists.sr.ht
|