Skip to content
/ q Public
forked from natesales/q

A tiny command line DNS client with support for UDP, TCP, DoT, DoH, DoQ and ODoH.

License

Notifications You must be signed in to change notification settings

jonasbroms/q

 
 

Repository files navigation

q

A tiny and feature-rich command line DNS client with support for UDP, TCP, DoT, DoH, DoQ, and ODoH.

Release Coverage Go Report License

q screenshot

Examples

q example.com                            Lookup default records for a domain
q example.com MX SOA                     ...or specify a list of types

q example.com MX @9.9.9.9                Query a specific server
q example.com MX @https://dns.quad9.net  ...over HTTPS (or TCP, TLS, QUIC, or ODoH)...
q @sdns://AgcAAAAAAAAAAAAHOS45LjkuOQA    ...or from a DNS Stamp

q example.com MX --format=raw            Output in raw (dig) format
q example.com MX --format=json           ...or as JSON (or YAML)

Usage

Usage:
  q [OPTIONS] [@server] [type...] [name]

All long form (--) flags can be toggled with the dig-standard +[no]flag notation.

Application Options:
  -q, --qname=                 Query name
  -s, --server=                DNS server(s)
  -t, --type=                  RR type (e.g. A, AAAA, MX, etc.) or type integer
  -x, --reverse                Reverse lookup
  -d, --dnssec                 Set the DO (DNSSEC OK) bit in the OPT record
  -n, --nsid                   Set EDNS0 NSID opt
      --subnet=                Set EDNS0 client subnet
  -c, --chaos                  Use CHAOS query class
  -C=                          Set query class (default: IN 0x01) (default: 1)
  -p, --odoh-proxy=            ODoH proxy
      --timeout=               Query timeout (default: 10s)
      --pad                    Set EDNS0 padding
      --http3                  Use HTTP/3 for DoH
      --no-id-check            Disable checking of DNS response ID
      --no-reuse-conn          Use a new connection for each query
      --txtconcat              Concatenate TXT responses
      --qid=                   Set query ID (-1 for random) (default: -1)
  -b, --bootstrap-server=      DNS server to use for bootstrapping
      --bootstrap-timeout=     Bootstrapping timeout (default: 5s)
      --recaxfr                Perform recursive AXFR
  -f, --format=                Output format (pretty, column, json, yaml, raw)
                               (default: pretty)
      --pretty-ttls            Format TTLs in human readable format (default:
                               true)
      --short-ttls             Remove zero components of pretty TTLs.
                               (24h0m0s->24h) (default: true)
      --color                  Enable color output
      --question               Show question section
      --answer                 Show answer section (default: true)
      --authority              Show authority section
      --additional             Show additional section
  -S, --stats                  Show time statistics
      --all                    Show all sections and statistics
  -w                           Resolve ASN/ASName for A and AAAA records
  -r, --short                  Show record values only
  -R, --resolve-ips            Resolve PTR records for IP addresses in A and
                               AAAA records
      --aa                     Set AA (Authoritative Answer) flag in query
      --ad                     Set AD (Authentic Data) flag in query
      --cd                     Set CD (Checking Disabled) flag in query
      --rd                     Set RD (Recursion Desired) flag in query
                               (default: true)
      --ra                     Set RA (Recursion Available) flag in query
      --z                      Set Z (Zero) flag in query
      --t                      Set TC (Truncated) flag in query
  -i, --tls-no-verify          Disable TLS certificate verification
      --tls-server-name=       TLS server name for host verification
      --tls-min-version=       Minimum TLS version to use (default: 1.0)
      --tls-max-version=       Maximum TLS version to use (default: 1.3)
      --tls-next-protos=       TLS next protocols for ALPN
      --tls-cipher-suites=     TLS cipher suites
      --tls-curve-preferences= TLS curve preferences
      --tls-client-cert=       TLS client certificate file
      --tls-client-key=        TLS client key file
      --tls-key-log-file=      TLS key log file [$SSLKEYLOGFILE]
      --http-user-agent=       HTTP user agent
      --http-method=           HTTP method (default: GET)
      --quic-alpn-tokens=      QUIC ALPN tokens (default: doq, doq-i11)
      --quic-no-pmtud          Disable QUIC PMTU discovery
      --quic-no-length-prefix  Don't add RFC 9250 compliant length prefix
      --dnscrypt-tcp           Use TCP for DNSCrypt (default UDP)
      --dnscrypt-udp-size=     Maximum size of a DNS response this client can
                               sent or receive (default: 0)
      --dnscrypt-key=          DNSCrypt public key
      --dnscrypt-provider=     DNSCrypt provider name
      --default-rr-types=      Default record types (default: A, AAAA, NS, MX,
                               TXT, CNAME)
      --udp-buffer=            Set EDNS0 UDP size in query (default: 1232)
  -v, --verbose                Show verbose log messages
      --trace                  Show trace log messages
  -V, --version                Show version and exit

Help Options:
  -h, --help                   Show this help message

Demo

asciicast

Protocol Support

Installation

q is available from:

To install q from source:

git clone https://github.com/natesales/q && cd q
go install

# Without debug information
go install -ldflags="-s -w -X main.version=release"

Server Selection

q will use a server from the following sources, in order:

  1. @server argument (e.g. @9.9.9.9 or @https://dns.google/dns-query)
  2. Q_DEFAULT_SERVER environment variable
  3. /etc/resolv.conf

TLS Decryption

q supports TLS decryption through a key log file generated when the SSLKEYLOGFILE environment variable is set to a file path.

Feature Comparison

Protocol q doggo dog kdig dig drill
Transport Protocols
UDP/TCP
DNS over TLS
DNS over HTTPS
DNS over QUIC
Oblivious DNS over HTTPS
DNSCrypt v2
Features
Recursive AXFR
IP Whois
Resolve PTRs from A/AAAAs
Server from DNS Stamp
Output Formats
Raw (dig-style)
Pretty colors
JSON
YAML
Output Control
Toggle question section
Toggle answer section
Toggle authority section
Toggle additional section
Show query time
Query Flags
AA
AD
CD
RD
Z
DO
TC
Protocol Tweaks
HTTP Method
QUIC ALPN Tokens
QUIC toggle PMTU discovery
QUIC timeouts (dial and idle)
TLS handshake timeout

About

A tiny command line DNS client with support for UDP, TCP, DoT, DoH, DoQ and ODoH.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 99.5%
  • Other 0.5%