From ad21e6aa88a3ab42e972c8bde3b1d5d6cf271163 Mon Sep 17 00:00:00 2001
From: Julien Pinsonneau <jpinsonn@redhat.com>
Date: Tue, 28 Oct 2025 15:34:07 +0100
Subject: [PATCH] add DNS Name

---
 cmd/config.yaml          | 16 ++++++++++++++++
 cmd/flow_db.go           |  9 +++++----
 cmd/flow_display_test.go |  8 ++++----
 cmd/root_test.go         |  1 +
 4 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/cmd/config.yaml b/cmd/config.yaml
index 856357562..2f4f1132b 100644
--- a/cmd/config.yaml
+++ b/cmd/config.yaml
@@ -552,6 +552,15 @@ columns:
     default: false
     width: 5
     feature: dnsTracking
+  - id: DNSName
+    group: DNS
+    name: DNS Name
+    tooltip: DNS name.
+    field: DnsName
+    filter: dns_name
+    default: false
+    width: 15
+    feature: dnsTracking
   - id: DNSLatency
     group: DNS
     name: DNS Latency
@@ -1019,6 +1028,10 @@ filters:
     name: DNS Id
     component: number
     hint: Specify a single DNS Id.
+  - id: dns_name
+    name: DNS Name
+    component: text
+    hint: Specify a single DNS name.
   - id: dns_latency
     name: DNS Latency
     component: number
@@ -1382,6 +1395,9 @@ fields:
   - name: DnsId
     type: number
     description: DNS record id
+  - name: DnsName
+    type: string
+    description: DNS queried name
   - name: DnsLatencyMs
     type: number
     description: Time between a DNS request and response, in milliseconds
diff --git a/cmd/flow_db.go b/cmd/flow_db.go
index b5760a814..06a1ebe69 100644
--- a/cmd/flow_db.go
+++ b/cmd/flow_db.go
@@ -59,6 +59,7 @@ func createFlowsDBTable(db *sql.DB) error {
 		"PktDropBytes" INTEGER,
 		"PktDropPackets" INTEGER,
 		"DnsId" INTEGER,
+		"DnsName" TEXT,
 		"DnsFlagsResponseCode" TEXT,
 		"DnsLatencyMs" TIMESTAMP,
 		"TimeFlowRTTNs" TIMESTAMP
@@ -99,13 +100,13 @@ func insertFlowToDB(db *sql.DB, buf []byte) error {
 	switch {
 	case flow["PktDropPackets"] != 0 && flow["DnsId"] != 0:
 		flowSQL =
-			`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, PktDropLatestDropCause, PktDropBytes, PktDropPackets, DnsId, DnsFlagsResponseCode, DnsLatencyMs, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
+			`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, PktDropLatestDropCause, PktDropBytes, PktDropPackets, DnsId, DnsName, DnsFlagsResponseCode, DnsLatencyMs, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
 	case flow["PktDropPackets"] != 0:
 		flowSQL =
 			`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, PktDropLatestDropCause, PktDropBytes, PktDropPackets, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
 	case flow["DnsId"] != 0:
 		flowSQL =
-			`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, DnsId, DnsFlagsResponseCode, DnsLatencyMs, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
+			`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, DnsId, DnsName, DnsFlagsResponseCode, DnsLatencyMs, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
 	default:
 		flowSQL =
 			`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
@@ -123,7 +124,7 @@ func insertFlowToDB(db *sql.DB, buf []byte) error {
 			flow["DNSErrno"], flow["Dscp"], flow["DstAddr"], flow["DstPort"], flow["Interface"],
 			flow["Proto"], flow["SrcAddr"], flow["SrcPort"], flow["Bytes"], flow["Packets"],
 			flow["PktDropLatestDropCause"], flow["PktDropBytes"], flow["PktDropPackets"],
-			flow["DnsId"], flow["DnsFlagsResponseCode"], flow["DnsLatencyMs"],
+			flow["DnsId"], flow["DnsName"], flow["DnsFlagsResponseCode"], flow["DnsLatencyMs"],
 			flow["TimeFlowRttNs"])
 	case flow["PktDropLatestDropCause"] != 0:
 		_, err = statement.Exec(
@@ -135,7 +136,7 @@ func insertFlowToDB(db *sql.DB, buf []byte) error {
 		_, err = statement.Exec(
 			flow["DNSErrno"], flow["Dscp"], flow["DstAddr"], flow["DstPort"], flow["Interface"],
 			flow["Proto"], flow["SrcAddr"], flow["SrcPort"], flow["Bytes"], flow["Packets"],
-			flow["DnsId"], flow["DnsFlagsResponseCode"], flow["DnsLatencyMs"],
+			flow["DnsId"], flow["DnsName"], flow["DnsFlagsResponseCode"], flow["DnsLatencyMs"],
 			flow["TimeFlowRttNs"])
 	default:
 		_, err = statement.Exec(
diff --git a/cmd/flow_display_test.go b/cmd/flow_display_test.go
index 2f48ded3a..58d5629b9 100644
--- a/cmd/flow_display_test.go
+++ b/cmd/flow_display_test.go
@@ -114,8 +114,8 @@ func TestFlowDisplayAdvancedDisplay(t *testing.T) {
 	// set display without enrichment
 	rows := getRows(allOptions, []string{pktDropFeature, dnsFeature, rttFeature, networkEventsDisplay}, noOptions, []string{})
 	assert.Equal(t, 2, len(rows))
-	assert.Equal(t, "End Time            Src IP         Src Port       Dst IP         Dst Port       Interfaces     Interface Dirs Drop BytesDrop…     Drop State     Drop Cause     Drop Flags     DNS Id    DNS…      DNS RCode DNS Error Flow RTT  Network Events      ", rows[0])
-	assert.Equal(t, "17:25:28.703000     10.128.0.29    1234           10.129.0.26    5678           f18b970c2ce8fddEgress         32B       1         TCP_INVALID…   SKB_DROP…      16             31319     1ms       NoError   0         10µs      Allowed by default… ", rows[1])
+	assert.Equal(t, "End Time            Src IP         Src Port       Dst IP         Dst Port       Interfaces     Interface Dirs Drop BytesDrop…     Drop State     Drop Cause     Drop Flags     DNS Id    DNS Name            DNS…      DNS RCode DNS Error Flow RTT  Network Events      ", rows[0])
+	assert.Equal(t, "17:25:28.703000     10.128.0.29    1234           10.129.0.26    5678           f18b970c2ce8fddEgress         32B       1         TCP_INVALID…   SKB_DROP…      16             31319     example.com         1ms       NoError   0         10µs      Allowed by default… ", rows[1])
 
 	// set display to standard
 	rows = getRows(standardDisplay, []string{}, noOptions, []string{})
@@ -135,8 +135,8 @@ func TestFlowDisplayAdvancedDisplay(t *testing.T) {
 	rows = getRows("DNS", []string{dnsFeature}, noOptions, []string{})
 
 	assert.Equal(t, 2, len(rows))
-	assert.Equal(t, "End Time            Src IP         Src Port       Dst IP         Dst Port       Interfaces     Interface Dirs DNS Id    DNS…      DNS RCode DNS Error ", rows[0])
-	assert.Equal(t, "17:25:28.703000     10.128.0.29    1234           10.129.0.26    5678           f18b970c2ce8fddEgress         31319     1ms       NoError   0         ", rows[1])
+	assert.Equal(t, "End Time            Src IP         Src Port       Dst IP         Dst Port       Interfaces     Interface Dirs DNS Id    DNS Name            DNS…      DNS RCode DNS Error ", rows[0])
+	assert.Equal(t, "17:25:28.703000     10.128.0.29    1234           10.129.0.26    5678           f18b970c2ce8fddEgress         31319     example.com         1ms       NoError   0         ", rows[1])
 
 	// set display to RTT
 	rows = getRows("RTT", []string{rttFeature}, noOptions, []string{})
diff --git a/cmd/root_test.go b/cmd/root_test.go
index 359cac705..6c20fa10c 100644
--- a/cmd/root_test.go
+++ b/cmd/root_test.go
@@ -17,6 +17,7 @@ const (
 		"DnsFlags":34176,
 		"DnsFlagsResponseCode":"NoError",
 		"DnsId":31319,
+		"DnsName":"example.com",
 		"DnsLatencyMs":1,
 		"Dscp":0,
 		"DstAddr":"10.129.0.26",