HTTP client to communicate with TFServing (#10)

This patch modifies HTTP client to work with Tensorflow serving.

Author: ybubnov

.travis.yml

@@ -3,13 +3,7 @@
 language: go
 
 env:
-  global:
-    - GO111MODULE=on
-    - TENSORFLOW_SRC=https://storage.googleapis.com/tensorflow/libtensorflow/libtensorflow-cpu-linux-x86_64-1.15.0.tar.gz
-
-before_install:
-  - curl -fsSL $TENSORFLOW_SRC | sudo tar -C /usr/ -xzf -
-  - sudo ldconfig
+  - GO111MODULE=on
 
 go:
   - "1.12.x"

Corefile

@@ -1,6 +1,7 @@
 . {
     dnstun {
-        graph /var/dnstun/dnscnn.pb
+        runtime 127.0.0.1:8501
+        detector reverse dnscnn:1
     }
     forward . 8.8.8.8
 

Dockerfile

@@ -1,30 +1,23 @@
-ARG GOVERSION=1.14
+ARG GOVERSION=1.12
 
 FROM golang:${GOVERSION}-buster
 
 # All args after each FROM command are no longer available.
 ARG COREDNSVERSION=v1.6.4
-ARG TENSORFLOWVERSION=1.15.0
 
 RUN apt-get update && apt-get -uy upgrade
 RUN apt-get -y install ca-certificates && update-ca-certificates
 
 ENV COREDNSPATH github.com/coredns/coredns
 ENV DNSTUNPATH github.com/netrack/dnstun
-ENV TENSORFLOWPATH storage.googleapis.com/tensorflow/libtensorflow
 ENV GO111MODULE on
+ENV CGO_ENABLED 0
 
 RUN curl -fsSL https://${COREDNSPATH}/archive/${COREDNSVERSION}.tar.gz -o coredns.tar.gz \
     && mkdir -p coredns \
     && tar -xzf coredns.tar.gz --strip-components=1 -C coredns \
     && rm -rf coredns.tar.gz
 
-
-RUN curl -fsSL https://${TENSORFLOWPATH}/libtensorflow-cpu-linux-x86_64-${TENSORFLOWVERSION}.tar.gz -o tensorflow.tar.gz \
-    && tar -xzf tensorflow.tar.gz -C /usr/ \
-    && rm -rf tensorflow.tar.gz \
-    && ldconfig
-
 COPY . ${GOPATH}/src/${DNSTUNPATH}
 COPY plugin.cfg coredns/plugin.cfg
 
@@ -36,9 +29,8 @@ RUN go mod edit -replace ${DNSTUNPATH}@v0.0.0=${GOPATH}/src/${DNSTUNPATH}
 RUN go generate && go build -o /bin/coredns
 
 
-FROM debian:buster-slim
+FROM scratch
 COPY --from=0 /etc/ssl/certs /etc/ssl/certs
-COPY --from=0 /usr/lib/libtensorflow* /usr/lib/
 COPY --from=0 /bin/coredns /bin/coredns
 COPY Corefile /etc/coredns/Corefile
 VOLUME /etc/coredns

README.md

@@ -13,22 +13,33 @@ tunnels.
 
 ```txt
 dnstun {
-    graph PATH
+    runtime  HOST:PORT
+    detector forward|reverse DETECTOR:VERSION
 }
 ```
 
-* `graph` is a directive to configure detector. It is a path to the `.pb` file
-with constant graph used to classify DNS traffic.
+* `runtime` specifies the endpoint in `HOST:PORT` format to the remote model
+runtime. This runtime should comply with e.g. `tensorcraft` HTTP interface.
+
+* `detector` is a directive to configure detector. Option `forward` instructs
+the plugin to treat higher probability in the second element of prediction tuple
+as DNS tunnel, while `reverse` tells that first element in the prediction tuple
+identifies DNS tunnel.
 
 ## Examples
 
 Here are the few basic examples of how to enable DNS tunnelling detection.
 Usually DNS tunneling detection is turned only for all DNS queries.
 
+Analyze all DNS queries through remote resolver listening on TCP socket.
 ```txt
 .  {
     dnstun {
-        graph /var/dnstun/dnscnn.pb
+        # Connect to the runtime that stores model and executes it.
+        runtime 10.240.0.1:5678
+
+        # Choose detector and it's version.
+        detector reverse dns_cnn:latest
     }
 }
 ```