11 | Description: Edge Cache Appliance for the PacketFrame CDN
12 | endef
13 |
14 | define VARS
15 | $(CONTROL_FILE)
16 | endef
17 | export VARS
18 |
19 | build:
20 | mkdir -p {debian/DEBIAN/,debian/etc/packetframe-eca/,debian/var/packetframe-eca/,debian/usr/bin/,/etc/systemd/system/}
21 | cp eca.py debian/usr/bin/packetframe-eca.py
22 | cp packetframe-eca.service /etc/systemd/system/
23 | echo "$$VARS" > debian/DEBIAN/control
24 | echo "Copyright 2021 PacketFrame." > debian/DEBIAN/copyright
25 | dpkg-deb --build debian
26 | mv debian.deb packetframe-eca.deb
27 |
28 | clean:
29 | rm -rf packetframe-eca*.deb debian/
30 |
--------------------------------------------------------------------------------
/eca/delivr-eca.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=PacketFrame Edge Cache Appliance
3 | Documentation=https://packetframe.com
4 | After=network.target
5 |
6 | [Service]
7 | User=root
8 | Group=root
9 | ExecStart=/usr/bin/packetframe-eca.py
10 |
11 | [Install]
12 | WantedBy=multi-user.target
13 |
--------------------------------------------------------------------------------
/eca/eca.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 | import glob
3 | import os
4 | import time
5 |
6 | import requests
7 |
8 |
9 | def log_error(err):
10 | print("Unable to connect to ECA control plane. Please contact info@packetframe.com for more information. Error: " + str(err))
11 | exit(1)
12 |
13 |
14 | def query(route):
15 | return requests.get("https://packetframe.com/api/eca/" + route, headers={"X-Auth-Key": auth_key})
16 |
17 |
18 | def check_response(response):
19 | if response.status_code != 200:
20 | log_error("HTTP status code == " + str(response.status_code))
21 |
22 | if not response.json()["success"]:
23 | log_error("(PacketFrame) " + str(response.json()["message"]))
24 |
25 |
26 | print("Clearing zone files")
27 | files = glob.glob("/etc/bind/db.*")
28 | for file in files:
29 | os.remove(file)
30 |
31 | print("Checking credentials")
32 | auth_key = ""
33 | try:
34 | with open("/etc/packetframe-eca/auth") as auth_key_file:
35 | auth_key = auth_key_file.read().strip()
36 | except Exception as e:
37 | print("Unable to read auth file: " + str(e))
38 | else:
39 | print("Loaded authentication file")
40 |
41 | print("Verifying connectivity to ECA control plane")
42 | r = query("check")
43 | check_response(r)
44 | print("Connected to ECA control plane successfully")
45 |
46 | with open("/var/packetframe-eca/info", "w") as info_file:
47 | info_file.write(str(r.json()["message"]))
48 |
49 | disabled = False
50 | local_manifest = {}
51 | server_manifest = {}
52 | while not disabled:
53 | print("Pulling manifest")
54 | r = query("manifest")
55 | check_response(r)
56 | server_manifest = r.json()["message"]["zones"]
57 |
58 | should_pull_registry = False
59 |
60 | for zone in server_manifest:
61 | server_serial = server_manifest[zone]
62 | local_serial = local_manifest.get(zone)
63 |
64 | if (not local_serial) or (server_serial > local_serial):
65 | print("Pulling " + zone)
66 | r = query("pull/" + zone)
67 | check_response(r)
68 |
69 | with open("/etc/bind/db." + zone, "w") as zone_file:
70 | zone_file.write(r.json()["message"]["file"])
71 |
72 | local_manifest[zone] = r.json()["message"]["serial"]
73 |
74 | should_pull_registry = True
75 |
76 | if should_pull_registry:
77 | print("Pulling zone registry")
78 | r = query("registry")
79 |
80 | with open("/etc/bind/named.conf.local", "w") as local_file:
81 | local_file.write(r.json()["message"])
82 |
83 | os.system("rndc reload")
84 |
85 | print("Waiting for next pull")
86 | time.sleep(60)
87 |
--------------------------------------------------------------------------------
/frontend/.gitignore:
--------------------------------------------------------------------------------
1 | /node_modules/
2 | /public/build/
3 |
4 | .DS_Store
5 |
--------------------------------------------------------------------------------
/frontend/.idea/.gitignore:
--------------------------------------------------------------------------------
1 | # Default ignored files
2 | /shelf/
3 | /workspace.xml
4 | # Datasource local storage ignored files
5 | /dataSources/
6 | /dataSources.local.xml
7 | # Editor-based HTTP Client requests
8 | /httpRequests/
9 |
--------------------------------------------------------------------------------
/frontend/.idea/cdn-frontend.iml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
9 |
--------------------------------------------------------------------------------
/frontend/.idea/dictionaries/nate.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | aaaa
5 | delivr
6 | navbar
7 | sethjs
8 |
9 |
10 |
--------------------------------------------------------------------------------
/frontend/.idea/misc.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
6 |
7 |
9 |
--------------------------------------------------------------------------------
/frontend/.idea/modules.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 |
8 |
--------------------------------------------------------------------------------
/frontend/.idea/vcs.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
6 |
--------------------------------------------------------------------------------
/frontend/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "svelte-app",
3 | "version": "1.0.0",
4 | "scripts": {
5 | "build": "rollup -c",
6 | "dev": "rollup -c -w",
7 | "start": "sirv public"
8 | },
9 | "devDependencies": {
10 | "@rollup/plugin-commonjs": "^14.0.0",
11 | "@rollup/plugin-node-resolve": "^8.0.0",
12 | "rollup": "^2.3.4",
13 | "rollup-plugin-livereload": "^2.0.0",
14 | "rollup-plugin-mdsvex-pages": "^1.2.9",
15 | "rollup-plugin-svelte": "^6.0.0",
16 | "rollup-plugin-terser": "^7.0.0",
17 | "svelte": "^3.0.0"
18 | },
19 | "dependencies": {
20 | "mdsvex": "^0.8.9",
21 | "sirv-cli": "^1.0.0",
22 | "svelte-spa-router": "^3.1.0"
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/frontend/public/global.css:
--------------------------------------------------------------------------------
1 | html, body {
2 | position: relative;
3 | width: 100%;
4 | height: 100%;
5 | }
6 |
7 | body {
8 | color: #ffffff;
9 | background-color: #000;
10 | margin: 0;
11 | padding: 0;
12 | box-sizing: border-box;
13 | font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif;
14 | }
--------------------------------------------------------------------------------
/frontend/public/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Packetframe CDN - The Open Source CDN for Technology Enthusiasts
8 |
9 | proud_coder server_cluster
54 |
64 |
65 |
66 |
69 |
70 |
71 |
72 |
73 |
--------------------------------------------------------------------------------
/frontend/src/blog/2020-10-22-hello-world.md:
--------------------------------------------------------------------------------
1 | ---
2 | slug: hello-world
3 | title: Hello World
4 | author: Nate Sales
5 | author_title: PacketFrame
6 | author_url: https://natesales.net/
7 | author_image_url: https://avatars2.githubusercontent.com/u/20391440
8 | tags: ["Hello World"]
9 | ---
10 |
11 | Hello World!
12 |
13 | Welcome to PacketFrame, the open source CDN platform for technology enthusiasts - currently in private beta. If you would like an account, please contact moc.emarftekcap@ofni and your application will be considered!
14 |
--------------------------------------------------------------------------------
/frontend/src/blog/2020-11-22-outage.md:
--------------------------------------------------------------------------------
1 | ---
2 | slug: november-22-outage
3 | title: DNS Outage of November 22, 2020
4 | author: Nate Sales
5 | author_title: PacketFrame
6 | author_url: https://natesales.net/
7 | author_image_url: https://avatars2.githubusercontent.com/u/20391440
8 | ---
9 |
10 | PacketFrame DNS Outage of November 22, 2020
11 |
12 | On Sat Nov 21, a code change to the PacketFrame control plane was pushed that allowed for more flexibility in embedded origin nodes for use in IXPs. The change allowed a single machine to serve both DNS and HTTP traffic. As a result, the current HTTP nodes were drained and scheduled for removal from the network. As an anycast network, PacketFrame is designed to handle multiple node failures and ordinarily powering off multiple nodes would not cause a problem. However, after the nodes were drained, they did not properly power down likely due to a hypervisor operation lock that failed to acquire. There was a period of time where 3 nodes were announcing the anycast prefixes with incorrect data which effected certain sites on the platform.
13 |
14 | On Sun Nov 20, a user reported a partial DNS outage. Upon investigation, it appeared that one of the cache nodes had still been announcing the anycast prefixes without an operational authoritative DNS process. The failed node was immideately withdrawn from the cluster to allow for functional nodes to take over the load. A series of tests were ran to ensure the cluster was still operating normally, and all nodes were found to be operational. A DNS query was executed on 50 random NLNOG RING nodes and 49 returned the correct DNS response. The one incorrectly responding node is likely behind a caching resolver that is storing records longer than it should be.
15 |
16 | At this point the issue is marked as resolved on our end. Popular public DNS resolvers (Google, Cloudflare, Quad9, and OpenDNS) are all currently returning correct data, although ISP resolvers may be incorrectly configured to not honor DNS TTLs or are caching records for longer than they should be. If you are still having issues please try an alternate resolver.
17 |
18 | If you have any questions, feel free to send an email to info@packetframe.com
19 |
--------------------------------------------------------------------------------
/frontend/src/components/Banner.svelte:
--------------------------------------------------------------------------------
1 |
6 |
7 |
8 | {#if shown}
9 |
10 |
11 |
12 |
shown=false} class="material-icons">close
13 |
16 |
17 |
32 |
--------------------------------------------------------------------------------
/frontend/src/components/Button.svelte:
--------------------------------------------------------------------------------
1 |
17 |
18 |
19 |
20 | {#if icon !== ""}
21 |
22 | {icon}
23 |
24 | {/if}
25 |
26 | {#if isSlotFilled}
27 |
28 |
30 | {/if}
31 |
32 |
33 |
34 |
--------------------------------------------------------------------------------
/frontend/src/components/ButtonBar.svelte:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
--------------------------------------------------------------------------------
/frontend/src/components/CheckBoxes.svelte:
--------------------------------------------------------------------------------
1 |
4 |
5 |
6 | {#each nodes as node}
7 |
8 |
9 |
12 |
13 | {/each}
14 |
15 |
16 |
53 |
--------------------------------------------------------------------------------
/frontend/src/components/Dropdown.svelte:
--------------------------------------------------------------------------------
1 |
9 |
10 |
11 |
12 |
13 |
15 |
16 |
17 |
18 |
39 |
--------------------------------------------------------------------------------
/frontend/src/components/Email.svelte:
--------------------------------------------------------------------------------
1 | moc.emarftekcap@ofni
2 |
3 |
9 |
--------------------------------------------------------------------------------
/frontend/src/components/EmailSignupForm.svelte:
--------------------------------------------------------------------------------
1 |
2 |
11 |
12 |
13 |
37 |
--------------------------------------------------------------------------------
/frontend/src/components/EntryForm.svelte:
--------------------------------------------------------------------------------
1 |
40 |
41 |
42 |
64 |
65 |
66 |
91 |
--------------------------------------------------------------------------------
/frontend/src/components/Navbar.svelte:
--------------------------------------------------------------------------------
1 |
31 |
32 |
35 |
36 |
37 |
38 |
39 | {#if screenWidth <= 820}
40 |
41 | {menuOpen ? 'close' : 'menu'}
42 |
43 | {/if}
44 |
57 |
58 |
157 |
--------------------------------------------------------------------------------
/frontend/src/components/NetworkMap.svelte:
--------------------------------------------------------------------------------
1 |
74 |
75 |
76 |
77 |
78 |
79 |
87 |
88 |
24 |
25 |
26 |
27 | Name ({nodeNum})
28 | Location
29 | Datacenter
30 | Provider
31 | {#if admin}
32 | IP
33 | {/if}
34 |
35 |
36 |
37 | {#if nodes}
38 | {#each nodes as node, i }
39 |
40 | {node["name"]}
41 | {node["location"]}
42 | {node["datacenter"]}
43 | {node["provider"]}
44 | {#if admin}
45 | {node["management_ip"]}
46 | {/if}
47 |
48 | {/each}
49 | {:else}
50 | Loading...
51 | {/if}
52 |
53 |
54 |
56 |
57 |
113 |
--------------------------------------------------------------------------------
/frontend/src/components/NumberInput.svelte:
--------------------------------------------------------------------------------
1 |
7 |
8 |
9 |
10 |
12 |
13 |
14 |
29 |
--------------------------------------------------------------------------------
/frontend/src/components/Settings.svelte:
--------------------------------------------------------------------------------
1 |
64 |
65 |
66 |
67 | {#if email}
68 |
User Settings for {email}
69 | {:else}
70 |
User Settings
71 | {/if}
72 |
73 |
74 | changePassword()} tbpadded>Submit
77 |
78 |
81 |
ACL Settings
82 |
83 | {#if acl && acl.length > 0}
84 |
85 | {#each acl as rule, i }
86 | {rule}
87 | {/each}
88 |
89 | {:else}
90 |
No ACL rules defined
91 | {/if}
92 |
93 |
94 |
appendAcl()} tbpadded>Submit
95 |
96 |
98 |
99 |
121 |
122 |
--------------------------------------------------------------------------------
/frontend/src/components/Snackbar.svelte:
--------------------------------------------------------------------------------
1 |
34 |
35 | {#if open}
36 |
40 | {status}
41 | {message}
42 |
43 | close
44 |
45 |
46 | {/if}
47 |
48 |
--------------------------------------------------------------------------------
/frontend/src/components/SnackbarGroup.svelte:
--------------------------------------------------------------------------------
1 |
22 |
23 |
24 | {#each Object.keys($SnackBars) as key, i}
25 |
35 |
36 |
--------------------------------------------------------------------------------
/frontend/src/components/Table.svelte:
--------------------------------------------------------------------------------
1 |
6 |
7 |
8 |
9 |
{title}
10 |
11 |
13 |
14 |
15 |
18 |
19 |
20 |
75 |
--------------------------------------------------------------------------------
/frontend/src/components/TextInput.svelte:
--------------------------------------------------------------------------------
1 |
9 |
10 |
11 |
12 | {#if password}
13 |
18 |
19 |
39 |
--------------------------------------------------------------------------------
/frontend/src/components/ToggleButton.svelte:
--------------------------------------------------------------------------------
1 |
8 |
9 |
10 |
11 |
12 | {#if enable}
13 | {#if icon == "globe"}
14 | location_on
15 | {:else}
16 | cloud
17 | {/if}
18 | {:else}
19 | {#if icon == "globe"}
20 | location_off
21 | {:else}
22 | cloud_off
23 | {/if}
24 | {/if}
25 |
26 |
27 | {#if isSlotFilled}
28 |
29 |
31 | {/if}
32 |
33 |
34 |
35 |
--------------------------------------------------------------------------------
/frontend/src/components/UserTable.svelte:
--------------------------------------------------------------------------------
1 |
33 |
34 |
35 |
36 |
37 |
38 | Email
39 |
42 |
43 | {#if users}
44 | {#each users as user, i }
45 |
46 | {user["username"]}
47 |
48 | {#if user["enabled"]}
49 | toggleState(user["username"])}>Enabled
50 | {:else}
51 | toggleState(user["username"])}>Disabled
52 | {/if}
53 |
54 |
55 |
56 | {#if user["admin"]}
57 | Admin
58 | {/if}
59 |
60 |
61 | {/each}
62 | {:else}
63 | Loading...
64 | {/if}
65 |
66 |
68 |
69 |
127 |
--------------------------------------------------------------------------------
/frontend/src/docs/api.md:
--------------------------------------------------------------------------------
1 | ---
2 | id: api
3 | title: API
4 | ---
5 |
6 |
7 |
8 |
9 | #
Docs / API
10 |
11 |
12 |
13 | PacketFrame's API exposes all functionality of the platform via a RESTful programmatic interface.
14 |
15 | All API routes are under `https://packetframe.com/api/`
16 |
17 | Authenticated routes require the `X-API-Key` request header to be set to your API key.
18 |
19 | ## Routes
20 |
21 | | Endpoint | Methods | Usage |
22 | | ---------------------------------- | -------- | -------------------------------------------------- |
23 | | /auth/signup | POST | Create an account |
24 | | /auth/login | POST | Get your API token |
25 | | /zones/add | POST | Add a zone |
26 | | /zones/list | GET | Get all zones under your account |
27 | | /zone/[ZONE]/delete | POST | Remove [ZONE] |
28 | | /zone/[ZONE]/add | POST | Add a record to [ZONE] |
29 | | /zone/[ZONE/records | GET | Get records for [ZONE] |
30 | | /zone/[ZONE/users | GET | Get users for [ZONE] |
31 | | /zone/[ZONE]/delete_record/[INDEX] | POST | Delete record at [INDEX] from [ZONE] |
32 | | /zone/[ZONE]/export | GET | Download RFC 1035 zone file for [ZONE] |
33 | | /admin | GET | Check if the authenticated user is an admin or not |
34 | | /user/acl | GET, PUT | Get or append to a user IP ACL |
35 | | /user/change_password | POST | Change a user's password |
36 | | /counters | GET | Get node and location counters |
37 | | /nodes/geoloc | GET | Get node locations |
38 |
39 | ## Admin Routes
40 |
41 | | Endpoint | Methods | Usage |
42 | | ------------------- | ------- | --------------------------------------------- |
43 | | /nodes/add | POST | Add a DNS node |
44 | | /nodes/list | GET | Get all DNS node |
45 | | /nodes/power | POST | Enable or disable the node's BGP daemon |
46 | | /stats | GET | Get system stats counters (nodes/zones/users) |
47 | | /users | GET | Get all users |
48 | | /user/[USER]/toggle | POST | Toggle [USER]'s enabled state |
49 |
50 | ## Debug Routes
51 |
52 | | Endpoint | Methods | Usage |
53 | | ---------------------------------- | ------- | ----------------------------------------- |
54 | | /debug/refresh_zones | GET | Refresh all zones |
55 | | /debug/clear_queue | GET | Clear opqueue |
56 | | /debug/queue_status | GET | Get number of running and ready tasks |
57 | | /debug/refresh_cache | GET | Refresh cache's varnish and caddy configs |
58 | | /debug/update_collector_monitoring | GET | Update route collector and prometheus configs |
59 | | /debug/healthcheck | GET | Run network-wide node healthcheck |
60 |
61 | ### Route Specifics
62 |
63 | #### /auth/signup
64 |
65 | Create a zone
66 |
67 | Methods: POST
68 |
69 | Request Body:
70 |
71 | | POST Field | Type | Description |
72 | | ---------- | ------ | ----------- |
73 | | username | string | Username |
74 | | password | string | Password |
75 |
76 | #### /auth/login
77 |
78 | Create a zone
79 |
80 | Methods: POST Returns: API Key
81 |
82 | Request Body:
83 |
84 | | POST Field | Type | Description |
85 | | ---------- | ------ | ----------- |
86 | | username | string | Username |
87 | | password | string | Password |
88 |
89 | #### /zones/add
90 |
91 | Create a zone
92 |
93 | Methods: POST
94 |
95 | Request Body:
96 |
97 | | POST Field | Type | Description |
98 | | ---------- | ------ | ----------------------------------------------------------------------------- |
99 | | zone | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
100 |
101 | #### /zones/list
102 |
103 | Create a zone
104 |
105 | Methods: GET
106 |
107 | ##### /zone/[ZONE]/delete
108 |
109 | Delete a zone
110 |
111 | Methods: POST
112 |
113 | | URL Field | Type | Description |
114 | | --------- | ------ | ----------------------------------------------------------------------------- |
115 | | zone | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
116 |
117 | ##### /zone/[ZONE]/add
118 |
119 | Add a record to zone
120 |
121 | Methods: POST
122 |
123 | Request Body:
124 |
125 | | POST Field | Type | Description |
126 | | ------------------ | ---------- | ------------------------------------------------------------------------------------- |
127 | | ttl | int | Record TTL (Time To Live) |
128 | | label | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
129 | | type | string | DNS record type (Supported values are A, AAAA, MX, SRV, TXT, [PTR for reverse zones]) |
130 | | value | string | Value of record (IP address, name, etc) |
131 | | additional options | string/int | additional options for specific zone type |
132 |
133 | ##### /zone/[ZONE]/records
134 |
135 | Get records
136 |
137 | Methods: GET
138 |
139 | | URL Field | Type | Description |
140 | | --------- | ------ | ----------------------------------------------------------------------------- |
141 | | zone | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
142 |
143 | ##### /zone/[ZONE]/delete_record/[INDEX]
144 |
145 | Delete a record
146 |
147 | Methods: POST
148 |
149 | Request Body:
150 |
151 | | URL Field | Type | Description |
152 | | --------- | ------ | ----------------------------------------------------------------------------- |
153 | | zone | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
154 | | index | int | Index of the record (To retrieve records, see `/records/list`) |
155 |
156 |
157 |
7 |
8 | #
Docs / Caching Proxy
9 |
10 |
11 |
12 | The PacketFrame caching proxy puts the PacketFrame network in front of your origin webserver to increase performance and security.
13 |
14 | Proxied records can be added though the dashboard by clicking the "Add Record" button and enabling the proxy by clicking the cloud icon.
15 |
16 | Once a proxied record is enabled, PacketFrame will request an SSL certificate from [LetsEncrypt](https://letsencrypt.org/) and configure the proxy. Origin pulls will come from unicast source IPs of the caching network.
17 |
18 | Backend errors (HTTP 500, 502, 503, 504) will be caught by the caching servers and a generic error page will be shown.
19 |
20 | ### ACL Configuration
21 |
22 | Every domain that has a proxied record must have at least one user with an ACL configured. IP blocks in the ACL are permitted to send the `PURGE` HTTP request method to any route under domains that user controls to purge the cache of that object. The ACL can be configured on a per-user basis by clicking the settings gear icon in the dashboard and adding the address in CIDR notation.
23 |
24 |
7 |
8 | #
Docs / CLI
9 |
10 |
11 |
12 | For users that prefer a CLI option, there's a `pfctl` tool that can wraps the API in a simple command line interface.
13 |
14 | The latest version of `pfctl` can be found on GitHub (https://raw.githubusercontent.com/packetframe/cdn/main/util/pfctl.py)
15 |
16 |
7 |
8 | #
Docs / Dashboard
9 |
10 |
11 |
12 |
Dashboard
13 | The PacketFrame dashboard implements all the functionality of PacketFrame through the API. Records can be added though the dashboard by clicking the "Add Record" button. Each record type has specific required attributes which will be displayed as input fields after selecting the record type from the dropdown.
14 |
15 |
Adding Zones
16 | To add a zone, log in and click the "Add Zone" button located near the top right corner of the page, and entering your domain name. PacketFrame supports reverse zones as well, which can be added by specifying the IP address block in CIDR notation.
17 |
18 |
Record Management
19 | The dashboard implements all the functionality of PacketFrame through the API. Records can be added though the dashboard by clicking the "Add Record" button. Each record type has specific required attributes which will be displayed as input fields after selecting the record type from the dropdown.
20 |
21 |
Node Pinning
22 | DNS records are propagated to every edge node by default. You can control which nodes have an individual record with Node Pinning. By clicking the location icon when adding a record, you can choose which nodes that the record will be served from.
23 |
24 |
7 |
8 | #
Docs / Embedded Cache Appliance
9 |
10 |
11 |
12 | The Edge Cache Appliance (ECA) program brings PacketFrame content as close to your users as possible by deploying an anycast node directly in your network. ECAs are designed to run in a wide variety of environments, even those behind firewalls with limited external access. Requests are evaluated on a case-by-case basis and involve specific technical and policy requirements. Depending on the scenario, ECAs are available as dedicated hardware as well as VM images. Networks that wish to have PacketFrame content with the lowest possible latency can opt to host an EOS server for the full DNS or HTTP(S) traffic. EOS are fully managed by PacketFrame and can be run on a VM or dedicated server. EOS nodes to the host network via BGP and announce routes based on instructions from the PacketFrame control plane.
13 |
7 |
8 | #
Docs / Privacy Policy
9 |
10 |
11 |
12 | Last updated January 3, 2021
13 |
14 | Webserver logs are stored for **7 days** (or less if the log file gets too big) and are in the [Common Log Format](https://en.wikipedia.org/wiki/Common_Log_Format).
15 |
16 | We also use a self hosted instance of [Plausible](https://github.com/plausible/analytics) for analytics of the `packetframe.com` site.
17 |
18 | Anonymized counters from all DNS queries are stored for 360 days (or until they get too big). We use https://github.com/prometheus-community/bind_exporter if you would like to see the full list of metrics, but in short these logs include numbers only so nothing that's able to identify any particular user.
19 |
20 | Nothing else is *ever* logged other than what is listed above.
21 |
11 |
12 | #
Docs / Security
13 |
14 |
15 |
16 | Hackers are welcome! If you're interested in testing PacketFrame for vulns, please follow the rules below. When in doubt, ask!
17 |
18 | Scope: Source code at https://github.com/packetframe/cdn
19 |
20 | Security vulnerabilities should be reported to
, for general bugs feel free to file an issue at https://github.com/packetframe/cdn/issues
21 |
22 | Don't test in production! Download the source at https://github.com/packetframe/cdn and spin up a local instance of the CDN. If there's something you want to try on the production network, let me know first and we can work something out.
23 |
24 |
5 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
Fosshost
17 |
The fosshost project is a non-profit organisation that exists to serve the hosting needs of the global open source community.
18 |
19 |
20 |
21 |
22 |
23 |
Heficed
24 |
Heficed provides full-range infrastructure services. Heficed serves around 60 multi-billion industries starting from hosting to automotive or healthcare. With more than a decade of industry experience and operations globally, Heficed can meet any demand needs.
25 |
26 |
27 |
28 |
29 |
30 |
Terrahost
31 |
Our vision is to offer solutions of high quality at an affordable price. Our services are delivered from our own datacenter in Sandefjord. In that way we can ensure high stability and safety. We work around the clock to give you the best price and service on the market.
32 |
33 |
34 |
35 |
36 |
37 |
HostUS
38 |
We offer cPanel Web Hosting, Reseller Hosting, OpenVZ VPS, KVM VPS and Managed VPS in 10 datacenter locations across 4 continents. All backed by our amazing 24/7 support team.
39 |
40 |
41 |
42 |
43 |
44 |
Mythic Beasts
45 |
Mythic Beasts is a privately owned hosting ISP with a focus on a no-nonsense service backed by excellent technical support.
46 |
47 |
48 |
49 |
50 |
51 |
Combahton
52 |
We offer highly available dedicated servers, colocation, DDoS protection and managed services
53 | based on fail-safe and certified infrastructure in Germany. We are also your reliable partner for server and network management.
54 |
55 |
56 |
57 |
58 |
59 |
iFog
60 |
iFog GmbH offers IT services. This includes Web Hosting, vServers, IXP Access as well as IP Transit and LIR Services.
61 |
62 |
63 |
64 |
65 |
66 |
VPS66
67 |
Virtual Private Servers and Colocation in the ♥ of Frankfurt am Main, Germany.
68 |
69 |
70 |
71 |
72 |
73 |
SpartanHost
74 |
The main goal of the company has always been to provide the best possible service and product at a price that is good value for money. We will continue to strive to meet this goal in the future as we expand our services and locations.
75 |
76 |
77 |
78 |
79 |
80 |
Garanntor
81 |
Garanntor is a privately owned company hosting and infrastructure-as-a-service company. Since our founding in 2016, Garanntor has continually innovated new ways to deliver on our mission: Making it Easy So You Can Focus on Growing Your Business. Based in Lagos, Nigeria. we pride ourselves in providing high quality services and support for each and every one of our clients.
82 |
83 |
84 |
85 |
86 |
87 |
XenSpec
88 |
Chicago based VPS and Web Hosting provider. Offering custom infrastructure solutions with exceptional support
89 |
90 |
91 |
92 |
93 |
94 |
Hivane
95 |
Hivane offers DNS / MX / WWW services to non-for-profit projects. Check out https://www.hivane.net/ for more information.
96 |
97 |
98 |
99 |
100 |
101 |
Misaka Network
102 |
Superb cloud infrastructure with low latency. All our services are carefully designed to provide high performance, reliable and scalable at a reasonably price.
103 |
104 |
105 |
106 |
107 |
108 |
Virtua Systems
109 |
Virtua.Cloud is a cloud hosting company, providing affordable Linux VPS and Windows VPS in Europe with instant setup and hourly billing.
110 |
111 |
112 |
113 |
114 |
115 |
BrowserStack
116 |
BrowserStack is a cloud web and mobile testing platform that provides developers the ability to test their websites and mobile applications across on-demand browsers, operating systems, and real mobile devices. They have four primary products- Live, App Live, Automate, and App Automate
117 |
118 |
119 |
120 |
121 |
122 |
Sauce Labs
123 |
Continuous testing is a key enabler of digital confidence—the knowledge that you’re delivering the best possible user experience to your customers. Digitally confident organizations know that their web and mobile applications look, function and perform exactly as intended, every single time they’re used. That’s the value of Sauce Labs.
124 |
125 |
126 |
127 |
128 |
129 |
GINERNET
130 |
Hosting powerful servers in Spain. Service stability, high availability network and priority technical support.
131 |
132 |
133 |
134 |
136 |
137 |
197 |
--------------------------------------------------------------------------------
/frontend/src/pages/Dashboard.svelte:
--------------------------------------------------------------------------------
1 |
170 |
171 |
172 |
196 |
197 | {#if showAdmin && $IsAdmin}
198 |
199 |
200 |
202 |
203 |
205 |
212 | refreshAllZones()}>Refresh all zones
213 | clearQueue()}>Clear queue
214 | refreshCache()}>Refresh cache
215 | showQueueStats()}>Queue Stats
216 | addNode()}>Add Node
217 | {showUserTable = !showUserTable}}>Toggle user table
218 | showSystemStats()}>System Stats
219 | updateCollectorMonitoring()}>Update Collector/Monitoring
220 |
221 | {/if}
222 |
223 | {#if showSettings}
224 |
229 | {:else}
230 | {#if no_zones}
231 | No zones
232 | {:else}
233 | Loading...
234 | {/if}
235 | {/if}
236 |
237 |
238 |
239 |
284 |
--------------------------------------------------------------------------------
/frontend/src/pages/Docs.svelte:
--------------------------------------------------------------------------------
1 |
2 |
3 |
Docs
4 |
5 |
Pages
8 |
9 |
18 |
19 |
20 |
39 |
--------------------------------------------------------------------------------
/frontend/src/pages/Index.svelte:
--------------------------------------------------------------------------------
1 |
21 |
22 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
Packetframe
33 |
Welcome to Packetframe, the Open Source CDN for technology enthusiasts. The platform is currently in private beta, contact
34 |
window.location.hash = "#/dashboard"} size="1.2rem">Get Started
35 |
36 |
37 |
39 |
40 |
41 |
42 |
43 |
44 |
Built for Developers
45 |
Packetframe was built with developers in mind. With the Packetframe CDN, the only thing kept private is your data and keys to the infrastructure. Everything else is open and accessible. All functionality of the platform is exposed via the API and the entire codebase is open source .
46 |
47 |
48 |
49 |
61 |
62 |
63 |
64 |
Globally Distributed
65 |
There are currently 41 PoPs across 38 cities and with a presence in all 6 consumer-inhabited continents. (If you know of a datacenter in Antarctica, let me know!)
66 |
67 |
68 |
69 |
70 |
71 |
72 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
Community Centric
91 |
While the code is written by one person (me! ), the open source community plays a huge role in the CDN infrastructure. Special thanks to fosshost for their support and partnership in the project. Want to get involved? Feel free to send an email to Libera.Chat and ask away!
92 |
93 |
94 |
95 |
96 |
98 |
99 |
215 |
216 |
217 |
--------------------------------------------------------------------------------
/frontend/src/pages/Login.svelte:
--------------------------------------------------------------------------------
1 |
4 |
5 |
7 |
--------------------------------------------------------------------------------
/frontend/src/pages/NotFound.svelte:
--------------------------------------------------------------------------------
1 |
2 | Error 404
3 | Not Found
4 |
21 |
22 |
23 |
70 |
--------------------------------------------------------------------------------
/frontend/src/pages/Signup.svelte:
--------------------------------------------------------------------------------
1 |
4 |
5 |
--------------------------------------------------------------------------------
/frontend/src/stores.js:
--------------------------------------------------------------------------------
1 | import {writable} from "svelte/store";
2 |
3 | export const SnackBars = writable({});
4 | export let IsAdmin = writable(false);
5 | export let Debug = writable(true);
6 | export let API = writable("https://packetframe.com/api/");
7 |
--------------------------------------------------------------------------------
/frontend/src/utils.js:
--------------------------------------------------------------------------------
1 | import {SnackBars, Debug} from "./stores";
2 |
3 | export function addSnackbar(status, message, color, timeout) {
4 | let id = Math.random().toString(36).replace(/[^a-z]+/g, '').substr(0, 5);
5 | SnackBars.update(sb => {sb[id] = {status, message, color, timeout}; return sb})
6 | }
7 |
8 | export function log(message) {
9 | if (Debug) {
10 | console.log(message)
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/util/pfctl.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python3
2 | """Usage:
3 | pfctl account [login|logout]
4 | pfctl records [add]
5 | pfctl records delete
6 | pfctl zones list
7 | """
8 |
9 | from os import makedirs
10 | from os.path import exists
11 | from pathlib import Path
12 | from shutil import rmtree
13 |
14 | import requests
15 | from PyInquirer import style_from_dict, prompt, Token
16 | from docopt import docopt
17 | from rich import box
18 | from rich.console import Console
19 | from rich.table import Table
20 | from rich.traceback import install
21 |
22 | # Register rich traceback hook
23 | install()
24 |
25 | args = docopt(__doc__)
26 |
27 | console = Console()
28 |
29 | PARENT_ENDPOINT = "https://packetframe.com/api/"
30 | config_path = str(Path.home()) + "/.config/packetframe/"
31 |
32 | PYINQUIRER_STYLE = style_from_dict({
33 | Token.Separator: "#6C6C6C",
34 | Token.QuestionMark: "#FFF",
35 | Token.Selected: "#dd00ff",
36 | Token.Pointer: "#FFF",
37 | Token.Instruction: "",
38 | Token.Answer: "#dd00ff",
39 | Token.Question: "",
40 | })
41 |
42 | # Set API key if not trying to lotg in
43 | if args and not args["login"]:
44 | try:
45 | with open(config_path + "key", "r") as api_key_file:
46 | API_KEY = api_key_file.read()
47 | except FileNotFoundError:
48 | console.print(":x: Account not found: run [dim]pfctl login[/] to log into your account")
49 | exit(1)
50 | else:
51 | API_KEY = ""
52 |
53 |
54 | # Request helper
55 |
56 |
57 | def _request(message, route, method, body=None):
58 | with console.status(f"[bold green]{message}..."):
59 | r = requests.request(method, PARENT_ENDPOINT + route, json=body, headers={"X-API-Key": API_KEY})
60 | if r.status_code != 200:
61 | console.log(
62 | f"[bold red]ERROR (request)[reset] code {r.status_code} body {r.text}")
63 | exit(1)
64 | elif not r.json()["success"]:
65 | console.log(f"[bold red]ERROR (api)[reset] {r.json()['message']}")
66 | exit(1)
67 | return r.json()["message"]
68 |
69 |
70 | def list_zones():
71 | table = Table(
72 | title="Zones List",
73 | show_header=True,
74 | show_edge=False,
75 | expand=False,
76 | row_styles=["none", "dim"],
77 | box=box.SIMPLE
78 | )
79 |
80 | table.add_column("Zone", style="cyan")
81 | table.add_column("Records", style="magenta")
82 | table.add_column("Users", style="green")
83 |
84 | for zone in _request("Getting zones", "zones/list", "GET"):
85 | table.add_row(zone["zone"], str(
86 | len(zone["records"])), str(len(zone["users"])))
87 |
88 | console.print(table)
89 |
90 |
91 | def list_records(zone: str):
92 | table = Table(
93 | title=f"Records for {zone}",
94 | show_header=True,
95 | show_edge=False,
96 | expand=False,
97 | row_styles=["none", "dim"],
98 | box=box.SIMPLE
99 | )
100 |
101 | table.add_column("Label", style="cyan")
102 | table.add_column("Index", style="magenta")
103 | table.add_column("TTL", style="magenta")
104 | table.add_column("Type", style="magenta")
105 | table.add_column("Value", style="green")
106 |
107 | for index, record in enumerate(_request(f"Getting records for {zone}", f"zone/{zone}/records", "GET")):
108 | table.add_row(record["label"], str(index), record["type"], str(record["ttl"]), record["value"])
109 |
110 | console.print(table)
111 |
112 |
113 | def add_record(zone):
114 | console.print(f"[underline]Add a new record to {zone}")
115 | record = prompt([
116 | {
117 | "type": "input",
118 | "name": "label",
119 | "message": "Label",
120 | },
121 | {
122 | "type": "list",
123 | "name": "type",
124 | "message": "Type",
125 | "choices": ["A", "AAAA", "TXT", "MX", "CNAME", "PTR"]
126 | },
127 | {
128 | "type": "input",
129 | "name": "ttl",
130 | "message": "TTL",
131 | "default": "86400"
132 | },
133 | {
134 | "type": "input",
135 | "name": "value",
136 | "message": "Value",
137 | },
138 | {
139 | "type": "confirm",
140 | "name": "proxied",
141 | "message": "Proxied"
142 | }
143 | ], style=PYINQUIRER_STYLE)
144 |
145 | if record:
146 | # Add domain suffix
147 | if not record["label"].endswith(zone):
148 | record["label"] += "." + zone + "."
149 |
150 | # Cast TTL to an int
151 | record["ttl"] = int(record["ttl"])
152 |
153 | r = _request(f"Adding record {record['label']}", f"zone/{zone}/add", "POST", record)
154 | print(r)
155 |
156 | else:
157 | console.print("Exited")
158 |
159 |
160 | def delete_record(zone, index):
161 | print(_request("Deleting record", f"zone/{zone}/delete_record/{index}", "POST"))
162 |
163 |
164 | def login():
165 | console.print("[underline]PacketFrame Login")
166 | account = prompt([
167 | {
168 | "type": "input",
169 | "name": "username",
170 | "message": "Email:",
171 | },
172 | {
173 | "type": "password",
174 | "message": "Password:",
175 | "name": "password"
176 | }
177 | ], style=PYINQUIRER_STYLE)
178 |
179 | if account:
180 | r = _request(f"Logging in as {account['username']}", "auth/login", "POST", account)
181 | console.print("[bold green]Login successful")
182 | if not exists(config_path):
183 | makedirs(config_path)
184 | with open(config_path + "key", "w") as api_key_file:
185 | api_key_file.write(r)
186 | with open(config_path + "email", "w") as email_file:
187 | email_file.write(account["username"])
188 |
189 |
190 | def account():
191 | with open(config_path + "email", "r") as email_file:
192 | console.print(f":lock: Logged in as [underline]{email_file.read()}")
193 |
194 |
195 | def logout():
196 | rmtree(config_path)
197 | console.print("Logout complete")
198 |
199 |
200 | # Main
201 | if args["login"]:
202 | login()
203 | elif args["logout"]:
204 | logout()
205 | elif args["account"] and not args["login"]:
206 | account()
207 | elif args["zones"] and args["list"]:
208 | list_zones()
209 | elif args["records"] and not args["add"] and not args["delete"]:
210 | list_records(args[""])
211 | elif args["records"] and args["add"]:
212 | add_record(args[""])
213 | elif args["records"] and args["delete"]:
214 | delete_record(args[""], args[""])
215 |
--------------------------------------------------------------------------------
/util/requirements.txt:
--------------------------------------------------------------------------------
1 | PyInquirer~=1.0.3
2 | requests~=2.24.0
3 | docopt~=0.6.2
4 | rich~=9.5.1
--------------------------------------------------------------------------------
3 | 
5 | 
6 | 
38 | 
12 |
13 | PacketFrame's API exposes all functionality of the platform via a RESTful programmatic interface.
14 |
15 | All API routes are under `https://packetframe.com/api/`
16 |
17 | Authenticated routes require the `X-API-Key` request header to be set to your API key.
18 |
19 | ## Routes
20 |
21 | | Endpoint | Methods | Usage |
22 | | ---------------------------------- | -------- | -------------------------------------------------- |
23 | | /auth/signup | POST | Create an account |
24 | | /auth/login | POST | Get your API token |
25 | | /zones/add | POST | Add a zone |
26 | | /zones/list | GET | Get all zones under your account |
27 | | /zone/[ZONE]/delete | POST | Remove [ZONE] |
28 | | /zone/[ZONE]/add | POST | Add a record to [ZONE] |
29 | | /zone/[ZONE/records | GET | Get records for [ZONE] |
30 | | /zone/[ZONE/users | GET | Get users for [ZONE] |
31 | | /zone/[ZONE]/delete_record/[INDEX] | POST | Delete record at [INDEX] from [ZONE] |
32 | | /zone/[ZONE]/export | GET | Download RFC 1035 zone file for [ZONE] |
33 | | /admin | GET | Check if the authenticated user is an admin or not |
34 | | /user/acl | GET, PUT | Get or append to a user IP ACL |
35 | | /user/change_password | POST | Change a user's password |
36 | | /counters | GET | Get node and location counters |
37 | | /nodes/geoloc | GET | Get node locations |
38 |
39 | ## Admin Routes
40 |
41 | | Endpoint | Methods | Usage |
42 | | ------------------- | ------- | --------------------------------------------- |
43 | | /nodes/add | POST | Add a DNS node |
44 | | /nodes/list | GET | Get all DNS node |
45 | | /nodes/power | POST | Enable or disable the node's BGP daemon |
46 | | /stats | GET | Get system stats counters (nodes/zones/users) |
47 | | /users | GET | Get all users |
48 | | /user/[USER]/toggle | POST | Toggle [USER]'s enabled state |
49 |
50 | ## Debug Routes
51 |
52 | | Endpoint | Methods | Usage |
53 | | ---------------------------------- | ------- | ----------------------------------------- |
54 | | /debug/refresh_zones | GET | Refresh all zones |
55 | | /debug/clear_queue | GET | Clear opqueue |
56 | | /debug/queue_status | GET | Get number of running and ready tasks |
57 | | /debug/refresh_cache | GET | Refresh cache's varnish and caddy configs |
58 | | /debug/update_collector_monitoring | GET | Update route collector and prometheus configs |
59 | | /debug/healthcheck | GET | Run network-wide node healthcheck |
60 |
61 | ### Route Specifics
62 |
63 | #### /auth/signup
64 |
65 | Create a zone
66 |
67 | Methods: POST
68 |
69 | Request Body:
70 |
71 | | POST Field | Type | Description |
72 | | ---------- | ------ | ----------- |
73 | | username | string | Username |
74 | | password | string | Password |
75 |
76 | #### /auth/login
77 |
78 | Create a zone
79 |
80 | Methods: POST Returns: API Key
81 |
82 | Request Body:
83 |
84 | | POST Field | Type | Description |
85 | | ---------- | ------ | ----------- |
86 | | username | string | Username |
87 | | password | string | Password |
88 |
89 | #### /zones/add
90 |
91 | Create a zone
92 |
93 | Methods: POST
94 |
95 | Request Body:
96 |
97 | | POST Field | Type | Description |
98 | | ---------- | ------ | ----------------------------------------------------------------------------- |
99 | | zone | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
100 |
101 | #### /zones/list
102 |
103 | Create a zone
104 |
105 | Methods: GET
106 |
107 | ##### /zone/[ZONE]/delete
108 |
109 | Delete a zone
110 |
111 | Methods: POST
112 |
113 | | URL Field | Type | Description |
114 | | --------- | ------ | ----------------------------------------------------------------------------- |
115 | | zone | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
116 |
117 | ##### /zone/[ZONE]/add
118 |
119 | Add a record to zone
120 |
121 | Methods: POST
122 |
123 | Request Body:
124 |
125 | | POST Field | Type | Description |
126 | | ------------------ | ---------- | ------------------------------------------------------------------------------------- |
127 | | ttl | int | Record TTL (Time To Live) |
128 | | label | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
129 | | type | string | DNS record type (Supported values are A, AAAA, MX, SRV, TXT, [PTR for reverse zones]) |
130 | | value | string | Value of record (IP address, name, etc) |
131 | | additional options | string/int | additional options for specific zone type |
132 |
133 | ##### /zone/[ZONE]/records
134 |
135 | Get records
136 |
137 | Methods: GET
138 |
139 | | URL Field | Type | Description |
140 | | --------- | ------ | ----------------------------------------------------------------------------- |
141 | | zone | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
142 |
143 | ##### /zone/[ZONE]/delete_record/[INDEX]
144 |
145 | Delete a record
146 |
147 | Methods: POST
148 |
149 | Request Body:
150 |
151 | | URL Field | Type | Description |
152 | | --------- | ------ | ----------------------------------------------------------------------------- |
153 | | zone | string | RFC 1035 DNS label of the zone (e.g. `example.com` or `2.0.192.in-addr.arpa`) |
154 | | index | int | Index of the record (To retrieve records, see `/records/list`) |
155 |
156 | 
11 |
12 | The PacketFrame caching proxy puts the PacketFrame network in front of your origin webserver to increase performance and security.
13 |
14 | Proxied records can be added though the dashboard by clicking the "Add Record" button and enabling the proxy by clicking the cloud icon.
15 |
16 | Once a proxied record is enabled, PacketFrame will request an SSL certificate from [LetsEncrypt](https://letsencrypt.org/) and configure the proxy. Origin pulls will come from unicast source IPs of the caching network.
17 |
18 | Backend errors (HTTP 500, 502, 503, 504) will be caught by the caching servers and a generic error page will be shown.
19 |
20 | ### ACL Configuration
21 |
22 | Every domain that has a proxied record must have at least one user with an ACL configured. IP blocks in the ACL are permitted to send the `PURGE` HTTP request method to any route under domains that user controls to purge the cache of that object. The ACL can be configured on a per-user basis by clicking the settings gear icon in the dashboard and adding the address in CIDR notation.
23 |
24 | 
11 |
12 | For users that prefer a CLI option, there's a `pfctl` tool that can wraps the API in a simple command line interface.
13 |
14 | The latest version of `pfctl` can be found on GitHub (https://raw.githubusercontent.com/packetframe/cdn/main/util/pfctl.py)
15 |
16 | 
11 |
12 | 
11 |
12 | The Edge Cache Appliance (ECA) program brings PacketFrame content as close to your users as possible by deploying an anycast node directly in your network. ECAs are designed to run in a wide variety of environments, even those behind firewalls with limited external access. Requests are evaluated on a case-by-case basis and involve specific technical and policy requirements. Depending on the scenario, ECAs are available as dedicated hardware as well as VM images. Networks that wish to have PacketFrame content with the lowest possible latency can opt to host an EOS server for the full DNS or HTTP(S) traffic. EOS are fully managed by PacketFrame and can be run on a VM or dedicated server. EOS nodes to the host network via BGP and announce routes based on instructions from the PacketFrame control plane.
13 | 
11 |
12 | Last updated January 3, 2021
13 |
14 | Webserver logs are stored for **7 days** (or less if the log file gets too big) and are in the [Common Log Format](https://en.wikipedia.org/wiki/Common_Log_Format).
15 |
16 | We also use a self hosted instance of [Plausible](https://github.com/plausible/analytics) for analytics of the `packetframe.com` site.
17 |
18 | Anonymized counters from all DNS queries are stored for 360 days (or until they get too big). We use https://github.com/prometheus-community/bind_exporter if you would like to see the full list of metrics, but in short these logs include numbers only so nothing that's able to identify any particular user.
19 |
20 | Nothing else is *ever* logged other than what is listed above.
21 | 
15 |
16 | Hackers are welcome! If you're interested in testing PacketFrame for vulns, please follow the rules below. When in doubt, ask!
17 |
18 | Scope: Source code at https://github.com/packetframe/cdn
19 |
20 | Security vulnerabilities should be reported to 
8 | 
5 | 
31 |
32 | 
42 | 
69 | 
88 | 
7 | 
10 | 
18 |