mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-29 13:38:26 +00:00
log RPZ type and class
This commit is contained in:
Mark Andrews
parent
a13a0a2beb
commit
28442f11f0
@ -413,15 +413,15 @@ for mode in native dnsrps; do
|
||||
$DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.4 > dig.out.${t}
|
||||
$DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.3 >> dig.out.${t}
|
||||
$DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.2 >> dig.out.${t}
|
||||
sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0 via 32.4.0.53.10.rpz-client-ip.log1" > /dev/null && {
|
||||
sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.4.0.53.10.rpz-client-ip.log1" > /dev/null && {
|
||||
echo_i " failed: unexpected rewrite message for policy zone log1 was logged"
|
||||
status=1
|
||||
}
|
||||
sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0 via 32.3.0.53.10.rpz-client-ip.log2" > /dev/null || {
|
||||
sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.3.0.53.10.rpz-client-ip.log2" > /dev/null || {
|
||||
echo_i " failed: expected rewrite message for policy zone log2 was not logged"
|
||||
status=1
|
||||
}
|
||||
sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0 via 32.2.0.53.10.rpz-client-ip.log3" > /dev/null || {
|
||||
sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.2.0.53.10.rpz-client-ip.log3" > /dev/null || {
|
||||
echo_i " failed: expected rewrite message for policy zone log3 was not logged"
|
||||
status=1
|
||||
}
|
||||
|
||||
@ -1301,12 +1301,15 @@ rpz_log_rewrite(ns_client_t *client, bool disabled,
|
||||
dns_zone_t *p_zone, dns_name_t *p_name,
|
||||
dns_name_t *cname, dns_rpz_num_t rpz_num)
|
||||
{
|
||||
isc_stats_t *zonestats;
|
||||
char qname_buf[DNS_NAME_FORMATSIZE];
|
||||
char p_name_buf[DNS_NAME_FORMATSIZE];
|
||||
char cname_buf[DNS_NAME_FORMATSIZE] = { 0 };
|
||||
char p_name_buf[DNS_NAME_FORMATSIZE];
|
||||
char qname_buf[DNS_NAME_FORMATSIZE];
|
||||
char classname[DNS_RDATACLASS_FORMATSIZE];
|
||||
char typename[DNS_RDATATYPE_FORMATSIZE];
|
||||
const char *s1 = cname_buf, *s2 = cname_buf;
|
||||
dns_rdataset_t *rdataset;
|
||||
dns_rpz_st_t *st;
|
||||
isc_stats_t *zonestats;
|
||||
|
||||
/*
|
||||
* Count enabled rewrites in the global counter.
|
||||
@ -1338,11 +1341,22 @@ rpz_log_rewrite(ns_client_t *client, bool disabled,
|
||||
s2 = ")";
|
||||
}
|
||||
|
||||
/*
|
||||
* Log Qclass and Qtype in addition to existing
|
||||
* fields.
|
||||
*/
|
||||
rdataset = ISC_LIST_HEAD(client->query.origqname->list);
|
||||
INSIST(rdataset != NULL);
|
||||
dns_rdataclass_format(rdataset->rdclass, classname, sizeof(classname));
|
||||
dns_rdatatype_format(rdataset->type, typename, sizeof(typename));
|
||||
|
||||
ns_client_log(client, DNS_LOGCATEGORY_RPZ, NS_LOGMODULE_QUERY,
|
||||
DNS_RPZ_INFO_LEVEL, "%srpz %s %s rewrite %s via %s%s%s%s",
|
||||
DNS_RPZ_INFO_LEVEL,
|
||||
"%srpz %s %s rewrite %s/%s/%s via %s%s%s%s",
|
||||
disabled ? "disabled " : "",
|
||||
dns_rpz_type2str(type), dns_rpz_policy2str(policy),
|
||||
qname_buf, p_name_buf, s1, cname_buf, s2);
|
||||
qname_buf, typename, classname,
|
||||
p_name_buf, s1, cname_buf, s2);
|
||||
}
|
||||
|
||||
static void
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user