]>
Commit | Line | Data |
---|---|---|
12471842 | 1 | /* |
d47fca73 | 2 | * This file describes the message format used by the protobuf logging feature in PowerDNS and dnsdist. |
12471842 | 3 | * |
d47fca73 KW |
4 | * Written by PowerDNS.COM B.V. and its contributors. |
5 | * | |
6 | * To the extent possible under law, the author(s) have dedicated all | |
7 | * copyright and related and neighboring rights to this file to the public | |
8 | * domain worldwide. This file is distributed without any warranty. | |
12471842 | 9 | * |
d47fca73 KW |
10 | * You should have received a copy of the CC0 Public Domain Dedication along |
11 | * with this file. If not, see: | |
12471842 | 12 | * |
d47fca73 | 13 | * <http://creativecommons.org/publicdomain/zero/1.0/>. |
12471842 | 14 | */ |
2e14d4bb RG |
15 | syntax = "proto2"; |
16 | ||
d8c19b98 RG |
17 | message PBDNSMessage { |
18 | enum Type { | |
19 | DNSQueryType = 1; | |
20 | DNSResponseType = 2; | |
4898a348 RG |
21 | DNSOutgoingQueryType = 3; |
22 | DNSIncomingResponseType = 4; | |
d8c19b98 RG |
23 | } |
24 | enum SocketFamily { | |
0caa1aa8 RG |
25 | INET = 1; // IPv4 (RFC 791) |
26 | INET6 = 2; // IPv6 (RFC 2460) | |
d8c19b98 RG |
27 | } |
28 | enum SocketProtocol { | |
0caa1aa8 RG |
29 | UDP = 1; // User Datagram Protocol (RFC 768) |
30 | TCP = 2; // Transmission Control Protocol (RFC 793) | |
d8c19b98 | 31 | } |
f3da83fe RG |
32 | enum PolicyType { |
33 | UNKNOWN = 1; // No policy applied, or unknown type | |
34 | QNAME = 2; // Policy matched on the QName | |
35 | CLIENTIP = 3; // Policy matched on the client IP | |
36 | RESPONSEIP = 4; // Policy matched on one of the IPs contained in the answer | |
37 | NSDNAME = 5; // Policy matched on the name of one nameserver involved | |
38 | NSIP = 6; // Policy matched on the IP of one nameserver involved | |
39 | } | |
12152c8c ND |
40 | enum PolicyKind { |
41 | NoAction = 1; // No action taken | |
42 | Drop = 2; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.4 | |
43 | NXDOMAIN = 3; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.1 | |
44 | NODATA = 4; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.2 | |
45 | Truncate= 5; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.5 | |
46 | Custom = 6; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.6 | |
47 | } | |
2e627150 O |
48 | enum VState { |
49 | Indeterminate = 1; | |
50 | Insecure = 2; | |
51 | Secure = 3; | |
52 | NTA = 4; | |
53 | TA = 5; | |
54 | BogusNoValidDNSKEY = 6; | |
55 | BogusInvalidDenial = 7; | |
56 | BogusUnableToGetDSs = 8; | |
57 | BogusUnableToGetDNSKEYs = 9; | |
58 | BogusSelfSignedDS = 10; | |
59 | BogusNoRRSIG = 11; | |
60 | BogusNoValidRRSIG = 12; | |
61 | BogusMissingNegativeIndication = 13; | |
62 | BogusSignatureNotYetValid = 14; | |
63 | BogusSignatureExpired = 15; | |
64 | BogusUnsupportedDNSKEYAlgo = 16; | |
65 | BogusUnsupportedDSDigestType = 17; | |
66 | BogusNoZoneKeyBitSet = 18; | |
67 | BogusRevokedDNSKEY = 19; | |
68 | BogusInvalidDNSKEYProtocol = 20; | |
69 | } | |
d8c19b98 | 70 | required Type type = 1; |
0caa1aa8 | 71 | optional bytes messageId = 2; // UUID, shared by the query and the response |
c165308b | 72 | optional bytes serverIdentity = 3; // ID of the server emitting the protobuf message |
d8c19b98 RG |
73 | optional SocketFamily socketFamily = 4; |
74 | optional SocketProtocol socketProtocol = 5; | |
0caa1aa8 RG |
75 | optional bytes from = 6; // DNS requestor (client) |
76 | optional bytes to = 7; // DNS responder (server) | |
77 | optional uint64 inBytes = 8; // Size of the query or response on the wire | |
78 | optional uint32 timeSec = 9; // Time of message reception (seconds since epoch) | |
79 | optional uint32 timeUsec = 10; // Time of message reception (additional micro-seconds) | |
80 | optional uint32 id = 11; // ID of the query/response as found in the DNS header | |
d8c19b98 RG |
81 | |
82 | message DNSQuestion { | |
83 | optional string qName = 1; | |
84 | optional uint32 qType = 2; | |
85 | optional uint32 qClass = 3; | |
86 | } | |
87 | optional DNSQuestion question = 12; | |
88 | ||
89 | message DNSResponse { | |
90 | message DNSRR { | |
91 | optional string name = 1; | |
92 | optional uint32 type = 2; | |
93 | optional uint32 class = 3; | |
94 | optional uint32 ttl = 4; | |
95 | optional bytes rdata = 5; | |
d6399006 | 96 | optional bool udr = 6; // True if this is the first time this RR has been seen for this question |
aa7929a3 | 97 | } |
57f8413e | 98 | optional uint32 rcode = 1; // DNS Response code, or 65536 for a network error including a timeout |
d8c19b98 | 99 | repeated DNSRR rrs = 2; |
0caa1aa8 RG |
100 | optional string appliedPolicy = 3; // Filtering policy (RPZ or Lua) applied |
101 | repeated string tags = 4; // Additional tags | |
102 | optional uint32 queryTimeSec = 5; // Time of the corresponding query reception (seconds since epoch) | |
103 | optional uint32 queryTimeUsec = 6; // Time of the corresponding query reception (additional micro-seconds) | |
f3da83fe | 104 | optional PolicyType appliedPolicyType = 7; // Type of the filtering policy (RPZ or Lua) applied |
b5892cfa | 105 | optional string appliedPolicyTrigger = 8; // The RPZ trigger |
7f60444b | 106 | optional string appliedPolicyHit = 9; // The value (qname or IP) that caused the hit |
12152c8c | 107 | optional PolicyKind appliedPolicyKind = 10; // The Kind (RPZ action) applied by the hit |
2e627150 | 108 | optional VState validationState = 11; // The DNSSEC Validation State |
d8c19b98 RG |
109 | } |
110 | ||
111 | optional DNSResponse response = 13; | |
0caa1aa8 RG |
112 | optional bytes originalRequestorSubnet = 14; // EDNS Client Subnet value |
113 | optional string requestorId = 15; // Username of the requestor | |
4898a348 | 114 | optional bytes initialRequestId = 16; // UUID of the incoming query that initiated this outgoing query or incoming response |
590388d2 | 115 | optional bytes deviceId = 17; // Device ID of the requestor (could be mac address IP address or e.g. IMEI) |
d6399006 | 116 | optional bool newlyObservedDomain = 18; // True if the domain has not been seen before |
0a6a45c8 | 117 | optional string deviceName = 19; // Device name of the requestor |
36de3330 RG |
118 | optional uint32 fromPort = 20; // Source port of the DNS query (client) |
119 | optional uint32 toPort = 21; // Destination port of the DNS query (server) | |
d8c19b98 | 120 | } |