]>
Commit | Line | Data |
---|---|---|
12471842 | 1 | /* |
d47fca73 | 2 | * This file describes the message format used by the protobuf logging feature in PowerDNS and dnsdist. |
12471842 | 3 | * |
18594f4d | 4 | * MIT License |
d47fca73 | 5 | * |
18594f4d O |
6 | * Copyright (c) 2016-now PowerDNS.COM B.V. and its contributors. |
7 | * | |
8 | * Permission is hereby granted, free of charge, to any person obtaining a copy | |
9 | * of this software and associated documentation files (the "Software"), to deal | |
10 | * in the Software without restriction, including without limitation the rights | |
11 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
12 | * copies of the Software, and to permit persons to whom the Software is | |
13 | * furnished to do so, subject to the following conditions: | |
14 | * | |
15 | * The above copyright notice and this permission notice shall be included in all | |
16 | * copies or substantial portions of the Software. | |
17 | * | |
18 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
19 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
20 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
21 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
22 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
23 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | |
24 | * SOFTWARE. | |
12471842 | 25 | */ |
2e14d4bb RG |
26 | syntax = "proto2"; |
27 | ||
d8c19b98 RG |
28 | message PBDNSMessage { |
29 | enum Type { | |
18594f4d O |
30 | DNSQueryType = 1; // Query received by the service |
31 | DNSResponseType = 2; // Response returned by the service | |
32 | DNSOutgoingQueryType = 3; // Query sent out by the service to a remote server | |
33 | DNSIncomingResponseType = 4; // Response returned by the remote server | |
d8c19b98 RG |
34 | } |
35 | enum SocketFamily { | |
0caa1aa8 RG |
36 | INET = 1; // IPv4 (RFC 791) |
37 | INET6 = 2; // IPv6 (RFC 2460) | |
d8c19b98 RG |
38 | } |
39 | enum SocketProtocol { | |
0caa1aa8 RG |
40 | UDP = 1; // User Datagram Protocol (RFC 768) |
41 | TCP = 2; // Transmission Control Protocol (RFC 793) | |
2df9ed2e RG |
42 | DOT = 3; // DNS over TLS (RFC 7858) |
43 | DOH = 4; // DNS over HTTPS (RFC 8484) | |
44 | DNSCryptUDP = 5; // DNSCrypt over UDP (https://dnscrypt.info/protocol) | |
45 | DNSCryptTCP = 6; // DNSCrypt over TCP (https://dnscrypt.info/protocol) | |
a261cdeb CHB |
46 | DoQ = 7; // DNS over QUIC (RFC 9250) |
47 | } | |
48 | enum HTTPVersion { | |
49 | HTTP1 = 1; // HTTP/1.1 | |
50 | HTTP2 = 2; // HTTP/2 | |
51 | HTTP3 = 3; // HTTP/3 | |
d8c19b98 | 52 | } |
f3da83fe | 53 | enum PolicyType { |
18594f4d | 54 | UNKNOWN = 1; // No RPZ policy applied, or unknown type |
f3da83fe RG |
55 | QNAME = 2; // Policy matched on the QName |
56 | CLIENTIP = 3; // Policy matched on the client IP | |
57 | RESPONSEIP = 4; // Policy matched on one of the IPs contained in the answer | |
58 | NSDNAME = 5; // Policy matched on the name of one nameserver involved | |
59 | NSIP = 6; // Policy matched on the IP of one nameserver involved | |
60 | } | |
12152c8c ND |
61 | enum PolicyKind { |
62 | NoAction = 1; // No action taken | |
63 | Drop = 2; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.4 | |
64 | NXDOMAIN = 3; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.1 | |
65 | NODATA = 4; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.2 | |
66 | Truncate= 5; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.5 | |
67 | Custom = 6; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.6 | |
68 | } | |
2e627150 O |
69 | enum VState { |
70 | Indeterminate = 1; | |
71 | Insecure = 2; | |
72 | Secure = 3; | |
2232e616 O |
73 | BogusNoValidDNSKEY = 4; |
74 | BogusInvalidDenial = 5; | |
75 | BogusUnableToGetDSs = 6; | |
76 | BogusUnableToGetDNSKEYs = 7; | |
77 | BogusSelfSignedDS = 8; | |
78 | BogusNoRRSIG = 9; | |
79 | BogusNoValidRRSIG = 10; | |
80 | BogusMissingNegativeIndication = 11; | |
81 | BogusSignatureNotYetValid = 12; | |
82 | BogusSignatureExpired = 13; | |
83 | BogusUnsupportedDNSKEYAlgo = 14; | |
84 | BogusUnsupportedDSDigestType = 15; | |
85 | BogusNoZoneKeyBitSet = 16; | |
86 | BogusRevokedDNSKEY = 17; | |
87 | BogusInvalidDNSKEYProtocol = 18; | |
2e627150 | 88 | } |
18594f4d | 89 | required Type type = 1; // Type of event |
0caa1aa8 | 90 | optional bytes messageId = 2; // UUID, shared by the query and the response |
c165308b | 91 | optional bytes serverIdentity = 3; // ID of the server emitting the protobuf message |
d8c19b98 RG |
92 | optional SocketFamily socketFamily = 4; |
93 | optional SocketProtocol socketProtocol = 5; | |
18594f4d O |
94 | optional bytes from = 6; // DNS requestor (client) as 4 (IPv4) or 16 (IPv6) raw bytes in network byte order |
95 | optional bytes to = 7; // DNS responder (server) as 4 (IPv4) or 16 (IPv6) raw bytes in network byte order | |
0caa1aa8 RG |
96 | optional uint64 inBytes = 8; // Size of the query or response on the wire |
97 | optional uint32 timeSec = 9; // Time of message reception (seconds since epoch) | |
98 | optional uint32 timeUsec = 10; // Time of message reception (additional micro-seconds) | |
99 | optional uint32 id = 11; // ID of the query/response as found in the DNS header | |
d8c19b98 RG |
100 | |
101 | message DNSQuestion { | |
18594f4d O |
102 | optional string qName = 1; // Fully qualified DNS name (with trailing dot) |
103 | optional uint32 qType = 2; // https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4 | |
104 | optional uint32 qClass = 3; // Typically 1 (IN), see https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-2 | |
d8c19b98 | 105 | } |
18594f4d | 106 | optional DNSQuestion question = 12; // DNS query received from client |
d8c19b98 RG |
107 | |
108 | message DNSResponse { | |
18594f4d O |
109 | // See exportTypes in https://docs.powerdns.com/recursor/lua-config/protobuf.html#protobufServer |
110 | // for the list of supported resource record types. | |
d8c19b98 | 111 | message DNSRR { |
18594f4d O |
112 | optional string name = 1; // Fully qualified DNS name (with trailing dot) |
113 | optional uint32 type = 2; // https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4 | |
114 | optional uint32 class = 3; // Typically 1 (IN), see https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-2 | |
115 | optional uint32 ttl = 4; // TTL in seconds | |
116 | optional bytes rdata = 5; // raw address bytes in network byte order for A & AAAA; text representation for others, with fully qualified (trailing dot) domain names | |
d6399006 | 117 | optional bool udr = 6; // True if this is the first time this RR has been seen for this question |
aa7929a3 | 118 | } |
57f8413e | 119 | optional uint32 rcode = 1; // DNS Response code, or 65536 for a network error including a timeout |
18594f4d | 120 | repeated DNSRR rrs = 2; // DNS resource records in response |
0caa1aa8 | 121 | optional string appliedPolicy = 3; // Filtering policy (RPZ or Lua) applied |
18594f4d | 122 | repeated string tags = 4; // Additional tags applied |
0caa1aa8 RG |
123 | optional uint32 queryTimeSec = 5; // Time of the corresponding query reception (seconds since epoch) |
124 | optional uint32 queryTimeUsec = 6; // Time of the corresponding query reception (additional micro-seconds) | |
f3da83fe | 125 | optional PolicyType appliedPolicyType = 7; // Type of the filtering policy (RPZ or Lua) applied |
b5892cfa | 126 | optional string appliedPolicyTrigger = 8; // The RPZ trigger |
7f60444b | 127 | optional string appliedPolicyHit = 9; // The value (qname or IP) that caused the hit |
12152c8c | 128 | optional PolicyKind appliedPolicyKind = 10; // The Kind (RPZ action) applied by the hit |
b090b7c4 | 129 | optional VState validationState = 11; // The DNSSEC Validation State |
d8c19b98 RG |
130 | } |
131 | ||
132 | optional DNSResponse response = 13; | |
18594f4d | 133 | optional bytes originalRequestorSubnet = 14; // EDNS Client Subnet value (4 or 16 raw bytes in network byte order) |
0caa1aa8 | 134 | optional string requestorId = 15; // Username of the requestor |
4898a348 | 135 | optional bytes initialRequestId = 16; // UUID of the incoming query that initiated this outgoing query or incoming response |
18594f4d | 136 | optional bytes deviceId = 17; // Device ID of the requestor (could be mac address IP address or e.g. IMEI, format implementation dependent) |
d6399006 | 137 | optional bool newlyObservedDomain = 18; // True if the domain has not been seen before |
0a6a45c8 | 138 | optional string deviceName = 19; // Device name of the requestor |
36de3330 RG |
139 | optional uint32 fromPort = 20; // Source port of the DNS query (client) |
140 | optional uint32 toPort = 21; // Destination port of the DNS query (server) | |
634dd69e CHB |
141 | |
142 | message MetaValue { | |
143 | repeated string stringVal = 1; | |
144 | repeated int64 intVal = 2; | |
145 | } | |
146 | ||
147 | message Meta { | |
148 | required string key = 1; // MUST be unique, so if you have multiple values they must be aggregated into on Meta | |
149 | required MetaValue value = 2; | |
150 | } | |
151 | repeated Meta meta = 22; // Arbitrary meta-data - to be used in future rather than adding new fields all the time | |
4cdc62f5 | 152 | |
65ee1fc5 | 153 | // The well known EventTrace event numbers |
4cdc62f5 | 154 | enum EventType { |
ade7a5e6 | 155 | // Range 0..99: Generic events |
f5b1d3bb | 156 | CustomEvent = 0; // A custom event |
ade7a5e6 | 157 | ReqRecv = 1; // A request was received |
65ee1fc5 | 158 | PCacheCheck = 2; // A packet cache check was initiated or completed; value: bool cacheHit |
ade7a5e6 O |
159 | AnswerSent = 3; // An answer was sent to the client |
160 | ||
161 | // Range 100: Recursor events | |
162 | SyncRes = 100; // Recursor Syncres main function has started or completed; value: int rcode | |
163 | LuaGetTag = 101; // Events below mark start or end of Lua hook calls; value: return value of hook | |
164 | LuaGetTagFFI = 102; | |
165 | LuaIPFilter = 103; | |
166 | LuaPreRPZ = 104; | |
167 | LuaPreResolve = 105; | |
168 | LuaPreOutQuery = 106; | |
169 | LuaPostResolve = 107; | |
170 | LuaNoData = 108; | |
171 | LuaNXDomain = 109; | |
bbdea071 | 172 | LuaPostResolveFFI = 110; |
4cdc62f5 | 173 | } |
65ee1fc5 | 174 | |
4cdc62f5 | 175 | message Event { |
7705bec9 | 176 | required int64 ts = 1; // Timestamp in ns relative to time of creation of event trace data structure |
65ee1fc5 O |
177 | required EventType event = 2; // Type of event |
178 | required bool start = 3; // true for "start" events, false for "completed" events | |
179 | optional bool boolVal = 4; // Below are optional values associated with events | |
4cdc62f5 O |
180 | optional int64 intVal = 5; |
181 | optional string stringVal = 6; | |
182 | optional bytes bytesVal = 7; | |
f5b1d3bb | 183 | optional string custom = 8; // The name of the event for custom events |
4cdc62f5 O |
184 | } |
185 | repeated Event trace = 23; | |
a261cdeb | 186 | optional HTTPVersion httpVersion = 24; // HTTP version used for DNS over HTTP |
d8c19b98 | 187 | } |
a46fcb5e PD |
188 | |
189 | message PBDNSMessageList { | |
190 | repeated PBDNSMessage msg = 1; | |
191 | } |