]>
Commit | Line | Data |
---|---|---|
12471842 | 1 | /* |
d47fca73 | 2 | * This file describes the message format used by the protobuf logging feature in PowerDNS and dnsdist. |
12471842 | 3 | * |
d47fca73 KW |
4 | * Written by PowerDNS.COM B.V. and its contributors. |
5 | * | |
6 | * To the extent possible under law, the author(s) have dedicated all | |
7 | * copyright and related and neighboring rights to this file to the public | |
8 | * domain worldwide. This file is distributed without any warranty. | |
12471842 | 9 | * |
d47fca73 KW |
10 | * You should have received a copy of the CC0 Public Domain Dedication along |
11 | * with this file. If not, see: | |
12471842 | 12 | * |
d47fca73 | 13 | * <http://creativecommons.org/publicdomain/zero/1.0/>. |
12471842 | 14 | */ |
2e14d4bb RG |
15 | syntax = "proto2"; |
16 | ||
d8c19b98 RG |
17 | message PBDNSMessage { |
18 | enum Type { | |
19 | DNSQueryType = 1; | |
20 | DNSResponseType = 2; | |
4898a348 RG |
21 | DNSOutgoingQueryType = 3; |
22 | DNSIncomingResponseType = 4; | |
d8c19b98 RG |
23 | } |
24 | enum SocketFamily { | |
0caa1aa8 RG |
25 | INET = 1; // IPv4 (RFC 791) |
26 | INET6 = 2; // IPv6 (RFC 2460) | |
d8c19b98 RG |
27 | } |
28 | enum SocketProtocol { | |
0caa1aa8 RG |
29 | UDP = 1; // User Datagram Protocol (RFC 768) |
30 | TCP = 2; // Transmission Control Protocol (RFC 793) | |
d8c19b98 | 31 | } |
f3da83fe RG |
32 | enum PolicyType { |
33 | UNKNOWN = 1; // No policy applied, or unknown type | |
34 | QNAME = 2; // Policy matched on the QName | |
35 | CLIENTIP = 3; // Policy matched on the client IP | |
36 | RESPONSEIP = 4; // Policy matched on one of the IPs contained in the answer | |
37 | NSDNAME = 5; // Policy matched on the name of one nameserver involved | |
38 | NSIP = 6; // Policy matched on the IP of one nameserver involved | |
39 | } | |
12152c8c ND |
40 | enum PolicyKind { |
41 | NoAction = 1; // No action taken | |
42 | Drop = 2; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.4 | |
43 | NXDOMAIN = 3; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.1 | |
44 | NODATA = 4; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.2 | |
45 | Truncate= 5; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.5 | |
46 | Custom = 6; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.6 | |
47 | } | |
2e627150 O |
48 | enum VState { |
49 | Indeterminate = 1; | |
50 | Insecure = 2; | |
51 | Secure = 3; | |
2232e616 O |
52 | BogusNoValidDNSKEY = 4; |
53 | BogusInvalidDenial = 5; | |
54 | BogusUnableToGetDSs = 6; | |
55 | BogusUnableToGetDNSKEYs = 7; | |
56 | BogusSelfSignedDS = 8; | |
57 | BogusNoRRSIG = 9; | |
58 | BogusNoValidRRSIG = 10; | |
59 | BogusMissingNegativeIndication = 11; | |
60 | BogusSignatureNotYetValid = 12; | |
61 | BogusSignatureExpired = 13; | |
62 | BogusUnsupportedDNSKEYAlgo = 14; | |
63 | BogusUnsupportedDSDigestType = 15; | |
64 | BogusNoZoneKeyBitSet = 16; | |
65 | BogusRevokedDNSKEY = 17; | |
66 | BogusInvalidDNSKEYProtocol = 18; | |
2e627150 | 67 | } |
d8c19b98 | 68 | required Type type = 1; |
0caa1aa8 | 69 | optional bytes messageId = 2; // UUID, shared by the query and the response |
c165308b | 70 | optional bytes serverIdentity = 3; // ID of the server emitting the protobuf message |
d8c19b98 RG |
71 | optional SocketFamily socketFamily = 4; |
72 | optional SocketProtocol socketProtocol = 5; | |
0caa1aa8 RG |
73 | optional bytes from = 6; // DNS requestor (client) |
74 | optional bytes to = 7; // DNS responder (server) | |
75 | optional uint64 inBytes = 8; // Size of the query or response on the wire | |
76 | optional uint32 timeSec = 9; // Time of message reception (seconds since epoch) | |
77 | optional uint32 timeUsec = 10; // Time of message reception (additional micro-seconds) | |
78 | optional uint32 id = 11; // ID of the query/response as found in the DNS header | |
d8c19b98 RG |
79 | |
80 | message DNSQuestion { | |
81 | optional string qName = 1; | |
82 | optional uint32 qType = 2; | |
83 | optional uint32 qClass = 3; | |
84 | } | |
85 | optional DNSQuestion question = 12; | |
86 | ||
87 | message DNSResponse { | |
88 | message DNSRR { | |
89 | optional string name = 1; | |
90 | optional uint32 type = 2; | |
91 | optional uint32 class = 3; | |
92 | optional uint32 ttl = 4; | |
93 | optional bytes rdata = 5; | |
d6399006 | 94 | optional bool udr = 6; // True if this is the first time this RR has been seen for this question |
aa7929a3 | 95 | } |
57f8413e | 96 | optional uint32 rcode = 1; // DNS Response code, or 65536 for a network error including a timeout |
d8c19b98 | 97 | repeated DNSRR rrs = 2; |
0caa1aa8 RG |
98 | optional string appliedPolicy = 3; // Filtering policy (RPZ or Lua) applied |
99 | repeated string tags = 4; // Additional tags | |
100 | optional uint32 queryTimeSec = 5; // Time of the corresponding query reception (seconds since epoch) | |
101 | optional uint32 queryTimeUsec = 6; // Time of the corresponding query reception (additional micro-seconds) | |
f3da83fe | 102 | optional PolicyType appliedPolicyType = 7; // Type of the filtering policy (RPZ or Lua) applied |
b5892cfa | 103 | optional string appliedPolicyTrigger = 8; // The RPZ trigger |
7f60444b | 104 | optional string appliedPolicyHit = 9; // The value (qname or IP) that caused the hit |
12152c8c | 105 | optional PolicyKind appliedPolicyKind = 10; // The Kind (RPZ action) applied by the hit |
b090b7c4 | 106 | optional VState validationState = 11; // The DNSSEC Validation State |
d8c19b98 RG |
107 | } |
108 | ||
109 | optional DNSResponse response = 13; | |
0caa1aa8 RG |
110 | optional bytes originalRequestorSubnet = 14; // EDNS Client Subnet value |
111 | optional string requestorId = 15; // Username of the requestor | |
4898a348 | 112 | optional bytes initialRequestId = 16; // UUID of the incoming query that initiated this outgoing query or incoming response |
e09276b5 | 113 | optional bytes deviceId = 17; // Device ID of the requestor (could be mac address IP address or e.g. IMEI) |
d6399006 | 114 | optional bool newlyObservedDomain = 18; // True if the domain has not been seen before |
0a6a45c8 | 115 | optional string deviceName = 19; // Device name of the requestor |
36de3330 RG |
116 | optional uint32 fromPort = 20; // Source port of the DNS query (client) |
117 | optional uint32 toPort = 21; // Destination port of the DNS query (server) | |
634dd69e CHB |
118 | |
119 | message MetaValue { | |
120 | repeated string stringVal = 1; | |
121 | repeated int64 intVal = 2; | |
122 | } | |
123 | ||
124 | message Meta { | |
125 | required string key = 1; // MUST be unique, so if you have multiple values they must be aggregated into on Meta | |
126 | required MetaValue value = 2; | |
127 | } | |
128 | repeated Meta meta = 22; // Arbitrary meta-data - to be used in future rather than adding new fields all the time | |
4cdc62f5 | 129 | |
65ee1fc5 | 130 | // The well known EventTrace event numbers |
4cdc62f5 | 131 | enum EventType { |
ade7a5e6 | 132 | // Range 0..99: Generic events |
f5b1d3bb | 133 | CustomEvent = 0; // A custom event |
ade7a5e6 | 134 | ReqRecv = 1; // A request was received |
65ee1fc5 | 135 | PCacheCheck = 2; // A packet cache check was initiated or completed; value: bool cacheHit |
ade7a5e6 O |
136 | AnswerSent = 3; // An answer was sent to the client |
137 | ||
138 | // Range 100: Recursor events | |
139 | SyncRes = 100; // Recursor Syncres main function has started or completed; value: int rcode | |
140 | LuaGetTag = 101; // Events below mark start or end of Lua hook calls; value: return value of hook | |
141 | LuaGetTagFFI = 102; | |
142 | LuaIPFilter = 103; | |
143 | LuaPreRPZ = 104; | |
144 | LuaPreResolve = 105; | |
145 | LuaPreOutQuery = 106; | |
146 | LuaPostResolve = 107; | |
147 | LuaNoData = 108; | |
148 | LuaNXDomain = 109; | |
4cdc62f5 | 149 | } |
65ee1fc5 | 150 | |
4cdc62f5 | 151 | message Event { |
7705bec9 | 152 | required int64 ts = 1; // Timestamp in ns relative to time of creation of event trace data structure |
65ee1fc5 O |
153 | required EventType event = 2; // Type of event |
154 | required bool start = 3; // true for "start" events, false for "completed" events | |
155 | optional bool boolVal = 4; // Below are optional values associated with events | |
4cdc62f5 O |
156 | optional int64 intVal = 5; |
157 | optional string stringVal = 6; | |
158 | optional bytes bytesVal = 7; | |
f5b1d3bb | 159 | optional string custom = 8; // The name of the event for custom events |
4cdc62f5 O |
160 | } |
161 | repeated Event trace = 23; | |
d8c19b98 | 162 | } |
a46fcb5e PD |
163 | |
164 | message PBDNSMessageList { | |
165 | repeated PBDNSMessage msg = 1; | |
166 | } |