[thirdparty/pdns.git] / pdns / dnsmessage.proto

/*
 * This file describes the message format used by the protobuf logging feature in PowerDNS and dnsdist.
 *
 * MIT License
 * 
 * Copyright (c) 2016-now PowerDNS.COM B.V. and its contributors.
 * 
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 * 
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 * 
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */
syntax = "proto2";

message PBDNSMessage {
  enum Type {
    DNSQueryType = 1;                           // Query received by the service
    DNSResponseType = 2;                        // Response returned by the service
    DNSOutgoingQueryType = 3;                   // Query sent out by the service to a remote server
    DNSIncomingResponseType = 4;                // Response returned by the remote server
  }
  enum SocketFamily {
    INET = 1;                                   // IPv4 (RFC 791)
    INET6 = 2;                                  // IPv6 (RFC 2460)
  }
  enum SocketProtocol {
    UDP = 1;                                    // User Datagram Protocol (RFC 768)
    TCP = 2;                                    // Transmission Control Protocol (RFC 793)
    DOT = 3;                                    // DNS over TLS (RFC 7858)
    DOH = 4;                                    // DNS over HTTPS (RFC 8484)
    DNSCryptUDP = 5;                            // DNSCrypt over UDP (https://dnscrypt.info/protocol)
    DNSCryptTCP = 6;                            // DNSCrypt over TCP (https://dnscrypt.info/protocol)
    DOQ = 7;                                    // DNS over QUIC (RFC 9250)
  }
  enum HTTPVersion {
    HTTP1 = 1;                                  // HTTP/1.1
    HTTP2 = 2;                                  // HTTP/2
    HTTP3 = 3;                                  // HTTP/3
  }
  enum PolicyType {
    UNKNOWN = 1;                                // No RPZ policy applied, or unknown type
    QNAME = 2;                                  // Policy matched on the QName
    CLIENTIP = 3;                               // Policy matched on the client IP
    RESPONSEIP = 4;                             // Policy matched on one of the IPs contained in the answer
    NSDNAME = 5;                                // Policy matched on the name of one nameserver involved
    NSIP = 6;                                   // Policy matched on the IP of one nameserver involved
  }
  enum PolicyKind {
    NoAction = 1;                               // No action taken
    Drop = 2;                                   // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.4
    NXDOMAIN = 3;                               // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.1
    NODATA = 4;                                 // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.2
    Truncate= 5;                                // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.5
    Custom = 6;                                 // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.6
  }
  enum VState {
    Indeterminate = 1;
    Insecure = 2;
    Secure = 3;
    BogusNoValidDNSKEY = 4;
    BogusInvalidDenial = 5;
    BogusUnableToGetDSs = 6;
    BogusUnableToGetDNSKEYs = 7;
    BogusSelfSignedDS = 8;
    BogusNoRRSIG = 9;
    BogusNoValidRRSIG = 10;
    BogusMissingNegativeIndication = 11;
    BogusSignatureNotYetValid = 12;
    BogusSignatureExpired = 13;
    BogusUnsupportedDNSKEYAlgo = 14;
    BogusUnsupportedDSDigestType = 15;
    BogusNoZoneKeyBitSet = 16;
    BogusRevokedDNSKEY = 17;
    BogusInvalidDNSKEYProtocol = 18;
  }
  required Type type = 1;                       // Type of event
  optional bytes messageId = 2;                 // UUID, shared by the query and the response
  optional bytes serverIdentity = 3;            // ID of the server emitting the protobuf message
  optional SocketFamily socketFamily = 4;
  optional SocketProtocol socketProtocol = 5;
  optional bytes from = 6;                      // DNS requestor (client) as 4 (IPv4) or 16 (IPv6) raw bytes in network byte order
  optional bytes to = 7;                        // DNS responder (server) as 4 (IPv4) or 16 (IPv6) raw bytes in network byte order
  optional uint64 inBytes = 8;                  // Size of the query or response on the wire
  optional uint32 timeSec = 9;                  // Time of message reception (seconds since epoch)
  optional uint32 timeUsec = 10;                // Time of message reception (additional micro-seconds)
  optional uint32 id = 11;                      // ID of the query/response as found in the DNS header

  message DNSQuestion {
    optional string qName = 1;                  // Fully qualified DNS name (with trailing dot)
    optional uint32 qType = 2;                  // https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4
    optional uint32 qClass = 3;                 // Typically 1 (IN), see https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-2
  }
  optional DNSQuestion question = 12;           // DNS query received from client

  message DNSResponse {
    // See exportTypes in https://docs.powerdns.com/recursor/lua-config/protobuf.html#protobufServer
    // for the list of supported resource record types.
    message DNSRR {
      optional string name = 1;                 // Fully qualified DNS name (with trailing dot)
      optional uint32 type = 2;                 // https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4
      optional uint32 class = 3;                // Typically 1 (IN), see https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-2
      optional uint32 ttl = 4;                  // TTL in seconds
      optional bytes rdata = 5;                 // raw address bytes in network byte order for A & AAAA; text representation for others, with fully qualified (trailing dot) domain names
      optional bool  udr = 6;                   // True if this is the first time this RR has been seen for this question
    }
    optional uint32 rcode = 1;                  // DNS Response code, or 65536 for a network error including a timeout
    repeated DNSRR rrs = 2;                     // DNS resource records in response
    optional string appliedPolicy = 3;          // Filtering policy (RPZ or Lua) applied
    repeated string tags = 4;                   // Additional tags applied
    optional uint32 queryTimeSec = 5;           // Time of the corresponding query reception (seconds since epoch)
    optional uint32 queryTimeUsec = 6;          // Time of the corresponding query reception (additional micro-seconds)
    optional PolicyType appliedPolicyType = 7;  // Type of the filtering policy (RPZ or Lua) applied
    optional string appliedPolicyTrigger = 8;   // The RPZ trigger
    optional string appliedPolicyHit = 9;       // The value (qname or IP) that caused the hit
    optional PolicyKind appliedPolicyKind = 10; // The Kind (RPZ action) applied by the hit
    optional VState validationState = 11;       // The DNSSEC Validation State
  }

  optional DNSResponse response = 13;
  optional bytes originalRequestorSubnet = 14;  // EDNS Client Subnet value (4 or 16 raw bytes in network byte order)
  optional string requestorId = 15;             // Username of the requestor
  optional bytes initialRequestId = 16;         // UUID of the incoming query that initiated this outgoing query or incoming response
  optional bytes deviceId = 17;                 // Device ID of the requestor (could be mac address IP address or e.g. IMEI, format implementation dependent)
  optional bool  newlyObservedDomain = 18;      // True if the domain has not been seen before
  optional string deviceName = 19;              // Device name of the requestor
  optional uint32 fromPort = 20;                // Source port of the DNS query (client)
  optional uint32 toPort = 21;                  // Destination port of the DNS query (server)

  message MetaValue {
    repeated string stringVal = 1;
    repeated int64 intVal = 2;
  }

  message Meta {
    required string key = 1;                    // MUST be unique, so if you have multiple values they must be aggregated into on Meta
    required MetaValue value = 2;
  }
  repeated Meta meta = 22;                      // Arbitrary meta-data - to be used in future rather than adding new fields all the time

  // The well known EventTrace event numbers
  enum EventType {
                                                // Range 0..99: Generic events
    CustomEvent = 0;                            // A custom event
    ReqRecv = 1;                                // A request was received
    PCacheCheck = 2;                            // A packet cache check was initiated or completed; value: bool cacheHit
    AnswerSent = 3;                             // An answer was sent to the client

                                                // Range 100: Recursor events
    SyncRes = 100;                              // Recursor Syncres main function has started or completed; value: int rcode
    LuaGetTag = 101;                            // Events below mark start or end of Lua hook calls; value: return value of hook
    LuaGetTagFFI = 102;
    LuaIPFilter = 103;
    LuaPreRPZ = 104;
    LuaPreResolve = 105;
    LuaPreOutQuery = 106;
    LuaPostResolve = 107;
    LuaNoData = 108;
    LuaNXDomain = 109;
    LuaPostResolveFFI = 110;
  }

  message Event {
    required int64 ts = 1;                      // Timestamp in ns relative to time of creation of event trace data structure
    required EventType event = 2;               // Type of event
    required bool start = 3;                    // true for "start" events, false for "completed" events
    optional bool boolVal = 4;                  // Below are optional values associated with events
    optional int64 intVal = 5;
    optional string stringVal = 6;
    optional bytes bytesVal = 7;
    optional string custom = 8;                 // The name of the event for custom events
  }
  repeated Event trace = 23;
  optional HTTPVersion httpVersion = 24;        // HTTP version used for DNS over HTTP
}

message PBDNSMessageList {
  repeated PBDNSMessage msg = 1;
}
Commit	Line	Data
12471842	1	/*
d47fca73	2	* This file describes the message format used by the protobuf logging feature in PowerDNS and dnsdist.
12471842	3	*
18594f4d	4	* MIT License
d47fca73	5	*
18594f4d O	6	* Copyright (c) 2016-now PowerDNS.COM B.V. and its contributors.
	7	*
	8	* Permission is hereby granted, free of charge, to any person obtaining a copy
	9	* of this software and associated documentation files (the "Software"), to deal
	10	* in the Software without restriction, including without limitation the rights
	11	* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	12	* copies of the Software, and to permit persons to whom the Software is
	13	* furnished to do so, subject to the following conditions:
	14	*
	15	* The above copyright notice and this permission notice shall be included in all
	16	* copies or substantial portions of the Software.
	17	*
	18	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
	19	* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	20	* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
	21	* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
	22	* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
	23	* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
	24	* SOFTWARE.
12471842	25	*/
2e14d4bb RG	26	syntax = "proto2";
2e14d4bb RG	27
d8c19b98 RG	28	message PBDNSMessage {
d8c19b98 RG	29	enum Type {
18594f4d O	30	DNSQueryType = 1; // Query received by the service
	31	DNSResponseType = 2; // Response returned by the service
	32	DNSOutgoingQueryType = 3; // Query sent out by the service to a remote server
	33	DNSIncomingResponseType = 4; // Response returned by the remote server
d8c19b98 RG	34	}
d8c19b98 RG	35	enum SocketFamily {
0caa1aa8 RG	36	INET = 1; // IPv4 (RFC 791)
0caa1aa8 RG	37	INET6 = 2; // IPv6 (RFC 2460)
d8c19b98 RG	38	}
d8c19b98 RG	39	enum SocketProtocol {
0caa1aa8 RG	40	UDP = 1; // User Datagram Protocol (RFC 768)
0caa1aa8 RG	41	TCP = 2; // Transmission Control Protocol (RFC 793)
2df9ed2e RG	42	DOT = 3; // DNS over TLS (RFC 7858)
	43	DOH = 4; // DNS over HTTPS (RFC 8484)
	44	DNSCryptUDP = 5; // DNSCrypt over UDP (https://dnscrypt.info/protocol)
	45	DNSCryptTCP = 6; // DNSCrypt over TCP (https://dnscrypt.info/protocol)
8b3639c7	46	DOQ = 7; // DNS over QUIC (RFC 9250)
a261cdeb CHB	47	}
	48	enum HTTPVersion {
	49	HTTP1 = 1; // HTTP/1.1
	50	HTTP2 = 2; // HTTP/2
	51	HTTP3 = 3; // HTTP/3
d8c19b98	52	}
f3da83fe	53	enum PolicyType {
18594f4d	54	UNKNOWN = 1; // No RPZ policy applied, or unknown type
f3da83fe RG	55	QNAME = 2; // Policy matched on the QName
	56	CLIENTIP = 3; // Policy matched on the client IP
	57	RESPONSEIP = 4; // Policy matched on one of the IPs contained in the answer
	58	NSDNAME = 5; // Policy matched on the name of one nameserver involved
	59	NSIP = 6; // Policy matched on the IP of one nameserver involved
	60	}
12152c8c ND	61	enum PolicyKind {
	62	NoAction = 1; // No action taken
	63	Drop = 2; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.4
	64	NXDOMAIN = 3; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.1
	65	NODATA = 4; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.2
	66	Truncate= 5; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.5
	67	Custom = 6; // https://tools.ietf.org/html/draft-vixie-dns-rpz-04 3.6
	68	}
2e627150 O	69	enum VState {
	70	Indeterminate = 1;
	71	Insecure = 2;
	72	Secure = 3;
2232e616 O	73	BogusNoValidDNSKEY = 4;
	74	BogusInvalidDenial = 5;
	75	BogusUnableToGetDSs = 6;
	76	BogusUnableToGetDNSKEYs = 7;
	77	BogusSelfSignedDS = 8;
	78	BogusNoRRSIG = 9;
	79	BogusNoValidRRSIG = 10;
	80	BogusMissingNegativeIndication = 11;
	81	BogusSignatureNotYetValid = 12;
	82	BogusSignatureExpired = 13;
	83	BogusUnsupportedDNSKEYAlgo = 14;
	84	BogusUnsupportedDSDigestType = 15;
	85	BogusNoZoneKeyBitSet = 16;
	86	BogusRevokedDNSKEY = 17;
	87	BogusInvalidDNSKEYProtocol = 18;
2e627150	88	}
18594f4d	89	required Type type = 1; // Type of event
0caa1aa8	90	optional bytes messageId = 2; // UUID, shared by the query and the response
c165308b	91	optional bytes serverIdentity = 3; // ID of the server emitting the protobuf message
d8c19b98 RG	92	optional SocketFamily socketFamily = 4;
d8c19b98 RG	93	optional SocketProtocol socketProtocol = 5;
18594f4d O	94	optional bytes from = 6; // DNS requestor (client) as 4 (IPv4) or 16 (IPv6) raw bytes in network byte order
18594f4d O	95	optional bytes to = 7; // DNS responder (server) as 4 (IPv4) or 16 (IPv6) raw bytes in network byte order
0caa1aa8 RG	96	optional uint64 inBytes = 8; // Size of the query or response on the wire
	97	optional uint32 timeSec = 9; // Time of message reception (seconds since epoch)
	98	optional uint32 timeUsec = 10; // Time of message reception (additional micro-seconds)
	99	optional uint32 id = 11; // ID of the query/response as found in the DNS header
d8c19b98 RG	100
d8c19b98 RG	101	message DNSQuestion {
18594f4d O	102	optional string qName = 1; // Fully qualified DNS name (with trailing dot)
	103	optional uint32 qType = 2; // https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4
	104	optional uint32 qClass = 3; // Typically 1 (IN), see https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-2
d8c19b98	105	}
18594f4d	106	optional DNSQuestion question = 12; // DNS query received from client
d8c19b98 RG	107
d8c19b98 RG	108	message DNSResponse {
18594f4d O	109	// See exportTypes in https://docs.powerdns.com/recursor/lua-config/protobuf.html#protobufServer
18594f4d O	110	// for the list of supported resource record types.
d8c19b98	111	message DNSRR {
18594f4d O	112	optional string name = 1; // Fully qualified DNS name (with trailing dot)
	113	optional uint32 type = 2; // https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4
	114	optional uint32 class = 3; // Typically 1 (IN), see https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-2
	115	optional uint32 ttl = 4; // TTL in seconds
	116	optional bytes rdata = 5; // raw address bytes in network byte order for A & AAAA; text representation for others, with fully qualified (trailing dot) domain names
d6399006	117	optional bool udr = 6; // True if this is the first time this RR has been seen for this question
aa7929a3	118	}
57f8413e	119	optional uint32 rcode = 1; // DNS Response code, or 65536 for a network error including a timeout
18594f4d	120	repeated DNSRR rrs = 2; // DNS resource records in response
0caa1aa8	121	optional string appliedPolicy = 3; // Filtering policy (RPZ or Lua) applied
18594f4d	122	repeated string tags = 4; // Additional tags applied
0caa1aa8 RG	123	optional uint32 queryTimeSec = 5; // Time of the corresponding query reception (seconds since epoch)
0caa1aa8 RG	124	optional uint32 queryTimeUsec = 6; // Time of the corresponding query reception (additional micro-seconds)
f3da83fe	125	optional PolicyType appliedPolicyType = 7; // Type of the filtering policy (RPZ or Lua) applied
b5892cfa	126	optional string appliedPolicyTrigger = 8; // The RPZ trigger
7f60444b	127	optional string appliedPolicyHit = 9; // The value (qname or IP) that caused the hit
12152c8c	128	optional PolicyKind appliedPolicyKind = 10; // The Kind (RPZ action) applied by the hit
b090b7c4	129	optional VState validationState = 11; // The DNSSEC Validation State
d8c19b98 RG	130	}
	131
	132	optional DNSResponse response = 13;
18594f4d	133	optional bytes originalRequestorSubnet = 14; // EDNS Client Subnet value (4 or 16 raw bytes in network byte order)
0caa1aa8	134	optional string requestorId = 15; // Username of the requestor
4898a348	135	optional bytes initialRequestId = 16; // UUID of the incoming query that initiated this outgoing query or incoming response
18594f4d	136	optional bytes deviceId = 17; // Device ID of the requestor (could be mac address IP address or e.g. IMEI, format implementation dependent)
d6399006	137	optional bool newlyObservedDomain = 18; // True if the domain has not been seen before
0a6a45c8	138	optional string deviceName = 19; // Device name of the requestor
36de3330 RG	139	optional uint32 fromPort = 20; // Source port of the DNS query (client)
36de3330 RG	140	optional uint32 toPort = 21; // Destination port of the DNS query (server)
634dd69e CHB	141
	142	message MetaValue {
	143	repeated string stringVal = 1;
	144	repeated int64 intVal = 2;
	145	}
	146
	147	message Meta {
	148	required string key = 1; // MUST be unique, so if you have multiple values they must be aggregated into on Meta
	149	required MetaValue value = 2;
	150	}
	151	repeated Meta meta = 22; // Arbitrary meta-data - to be used in future rather than adding new fields all the time
4cdc62f5	152
65ee1fc5	153	// The well known EventTrace event numbers
4cdc62f5	154	enum EventType {
ade7a5e6	155	// Range 0..99: Generic events
f5b1d3bb	156	CustomEvent = 0; // A custom event
ade7a5e6	157	ReqRecv = 1; // A request was received
65ee1fc5	158	PCacheCheck = 2; // A packet cache check was initiated or completed; value: bool cacheHit
ade7a5e6 O	159	AnswerSent = 3; // An answer was sent to the client
	160
	161	// Range 100: Recursor events
	162	SyncRes = 100; // Recursor Syncres main function has started or completed; value: int rcode
	163	LuaGetTag = 101; // Events below mark start or end of Lua hook calls; value: return value of hook
	164	LuaGetTagFFI = 102;
	165	LuaIPFilter = 103;
	166	LuaPreRPZ = 104;
	167	LuaPreResolve = 105;
	168	LuaPreOutQuery = 106;
	169	LuaPostResolve = 107;
	170	LuaNoData = 108;
	171	LuaNXDomain = 109;
bbdea071	172	LuaPostResolveFFI = 110;
4cdc62f5	173	}
65ee1fc5	174
4cdc62f5	175	message Event {
7705bec9	176	required int64 ts = 1; // Timestamp in ns relative to time of creation of event trace data structure
65ee1fc5 O	177	required EventType event = 2; // Type of event
	178	required bool start = 3; // true for "start" events, false for "completed" events
	179	optional bool boolVal = 4; // Below are optional values associated with events
4cdc62f5 O	180	optional int64 intVal = 5;
	181	optional string stringVal = 6;
	182	optional bytes bytesVal = 7;
f5b1d3bb	183	optional string custom = 8; // The name of the event for custom events
4cdc62f5 O	184	}
4cdc62f5 O	185	repeated Event trace = 23;
a261cdeb	186	optional HTTPVersion httpVersion = 24; // HTTP version used for DNS over HTTP
d8c19b98	187	}
a46fcb5e PD	188
	189	message PBDNSMessageList {
	190	repeated PBDNSMessage msg = 1;
	191	}