mySMN = newSuffixMatchNode()
mySMN:add(newDNSName("nameAndQtype.tests.powerdns.com."))
addAction(AndRule{SuffixMatchNodeRule(mySMN), QTypeRule("TXT")}, RCodeAction(DNSRCode.NOTIMP))
- addAction(SuffixMatchNodeRule("drop.test.powerdns.com."), DropAction())
+ addAction(SuffixMatchNodeRule({"drop.test.powerdns.com.", "drop2.test.powerdns.com."}), DropAction())
addAction(AndRule({QTypeRule(DNSQType.A),QNameRule("ds9a.nl")}), SpoofAction("1.2.3.4"))
addAction(newDNSName("dnsname.addaction.powerdns.com."), RCodeAction(DNSRCode.REFUSED))
addAction({newDNSName("dnsname-table1.addaction.powerdns.com."), newDNSName("dnsname-table2.addaction.powerdns.com.")}, RCodeAction(DNSRCode.REFUSED))
which is dropped by configuration. We expect
no response.
"""
- name = 'drop.test.powerdns.com.'
- query = dns.message.make_query(name, 'A', 'IN')
- for method in ("sendUDPQuery", "sendTCPQuery"):
- sender = getattr(self, method)
- (_, receivedResponse) = sender(query, response=None, useQueue=False)
- self.assertEqual(receivedResponse, None)
+ for name in ['drop.test.powerdns.com.', 'drop2.test.powerdns.com.']:
+ query = dns.message.make_query(name, 'A', 'IN')
+ for method in ("sendUDPQuery", "sendTCPQuery"):
+ sender = getattr(self, method)
+ (_, receivedResponse) = sender(query, response=None, useQueue=False)
+ self.assertEqual(receivedResponse, None)
def testAWithECS(self):
"""
(_,receivedResponse) = sender(query, response=expectedResponse, useQueue=False)
self.assertEqual(receivedResponse, expectedResponse)
+class TestAdvancedNMGRuleFromString(DNSDistTest):
+
+ _config_template = """
+ addAction(NotRule(NetmaskGroupRule('192.0.2.1')), RCodeAction(DNSRCode.REFUSED))
+ newServer{address="127.0.0.1:%s"}
+ """
+
+ def testAdvancedNMGRule(self):
+ """
+ Advanced: NMGRule (from string) should refuse our queries
+ """
+ name = 'nmgrule-from-string.advanced.tests.powerdns.com.'
+ query = dns.message.make_query(name, 'A', 'IN')
+ query.flags &= ~dns.flags.RD
+ expectedResponse = dns.message.make_response(query)
+ expectedResponse.set_rcode(dns.rcode.REFUSED)
+
+ for method in ("sendUDPQuery", "sendTCPQuery"):
+ sender = getattr(self, method)
+ (_, receivedResponse) = sender(query, response=None, useQueue=False)
+ self.assertEqual(receivedResponse, expectedResponse)
+
+class TestAdvancedNMGRuleFromMultipleStrings(DNSDistTest):
+
+ _config_template = """
+ addAction(NotRule(NetmaskGroupRule({'192.0.2.1', '192.0.2.128/25'})), RCodeAction(DNSRCode.REFUSED))
+ newServer{address="127.0.0.1:%s"}
+ """
+
+ def testAdvancedNMGRule(self):
+ """
+ Advanced: NMGRule (from multiple strings) should refuse our queries
+ """
+ name = 'nmgrule-from-multiple-strings.advanced.tests.powerdns.com.'
+ query = dns.message.make_query(name, 'A', 'IN')
+ query.flags &= ~dns.flags.RD
+ expectedResponse = dns.message.make_response(query)
+ expectedResponse.set_rcode(dns.rcode.REFUSED)
+
+ for method in ("sendUDPQuery", "sendTCPQuery"):
+ sender = getattr(self, method)
+ (_, receivedResponse) = sender(query, response=None, useQueue=False)
+ self.assertEqual(receivedResponse, expectedResponse)
+
class TestDSTPortRule(DNSDistTest):
_config_params = ['_dnsDistPort', '_testServerPort']
projects / thirdparty / pdns.git / commitdiff
