]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4427bd2)
rec: Only account RPZ truncation actions over UDP 8927/head
authorRemi Gacogne <remi.gacogne@powerdns.com>
Tue, 17 Mar 2020 13:08:30 +0000 (14:08 +0100)
committerRemi Gacogne <remi.gacogne@powerdns.com>
Wed, 18 Mar 2020 09:26:58 +0000 (10:26 +0100)
Since they will be ignored over TCP anyway.

pdns/pdns_recursor.cc patch | blob | blame | history

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index e399e779c6e9f43efaf133f19eb4bbfc777b11a5..bfaf00ba43a7476b8caabd5c843811e22fed27d7 100644 (file)
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -1136,7 +1136,10 @@ enum class PolicyResult : uint8_t { NoAction, HaveAnswer, Drop };
 
 static PolicyResult handlePolicyHit(const DNSFilterEngine::Policy& appliedPolicy, const std::unique_ptr<DNSComboWriter>& dc, SyncRes& sr, int& res, vector<DNSRecord>& ret, DNSPacketWriter& pw)
 {
-  ++g_stats.policyResults[appliedPolicy.d_kind];
+  /* don't account truncate actions for TCP queries, since they are not applied */
+  if (appliedPolicy.d_kind != DNSFilterEngine::PolicyKind::Truncate || !dc->d_tcp) {
+    ++g_stats.policyResults[appliedPolicy.d_kind];
+  }
 
   switch (appliedPolicy.d_kind) {
 
Unnamed repository; edit this file 'description' to name the repository.