From: Remi Gacogne Date: Mon, 3 Jun 2019 12:37:12 +0000 (+0200) Subject: rec: Add pdns_ffi_param_set_log_response() to control response logging X-Git-Tag: dnsdist-1.4.0-rc2~18^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=406b722e685c7fc4be55020fac84bc481b3e0e86;p=thirdparty%2Fpdns.git rec: Add pdns_ffi_param_set_log_response() to control response logging --- diff --git a/pdns/lua-recursor4-ffi.hh b/pdns/lua-recursor4-ffi.hh index 817fe1259f..47396a8386 100644 --- a/pdns/lua-recursor4-ffi.hh +++ b/pdns/lua-recursor4-ffi.hh @@ -61,6 +61,7 @@ extern "C" { void pdns_ffi_param_set_variable(pdns_ffi_param_t* ref, bool variable) __attribute__ ((visibility ("default"))); void pdns_ffi_param_set_ttl_cap(pdns_ffi_param_t* ref, uint32_t ttl) __attribute__ ((visibility ("default"))); void pdns_ffi_param_set_log_query(pdns_ffi_param_t* ref, bool logQuery) __attribute__ ((visibility ("default"))); + void pdns_ffi_param_set_log_response(pdns_ffi_param_t* ref, bool logResponse) __attribute__ ((visibility ("default"))); void pdns_ffi_param_set_rcode(pdns_ffi_param_t* ref, int rcode) __attribute__ ((visibility ("default"))); void pdns_ffi_param_set_follow_cname_records(pdns_ffi_param_t* ref, bool follow) __attribute__ ((visibility ("default"))); diff --git a/pdns/lua-recursor4.cc b/pdns/lua-recursor4.cc index 6178ee72d6..8f918e6c6c 100644 --- a/pdns/lua-recursor4.cc +++ b/pdns/lua-recursor4.cc @@ -548,7 +548,7 @@ unsigned int RecursorLua4::gettag(const ComboAddress& remote, const Netmask& edn struct pdns_ffi_param { public: - pdns_ffi_param(const DNSName& qname_, uint16_t qtype_, const ComboAddress& local_, const ComboAddress& remote_, const Netmask& ednssubnet_, std::vector& policyTags_, std::vector& records_, const EDNSOptionViewMap& ednsOptions_, std::string& requestorId_, std::string& deviceId_, std::string& deviceName_, boost::optional& rcode_, uint32_t& ttlCap_, bool& variable_, bool tcp_, bool& logQuery_, bool& followCNAMERecords_): qname(qname_), local(local_), remote(remote_), ednssubnet(ednssubnet_), policyTags(policyTags_), records(records_), ednsOptions(ednsOptions_), requestorId(requestorId_), deviceId(deviceId_), deviceName(deviceName_), rcode(rcode_), ttlCap(ttlCap_), variable(variable_), logQuery(logQuery_), followCNAMERecords(followCNAMERecords_), qtype(qtype_), tcp(tcp_) + pdns_ffi_param(const DNSName& qname_, uint16_t qtype_, const ComboAddress& local_, const ComboAddress& remote_, const Netmask& ednssubnet_, std::vector& policyTags_, std::vector& records_, const EDNSOptionViewMap& ednsOptions_, std::string& requestorId_, std::string& deviceId_, std::string& deviceName_, boost::optional& rcode_, uint32_t& ttlCap_, bool& variable_, bool tcp_, bool& logQuery_, bool& logResponse_, bool& followCNAMERecords_): qname(qname_), local(local_), remote(remote_), ednssubnet(ednssubnet_), policyTags(policyTags_), records(records_), ednsOptions(ednsOptions_), requestorId(requestorId_), deviceId(deviceId_), deviceName(deviceName_), rcode(rcode_), ttlCap(ttlCap_), variable(variable_), logQuery(logQuery_), logResponse(logResponse_), followCNAMERecords(followCNAMERecords_), qtype(qtype_), tcp(tcp_) { } @@ -572,6 +572,7 @@ public: uint32_t& ttlCap; bool& variable; bool& logQuery; + bool& logResponse; bool& followCNAMERecords; unsigned int tag{0}; @@ -579,10 +580,10 @@ public: bool tcp; }; -unsigned int RecursorLua4::gettag_ffi(const ComboAddress& remote, const Netmask& ednssubnet, const ComboAddress& local, const DNSName& qname, uint16_t qtype, std::vector* policyTags, std::vector& records, LuaContext::LuaObject& data, const EDNSOptionViewMap& ednsOptions, bool tcp, std::string& requestorId, std::string& deviceId, std::string& deviceName, boost::optional& rcode, uint32_t& ttlCap, bool& variable, bool& logQuery, bool& followCNAMERecords) const +unsigned int RecursorLua4::gettag_ffi(const ComboAddress& remote, const Netmask& ednssubnet, const ComboAddress& local, const DNSName& qname, uint16_t qtype, std::vector* policyTags, std::vector& records, LuaContext::LuaObject& data, const EDNSOptionViewMap& ednsOptions, bool tcp, std::string& requestorId, std::string& deviceId, std::string& deviceName, boost::optional& rcode, uint32_t& ttlCap, bool& variable, bool& logQuery, bool& logResponse, bool& followCNAMERecords) const { if (d_gettag_ffi) { - pdns_ffi_param_t param(qname, qtype, local, remote, ednssubnet, *policyTags, records, ednsOptions, requestorId, deviceId, deviceName, rcode, ttlCap, variable, tcp, logQuery, followCNAMERecords); + pdns_ffi_param_t param(qname, qtype, local, remote, ednssubnet, *policyTags, records, ednsOptions, requestorId, deviceId, deviceName, rcode, ttlCap, variable, tcp, logQuery, logResponse, followCNAMERecords); auto ret = d_gettag_ffi(¶m); if (ret) { @@ -852,6 +853,11 @@ void pdns_ffi_param_set_log_query(pdns_ffi_param_t* ref, bool logQuery) ref->logQuery = logQuery; } +void pdns_ffi_param_set_log_response(pdns_ffi_param_t* ref, bool logResponse) +{ + ref->logResponse = logResponse; +} + void pdns_ffi_param_set_rcode(pdns_ffi_param_t* ref, int rcode) { ref->rcode = rcode; diff --git a/pdns/lua-recursor4.hh b/pdns/lua-recursor4.hh index 91c01fc4ca..12a41b37dd 100644 --- a/pdns/lua-recursor4.hh +++ b/pdns/lua-recursor4.hh @@ -112,7 +112,7 @@ public: }; unsigned int gettag(const ComboAddress& remote, const Netmask& ednssubnet, const ComboAddress& local, const DNSName& qname, uint16_t qtype, std::vector* policyTags, LuaContext::LuaObject& data, const EDNSOptionViewMap&, bool tcp, std::string& requestorId, std::string& deviceId, std::string& deviceName) const; - unsigned int gettag_ffi(const ComboAddress& remote, const Netmask& ednssubnet, const ComboAddress& local, const DNSName& qname, uint16_t qtype, std::vector* policyTags, std::vector& records, LuaContext::LuaObject& data, const EDNSOptionViewMap& ednsOptions, bool tcp, std::string& requestorId, std::string& deviceId, std::string& deviceName, boost::optional& rcode, uint32_t& ttlCap, bool& variable, bool& logQuery, bool& followCNAMERecords) const; + unsigned int gettag_ffi(const ComboAddress& remote, const Netmask& ednssubnet, const ComboAddress& local, const DNSName& qname, uint16_t qtype, std::vector* policyTags, std::vector& records, LuaContext::LuaObject& data, const EDNSOptionViewMap& ednsOptions, bool tcp, std::string& requestorId, std::string& deviceId, std::string& deviceName, boost::optional& rcode, uint32_t& ttlCap, bool& variable, bool& logQuery, bool& logResponse, bool& followCNAMERecords) const; void maintenance() const; bool prerpz(DNSQuestion& dq, int& ret) const; diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index 7a5fb2d883..c0e3cc52ef 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -341,6 +341,7 @@ struct DNSComboWriter { bool d_ecsFound{false}; bool d_ecsParsed{false}; bool d_followCNAMERecords{false}; + bool d_logResponse{false}; bool d_tcp; }; @@ -1184,10 +1185,8 @@ static void startDoResolve(void *p) // Used to tell syncres later on if we should apply NSDNAME and NSIP RPZ triggers for this query bool wantsRPZ(true); boost::optional pbMessage(boost::none); - bool logResponse = false; #ifdef HAVE_PROTOBUF if (checkProtobufExport(luaconfsLocal)) { - logResponse = t_protobufServers && luaconfsLocal->protobufExportConfig.logResponses; Netmask requestorNM(dc->d_source, dc->d_source.sin4.sin_family == AF_INET ? luaconfsLocal->protobufMaskV4 : luaconfsLocal->protobufMaskV6); const ComboAddress& requestor = requestorNM.getMaskedNetwork(); pbMessage = RecProtoBufMessage(RecProtoBufMessage::Response, dc->d_uuid, &requestor, &dc->d_destination, dc->d_mdp.d_qname, dc->d_mdp.d_qtype, dc->d_mdp.d_qclass, dc->d_mdp.d_header.id, dc->d_tcp, 0); @@ -1269,7 +1268,7 @@ static void startDoResolve(void *p) DNSFilterEngine::Policy appliedPolicy; std::vector spoofed; - RecursorLua4::DNSQuestion dq(dc->d_source, dc->d_destination, dc->d_mdp.d_qname, dc->d_mdp.d_qtype, dc->d_tcp, variableAnswer, wantsRPZ, logResponse); + RecursorLua4::DNSQuestion dq(dc->d_source, dc->d_destination, dc->d_mdp.d_qname, dc->d_mdp.d_qtype, dc->d_tcp, variableAnswer, wantsRPZ, dc->d_logResponse); dq.ednsFlags = &edo.d_extFlags; dq.ednsOptions = &ednsOpts; dq.tag = dc->d_tag; @@ -1657,7 +1656,7 @@ static void startDoResolve(void *p) } #endif /* NOD_ENABLED */ #ifdef HAVE_PROTOBUF - if (t_protobufServers && logResponse && !(luaconfsLocal->protobufExportConfig.taggedOnly && (!appliedPolicy.d_name || appliedPolicy.d_name->empty()) && dc->d_policyTags.empty())) { + if (t_protobufServers && !(luaconfsLocal->protobufExportConfig.taggedOnly && (!appliedPolicy.d_name || appliedPolicy.d_name->empty()) && dc->d_policyTags.empty())) { pbMessage->setBytes(packet.size()); pbMessage->setResponseCode(pw.getHeader()->rcode); if (appliedPolicy.d_name) { @@ -1685,7 +1684,9 @@ static void startDoResolve(void *p) } } #endif /* NOD_ENABLED */ - protobufLogResponse(*pbMessage); + if (dc->d_logResponse) { + protobufLogResponse(*pbMessage); + } #ifdef NOD_ENABLED if (g_nodEnabled) { pbMessage->setNOD(false); @@ -2042,6 +2043,7 @@ static void handleRunningTCPQuestion(int fd, FDMultiplexer::funcparam_t& var) needECS = true; } logQuery = t_protobufServers && luaconfsLocal->protobufExportConfig.logQueries; + dc->d_logResponse = t_protobufServers && luaconfsLocal->protobufExportConfig.logResponses; #endif /* HAVE_PROTOBUF */ #ifdef HAVE_FSTRM @@ -2062,7 +2064,7 @@ static void handleRunningTCPQuestion(int fd, FDMultiplexer::funcparam_t& var) if(t_pdl) { try { if (t_pdl->d_gettag_ffi) { - dc->d_tag = t_pdl->gettag_ffi(dc->d_source, dc->d_ednssubnet.source, dc->d_destination, qname, qtype, &dc->d_policyTags, dc->d_records, dc->d_data, ednsOptions, true, requestorId, deviceId, deviceName, dc->d_rcode, dc->d_ttlCap, dc->d_variable, logQuery, dc->d_followCNAMERecords); + dc->d_tag = t_pdl->gettag_ffi(dc->d_source, dc->d_ednssubnet.source, dc->d_destination, qname, qtype, &dc->d_policyTags, dc->d_records, dc->d_data, ednsOptions, true, requestorId, deviceId, deviceName, dc->d_rcode, dc->d_ttlCap, dc->d_variable, logQuery, dc->d_logResponse, dc->d_followCNAMERecords); } else if (t_pdl->d_gettag) { dc->d_tag = t_pdl->gettag(dc->d_source, dc->d_ednssubnet.source, dc->d_destination, qname, qtype, &dc->d_policyTags, dc->d_data, ednsOptions, true, requestorId, deviceId, deviceName); @@ -2231,6 +2233,7 @@ static string* doProcessUDPQuestion(const std::string& question, const ComboAddr string deviceId; string deviceName; bool logQuery = false; + bool logResponse = false; #ifdef HAVE_PROTOBUF boost::uuids::uuid uniqueId; auto luaconfsLocal = g_luaconfs.getLocal(); @@ -2241,7 +2244,7 @@ static string* doProcessUDPQuestion(const std::string& question, const ComboAddr uniqueId = getUniqueID(); } logQuery = t_protobufServers && luaconfsLocal->protobufExportConfig.logQueries; - bool logResponse = t_protobufServers && luaconfsLocal->protobufExportConfig.logResponses; + logResponse = t_protobufServers && luaconfsLocal->protobufExportConfig.logResponses; #endif #ifdef HAVE_FSTRM checkFrameStreamExport(luaconfsLocal); @@ -2291,7 +2294,7 @@ static string* doProcessUDPQuestion(const std::string& question, const ComboAddr if(t_pdl) { try { if (t_pdl->d_gettag_ffi) { - ctag = t_pdl->gettag_ffi(source, ednssubnet.source, destination, qname, qtype, &policyTags, records, data, ednsOptions, false, requestorId, deviceId, deviceName, rcode, ttlCap, variable, logQuery, followCNAMEs); + ctag = t_pdl->gettag_ffi(source, ednssubnet.source, destination, qname, qtype, &policyTags, records, data, ednsOptions, false, requestorId, deviceId, deviceName, rcode, ttlCap, variable, logQuery, logResponse, followCNAMEs); } else if (t_pdl->d_gettag) { ctag = t_pdl->gettag(source, ednssubnet.source, destination, qname, qtype, &policyTags, data, ednsOptions, false, requestorId, deviceId, deviceName); @@ -2427,6 +2430,7 @@ static string* doProcessUDPQuestion(const std::string& question, const ComboAddr dc->d_variable = variable; dc->d_followCNAMERecords = followCNAMEs; dc->d_rcode = rcode; + dc->d_logResponse = logResponse; #ifdef HAVE_PROTOBUF if (t_protobufServers || t_outgoingProtobufServers) { dc->d_uuid = std::move(uniqueId);