From 695c90e8cf8bcc183223559484eec48cccd28c4c Mon Sep 17 00:00:00 2001 From: Francis Dupont Date: Wed, 15 Oct 2025 15:50:50 +0200 Subject: [PATCH] [#3140] [4127] Added lease query hook --- src/hooks/dhcp/lease_query/lease_query_callouts.cc | 5 +++++ src/hooks/dhcp/lease_query/lease_query_impl4.cc | 2 ++ src/hooks/dhcp/lease_query/lease_query_impl6.cc | 2 ++ .../lease_query/tests/lease_query_impl4_unittest.cc | 12 +++++++++++- .../lease_query/tests/lease_query_impl6_unittest.cc | 12 +++++++++++- 5 files changed, 31 insertions(+), 2 deletions(-) diff --git a/src/hooks/dhcp/lease_query/lease_query_callouts.cc b/src/hooks/dhcp/lease_query/lease_query_callouts.cc index 573082a7f0..d336116151 100644 --- a/src/hooks/dhcp/lease_query/lease_query_callouts.cc +++ b/src/hooks/dhcp/lease_query/lease_query_callouts.cc @@ -230,6 +230,11 @@ int buffer6_receive(CalloutHandle& handle) { DHCP6_LEASE_QUERY_PROCESS_FAILED) .arg(LeaseQueryImpl6::leaseQueryLabel(query)) .arg(ex.what()); + + StatsMgr::instance().addValue("pkt6-receive-drop", + static_cast(1)); + handle.setStatus(CalloutHandle::NEXT_STEP_DROP); + return (0); } // We always set status to DROP as the query has been handled. diff --git a/src/hooks/dhcp/lease_query/lease_query_impl4.cc b/src/hooks/dhcp/lease_query/lease_query_impl4.cc index c901e0ef30..02932311ba 100644 --- a/src/hooks/dhcp/lease_query/lease_query_impl4.cc +++ b/src/hooks/dhcp/lease_query/lease_query_impl4.cc @@ -61,6 +61,8 @@ LeaseQueryImpl4::processQuery(PktPtr base_query) const { } if (!isRequester(requester_ip)) { + StatsMgr::instance().addValue("pkt4-admin-filtered", + static_cast(1)); isc_throw(BadValue, "rejecting query from unauthorized requester: " << requester_ip.toText()); } diff --git a/src/hooks/dhcp/lease_query/lease_query_impl6.cc b/src/hooks/dhcp/lease_query/lease_query_impl6.cc index 6d72f6e201..5808c1306e 100644 --- a/src/hooks/dhcp/lease_query/lease_query_impl6.cc +++ b/src/hooks/dhcp/lease_query/lease_query_impl6.cc @@ -115,6 +115,8 @@ LeaseQueryImpl6::processQuery(PktPtr base_query) const { if (!isRequester(requester_ip)) { // RFC 5007 says we may discard or return STATUS_NotAllowed + StatsMgr::instance().addValue("pkt6-admin-filtered", + static_cast(1)); isc_throw(BadValue, "rejecting DHCPV6_LEASEQUERY from unauthorized requester: " << requester_ip.toText()); diff --git a/src/hooks/dhcp/lease_query/tests/lease_query_impl4_unittest.cc b/src/hooks/dhcp/lease_query/tests/lease_query_impl4_unittest.cc index ab5645ac59..50869ecda6 100644 --- a/src/hooks/dhcp/lease_query/tests/lease_query_impl4_unittest.cc +++ b/src/hooks/dhcp/lease_query/tests/lease_query_impl4_unittest.cc @@ -15,8 +15,9 @@ #include #include #include -#include +#include #include +#include #include #include @@ -28,6 +29,7 @@ using namespace isc::data; using namespace isc::dhcp; using namespace isc::dhcp::test; using namespace isc::lease_query; +using namespace isc::stats; using namespace isc::util; namespace { @@ -643,11 +645,19 @@ TEST(LeaseQueryImpl4Test, processQueryInvalidQuery) { ASSERT_THROW_MSG(impl->processQuery(lq), BadValue, "giaddr cannot be 0.0.0.0"); + // Set the pkt4-admin-filtered stat to 0. + StatsMgr::instance().setValue("pkt4-admin-filtered", static_cast(0)); + // An unknown giaddr should fail. lq->setGiaddr(IOAddress("192.0.2.2")); ASSERT_THROW_MSG(impl->processQuery(lq), BadValue, "rejecting query from unauthorized requester: 192.0.2.2"); + // Check the stat which was bumped by one. + ObservationPtr stat = StatsMgr::instance().getObservation("pkt4-admin-filtered"); + ASSERT_TRUE(stat); + EXPECT_EQ(1, stat->getInteger().first); + // Now we'll iterate over all invalid combinations of ciaddr, HWAddr, client id. struct Scenario { const std::string description_; diff --git a/src/hooks/dhcp/lease_query/tests/lease_query_impl6_unittest.cc b/src/hooks/dhcp/lease_query/tests/lease_query_impl6_unittest.cc index b78e77a8c5..62a072ca1b 100644 --- a/src/hooks/dhcp/lease_query/tests/lease_query_impl6_unittest.cc +++ b/src/hooks/dhcp/lease_query/tests/lease_query_impl6_unittest.cc @@ -18,8 +18,9 @@ #include #include #include -#include +#include #include +#include #include #include @@ -33,6 +34,7 @@ using namespace isc::data; using namespace isc::dhcp; using namespace isc::dhcp::test; using namespace isc::lease_query; +using namespace isc::stats; using namespace isc::test; using namespace isc::util; @@ -704,6 +706,9 @@ TEST_F(MemfileLeaseQueryImpl6ProcessTest, processQueryInvalidQuery) { ASSERT_THROW_MSG(impl->processQuery(lq), BadValue, "DHCPV6_LEASEQUERY source address cannot be ::"); + // Set the pkt6-admin-filtered stat to 0. + StatsMgr::instance().setValue("pkt6-admin-filtered", static_cast(0)); + // Set source address to an unknown requester address. lq->setRemoteAddr(IOAddress("de:ad:be:ef::")); @@ -711,6 +716,11 @@ TEST_F(MemfileLeaseQueryImpl6ProcessTest, processQueryInvalidQuery) { ASSERT_THROW_MSG(impl->processQuery(lq), BadValue, "rejecting DHCPV6_LEASEQUERY from unauthorized requester: de:ad:be:ef::"); + // Check the stat which was bumped by one. + ObservationPtr stat = StatsMgr::instance().getObservation("pkt6-admin-filtered"); + ASSERT_TRUE(stat); + EXPECT_EQ(1, stat->getInteger().first); + // Set source address to a known requester address. lq->setRemoteAddr(IOAddress("2001:db8:2::1")); -- 2.47.3