From 3dd06bc70266dc5c2387654abc3c96cb59cc3668 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 17 Mar 2020 14:08:30 +0100
Subject: [PATCH] rec: Only account RPZ truncation actions over UDP

Since they will be ignored over TCP anyway.
---
 pdns/pdns_recursor.cc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index e399e779c6..bfaf00ba43 100644
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -1136,7 +1136,10 @@ enum class PolicyResult : uint8_t { NoAction, HaveAnswer, Drop };
 
 static PolicyResult handlePolicyHit(const DNSFilterEngine::Policy& appliedPolicy, const std::unique_ptr<DNSComboWriter>& dc, SyncRes& sr, int& res, vector<DNSRecord>& ret, DNSPacketWriter& pw)
 {
-  ++g_stats.policyResults[appliedPolicy.d_kind];
+  /* don't account truncate actions for TCP queries, since they are not applied */
+  if (appliedPolicy.d_kind != DNSFilterEngine::PolicyKind::Truncate || !dc->d_tcp) {
+    ++g_stats.policyResults[appliedPolicy.d_kind];
+  }
 
   switch (appliedPolicy.d_kind) {
 
-- 
2.47.2