From 78f1d7b517794ea94b44aefdf8064c9700f3690e Mon Sep 17 00:00:00 2001 From: Pieter Lexis Date: Tue, 13 Apr 2021 12:08:57 +0200 Subject: [PATCH] auth: Add counter for EDNS Cookies --- pdns/common_startup.cc | 6 ++++++ pdns/tcpreceiver.cc | 5 ++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc index a7c8bb30ba..3c2bee68eb 100644 --- a/pdns/common_startup.cc +++ b/pdns/common_startup.cc @@ -318,6 +318,7 @@ void declareStats() { S.declare("udp-queries","Number of UDP queries received"); S.declare("udp-do-queries","Number of UDP queries received with DO bit"); + S.declare("udp-cookie-queries", "Number of UDP queries received with the COOKIE EDNS option"); S.declare("udp-answers","Number of answers sent out over UDP"); S.declare("udp-answers-bytes","Total size of answers sent out over UDP"); S.declare("udp4-answers-bytes","Total size of answers sent out over UDPv4"); @@ -336,6 +337,7 @@ void declareStats() S.declare("corrupt-packets","Number of corrupt packets received"); S.declare("signatures", "Number of DNSSEC signatures made"); S.declare("tcp-queries","Number of TCP queries received"); + S.declare("tcp-cookie-queries","Number of TCP queries received with the COOKIE option"); S.declare("tcp-answers","Number of answers sent out over TCP"); S.declare("tcp-answers-bytes","Total size of answers sent out over TCP"); S.declare("tcp4-answers-bytes","Total size of answers sent out over TCPv4"); @@ -432,6 +434,7 @@ try AtomicCounter &numreceived=*S.getPointer("udp-queries"); AtomicCounter &numreceiveddo=*S.getPointer("udp-do-queries"); + AtomicCounter &numreceivedcookie=*S.getPointer("udp-cookie-queries"); AtomicCounter &numreceived4=*S.getPointer("udp4-queries"); @@ -476,6 +479,9 @@ try if(question.d_dnssecOk) numreceiveddo++; + if(question.hasEDNSCookie()) + numreceivedcookie++; + if(question.d.qr) continue; diff --git a/pdns/tcpreceiver.cc b/pdns/tcpreceiver.cc index aa381b8fe9..9670c9a8bc 100644 --- a/pdns/tcpreceiver.cc +++ b/pdns/tcpreceiver.cc @@ -350,7 +350,10 @@ void TCPNameserver::doConnection(int fd) packet->setSocket(fd); if(packet->parse(mesg.get(), pktlen)<0) break; - + + if (packet->hasEDNSCookie()) + S.inc("tcp-cookie-queries"); + if(packet->qtype.getCode()==QType::AXFR) { doAXFR(packet->qdomain, packet, fd); continue; -- 2.47.3