--- /dev/null
+/*
+ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+// NS2
+
+controls { /* empty */ };
+
+options {
+ query-source address 10.53.0.2;
+ notify-source 10.53.0.2;
+ transfer-source 10.53.0.2;
+ port 5300;
+ pid-file "named.pid";
+ listen-on { 10.53.0.2; };
+ listen-on-v6 { none; };
+ recursion no;
+ geoip-directory "../data";
+};
+
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+controls {
+ inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; };
+};
+
+acl gAU { geoip db country country AU; };
+acl gUS { geoip db country country US; };
+acl gGB { geoip db country country GB; };
+acl gCA { geoip db country country CA; };
+acl gCL { geoip db country country CL; };
+acl gDE { geoip db country country DE; };
+acl gEH { geoip db country country EH; };
+
+view one {
+ match-clients { gAU; };
+ zone "example" {
+ type master;
+ file "example1.db";
+ };
+};
+
+view two {
+ match-clients { gUS; };
+ zone "example" {
+ type master;
+ file "example2.db";
+ };
+};
+
+view three {
+ match-clients { gGB; };
+ zone "example" {
+ type master;
+ file "example3.db";
+ };
+};
+
+view four {
+ match-clients { gCA; };
+ zone "example" {
+ type master;
+ file "example4.db";
+ };
+};
+
+view five {
+ match-clients { gCL; };
+ zone "example" {
+ type master;
+ file "example5.db";
+ };
+};
+
+view six {
+ match-clients { gDE; };
+ zone "example" {
+ type master;
+ file "example6.db";
+ };
+};
+
+view seven {
+ match-clients { gEH; };
+ zone "example" {
+ type master;
+ file "example7.db";
+ };
+};
+
+view none {
+ match-clients { any; };
+ zone "example" {
+ type master;
+ file "example.db.in";
+ };
+};
DIGOPTS="+tcp +short -p 5300 @10.53.0.2"
n=`expr $n + 1`
-echo "I:checking GeoIP country database by code"
+echo "I:checking GeoIP country database by code ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP country database by three-letter code"
+echo "I:checking GeoIP country database by three-letter code ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP country database by name"
+echo "I:checking GeoIP country database by name ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP region code, no specified database"
+echo "I:checking GeoIP region code, no specified database ($n)"
ret=0
lret=0
# skipping 2 on purpose here; it has the same region code as 1
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP region database by region name and country code"
+echo "I:checking GeoIP region database by region name and country code ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP city database by city name"
+echo "I:checking GeoIP city database by city name ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP isp database"
+echo "I:checking GeoIP isp database ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP org database"
+echo "I:checking GeoIP org database ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP asnum database"
+echo "I:checking GeoIP asnum database ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP domain database"
+echo "I:checking GeoIP domain database ($n)"
ret=0
lret=0
for i in 1 2 3 4 5 6 7; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP netspeed database"
+echo "I:checking GeoIP netspeed database ($n)"
ret=0
lret=0
for i in 1 2 3 4; do
sleep 3
n=`expr $n + 1`
-echo "I:checking GeoIP blackhole ACL"
+echo "I:checking GeoIP blackhole ACL ($n)"
ret=0
$DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 status 2>&1 > rndc.out.ns2.test$n || ret=1
[ $ret -eq 0 ] || echo "I:failed"
status=`expr $status + $ret`
+echo "I:reloading server"
+cp -f ns2/named13.conf ns2/named.conf
+$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
+sleep 3
+
+n=`expr $n + 1`
+echo "I:checking GeoIP country database by code (using nested ACLs) ($n)"
+ret=0
+lret=0
+for i in 1 2 3 4 5 6 7; do
+ $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1
+ j=`cat dig.out.ns2.test$n.$i | tr -d '"'`
+ [ "$i" = "$j" ] || lret=1
+ [ $lret -eq 1 ] && break
+done
+[ $lret -eq 1 ] && ret=1
+[ $ret -eq 0 ] || echo "I:failed"
+status=`expr $status + $ret`
+
echo "I:exit status: $status"
exit $status
static isc_result_t
parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx,
- cfg_aclconfctx_t *ctx, dns_aclelement_t *de)
+ cfg_aclconfctx_t *ctx, dns_aclelement_t *dep)
{
const cfg_obj_t *ge;
const char *dbname = NULL;
const char *stype, *search;
dns_geoip_subtype_t subtype;
+ dns_aclelement_t de;
+
+ REQUIRE(dep != NULL);
+
+ de = *dep;
ge = cfg_tuple_get(obj, "db");
if (!cfg_obj_isvoid(ge))
if (strcasecmp(stype, "country") == 0 && strlen(search) == 2) {
/* Two-letter country code */
subtype = dns_geoip_countrycode;
- strncpy(de->geoip_elem.as_string, search, 2);
+ strncpy(de.geoip_elem.as_string, search, 2);
} else if (strcasecmp(stype, "country") == 0 && strlen(search) == 3) {
/* Three-letter country code */
subtype = dns_geoip_countrycode3;
- strncpy(de->geoip_elem.as_string, search, 3);
+ strncpy(de.geoip_elem.as_string, search, 3);
} else if (strcasecmp(stype, "country") == 0) {
/* Country name */
subtype = dns_geoip_countryname;
- strncpy(de->geoip_elem.as_string, search, 255);
+ strncpy(de.geoip_elem.as_string, search, 255);
} else if (strcasecmp(stype, "region") == 0 && strlen(search) == 2) {
/* Two-letter region code */
subtype = dns_geoip_region;
- strncpy(de->geoip_elem.as_string, search, 2);
+ strncpy(de.geoip_elem.as_string, search, 2);
} else if (strcasecmp(stype, "region") == 0) {
/* Region name */
subtype = dns_geoip_regionname;
- strncpy(de->geoip_elem.as_string, search, 255);
+ strncpy(de.geoip_elem.as_string, search, 255);
} else if (strcasecmp(stype, "city") == 0) {
/* City name */
subtype = dns_geoip_city_name;
- strncpy(de->geoip_elem.as_string, search, 255);
+ strncpy(de.geoip_elem.as_string, search, 255);
} else if (strcasecmp(stype, "postal") == 0 && strlen(search) < 7) {
subtype = dns_geoip_city_postalcode;
- strncpy(de->geoip_elem.as_string, search, 6);
- de->geoip_elem.as_string[6] = '\0';
+ strncpy(de.geoip_elem.as_string, search, 6);
+ de.geoip_elem.as_string[6] = '\0';
} else if (strcasecmp(stype, "metro") == 0) {
subtype = dns_geoip_city_metrocode;
- de->geoip_elem.as_int = atoi(search);
+ de.geoip_elem.as_int = atoi(search);
} else if (strcasecmp(stype, "area") == 0) {
subtype = dns_geoip_city_areacode;
- de->geoip_elem.as_int = atoi(search);
+ de.geoip_elem.as_int = atoi(search);
} else if (strcasecmp(stype, "tz") == 0) {
subtype = dns_geoip_city_timezonecode;
- strncpy(de->geoip_elem.as_string, search, 255);
+ strncpy(de.geoip_elem.as_string, search, 255);
} else if (strcasecmp(stype, "continent") == 0 && strlen(search) == 2) {
/* Two-letter continent code */
subtype = dns_geoip_city_continentcode;
- strncpy(de->geoip_elem.as_string, search, 2);
+ strncpy(de.geoip_elem.as_string, search, 2);
} else if (strcasecmp(stype, "isp") == 0) {
subtype = dns_geoip_isp_name;
- strncpy(de->geoip_elem.as_string, search, 255);
+ strncpy(de.geoip_elem.as_string, search, 255);
} else if (strcasecmp(stype, "asnum") == 0) {
subtype = dns_geoip_as_asnum;
- strncpy(de->geoip_elem.as_string, search, 255);
+ strncpy(de.geoip_elem.as_string, search, 255);
} else if (strcasecmp(stype, "org") == 0) {
subtype = dns_geoip_org_name;
- strncpy(de->geoip_elem.as_string, search, 255);
+ strncpy(de.geoip_elem.as_string, search, 255);
} else if (strcasecmp(stype, "domain") == 0) {
subtype = dns_geoip_domain_name;
- strncpy(de->geoip_elem.as_string, search, 255);
+ strncpy(de.geoip_elem.as_string, search, 255);
} else if (strcasecmp(stype, "netspeed") == 0) {
subtype = dns_geoip_netspeed_id;
- de->geoip_elem.as_int = atoi(search);
+ de.geoip_elem.as_int = atoi(search);
} else
INSIST(0);
- de->geoip_elem.subtype = get_subtype(obj, lctx, subtype, dbname);
+ de.geoip_elem.subtype = get_subtype(obj, lctx, subtype, dbname);
- if (! geoip_can_answer(de, ctx)) {
+ if (! geoip_can_answer(&de, ctx)) {
cfg_obj_log(obj, lctx, ISC_LOG_ERROR,
"no GeoIP database installed which can answer "
"queries of type '%s'", stype);
return (ISC_R_FAILURE);
}
+ *dep = de;
+
return (ISC_R_SUCCESS);
}
#endif
projects / thirdparty / bind9.git / commitdiff
