| /src/external/bsd/unbound/dist/testdata/rpz_reload.tdir/ |
| rpz_reload.conf | 19 rpz:
20 name: "rpz.example.com"
21 zonefile: "rpz.example.com.zone"
22 rpz-action-override: cname
23 rpz-cname-override: "www.example.org"
24 rpz-log: yes
25 rpz-log-name: "example policy"
|
| /src/external/mpl/bind/dist/lib/dns/ |
| rpz.c | 1 /* $NetBSD: rpz.c,v 1.17 2026/01/29 18:37:50 christos Exp $ */
48 #include <dns/rpz.h>
54 #define DNS_RPZ_ZONE_VALID(rpz) ISC_MAGIC_VALID(rpz, DNS_RPZ_ZONE_MAGIC)
63 * for rpz-ip policies or policies triggered by addresses in A or
65 * The second set is for rpz-nsip policies or policies triggered by addresses
108 dns__rpz_timer_start(dns_rpz_zone_t *rpz);
199 rpz_add(dns_rpz_zone_t *rpz, const dns_name_t *src_name);
201 rpz_del(dns_rpz_zone_t *rpz, const dns_name_t *src_name);
239 FATAL_ERROR("impossible rpz type %d", type)
1565 dns_rpz_zone_t *rpz = NULL; local
1615 dns_rpz_zone_t *rpz = (dns_rpz_zone_t *)fn_arg; local
1738 dns_rpz_zone_t *rpz = arg; local
1750 dns_rpz_zone_t *rpz = (dns_rpz_zone_t *)data; local
1992 dns_rpz_zone_t *rpz = (dns_rpz_zone_t *)data; local
2028 dns_rpz_zone_t *rpz = (dns_rpz_zone_t *)arg; local
2112 dns_rpz_zone_t *rpz = NULL; local
[all...] |
| /src/external/bsd/unbound/dist/services/ |
| rpz.h | 2 * services/rpz.h - rpz service
39 * This file contains functions to enable RPZ service.
56 * RPZ triggers, only the QNAME trigger is currently supported in Unbound.
61 RPZ_CLIENT_IP_TRIGGER, /* rpz-client-ip */
62 RPZ_RESPONSE_IP_TRIGGER, /* rpz-ip */
63 RPZ_NSDNAME_TRIGGER, /* rpz-nsdname */
64 RPZ_NSIP_TRIGGER, /* rpz-nsip */
69 * RPZ actions.
74 RPZ_PASSTHRU_ACTION, /* CNAME rpz-passthru. *
111 struct rpz { struct
[all...] |
| rpz.c | 2 * services/rpz.c - rpz service
39 * This file contains functions to enable RPZ service.
43 #include "services/rpz.h"
66 /** string for RPZ action enum */
71 case RPZ_NXDOMAIN_ACTION: return "rpz-nxdomain";
72 case RPZ_NODATA_ACTION: return "rpz-nodata";
73 case RPZ_PASSTHRU_ACTION: return "rpz-passthru";
74 case RPZ_DROP_ACTION: return "rpz-drop";
75 case RPZ_TCP_ONLY_ACTION: return "rpz-tcp-only"
[all...] |
| authzone.h | 49 #include "services/rpz.h"
82 /** first auth zone containing rpz item in linked list */
84 /** rw lock for rpz linked list, needed when iterating or editing linked
138 /** RPZ zones */
139 struct rpz* rpz; member in struct:auth_zone
152 /** next auth zone containing RPZ data, or NULL */
154 /** previous auth zone containing RPZ data, or NULL */
490 * @param is_rpz: set to 1 if at least one RPZ zone is configured.
|
| /src/external/mpl/dhcp/bind/dist/lib/dns/ |
| rpz.c | 1 /* $NetBSD: rpz.c,v 1.1 2024/02/18 20:57:33 christos Exp $ */
44 #include <dns/rpz.h>
53 * for rpz-ip policies or policies triggered by addresses in A or
55 * The second set is for rpz-nsip policies or policies triggered by addresses
99 dns_rpz_update_from_db(dns_rpz_zone_t *rpz);
197 "rpz hit failed: %s %s", str, tgt);
218 FATAL_ERROR(__FILE__, __LINE__, "impossible rpz type %d", type);
572 "computed RPZ qname_skip_recurse mask=0x%" PRIx64,
678 * bin/tests/system/rpz/tests.sh looks for "invalid rpz"
820 dns_rpz_zone_t *rpz; local
1005 dns_rpz_zone_t *rpz; local
1815 dns_rpz_zone_t *rpz = NULL; local
1918 dns_rpz_zone_t *rpz = NULL; local
2166 dns_rpz_zone_t *rpz; local
2270 dns_rpz_zone_t *rpz = rpzs->zones[rpz_num]; local
2340 dns_rpz_zone_t *rpz; local
2550 dns_rpz_zone_t *rpz; local
[all...] |
| /src/external/mpl/bind/dist/bin/tests/system/rpz/ |
| setup.sh | 38 cp ns3/manual-update-rpz.db.in ns3/manual-update-rpz.db
39 cp ns8/manual-update-rpz.db.in ns8/manual-update-rpz.db
44 cp ns3/mixed-case-rpz-1.db.in ns3/mixed-case-rpz.db
47 cp ns3/slow-rpz.db.in ns3/slow-rpz.db
68 cat <<EOF >ns5/rpz-switch
107 ns1.x.rpz-nsdname CNAME
[all...] |
| tests.sh | 16 # test response policy zones (RPZ)
19 # touch dnsrps-only to not test with classic RPZ
216 # $2 rebuild bl rpz zones if "rebuild-bl-rpz"
232 if [ "$2" = "rebuild-bl-rpz" ]; then
257 restart $CKALIVE_NS "rebuild-bl-rpz"
571 msg='rpz IP address "128.2.0.0.0.0.3.2.2001" is not the canonical "128.2.zz.3.2.2001"'
717 # This is not a bug, because any data leaked by writing 24.4.3.2.10.rpz-ip
720 # nxdomain 32.3.2.1.127.rpz-ip
733 # restart the main test RPZ server to see if that creates a core fil
[all...] |
| /src/external/bsd/unbound/dist/testdata/fast_reload_most_options.tdir/ |
| fast_reload_most_options.conf | 134 rpz:
135 name: "rpz.nlnetlabs.nl"
136 zonefile: "rpz.nlnetlabs.nl.zone"
137 rpz-action-override: cname
138 rpz-cname-override: www.example.org
139 rpz-log: yes
140 rpz-log-name: "example policy"
141 rpz-signal-nxdomain-ra: no
|
| /src/external/mpl/bind/dist/lib/dns/include/dns/ |
| dnsrps.h | 28 #include <dns/rpz.h>
40 * dns_rpsdb_t holds the state for a set of RPZ queries.
42 * rpsnode_t is a link to the dns_rpsdb_t for the set of RPZ queries
64 * Convert a dnsrps policy to a classic BIND9 RPZ policy.
70 * Convert a dnsrps trigger to a classic BIND9 RPZ rewrite or trigger type.
76 * Convert a classic BIND9 RPZ rewrite or trigger type to a librpz trigger type.
|
| rpz.h | 1 /* $NetBSD: rpz.h,v 1.13 2026/01/29 18:37:51 christos Exp $ */
38 #define DNS_RPZ_PREFIX "rpz-"
236 * RPZ policy version number.
309 dns_rpz_zone_t *rpz; member in struct:__anon24023::__anon24024
348 * A copy of the 'have' and 'p' structures and the RPZ
349 * policy version as of the beginning of RPZ processing,
351 * RPZ recursion is ongoing.
402 dns_rpz_decode_cname(dns_rpz_zone_t *rpz, dns_rdataset_t *rdataset,
416 dns_rpz_dbupdate_unregister(dns_db_t *db, dns_rpz_zone_t *rpz);
418 dns_rpz_dbupdate_register(dns_db_t *db, dns_rpz_zone_t *rpz);
[all...] |
| /src/external/mpl/dhcp/bind/dist/lib/dns/include/dns/ |
| dnsrps.h | 29 #include <dns/rpz.h>
41 * rpsdb_t holds the state for a set of RPZ queries.
43 * rpsnode_t is a link to the rpsdb_t for the set of RPZ queries
64 * Convert a dnsrps policy to a classic BIND9 RPZ policy.
70 * Convert a dnsrps trigger to a classic BIND9 RPZ rewrite or trigger type.
76 * Convert a classic BIND9 RPZ rewrite or trigger type to a librpz trigger type.
|
| rpz.h | 1 /* $NetBSD: rpz.h,v 1.1 2024/02/18 20:57:38 christos Exp $ */
37 #define DNS_RPZ_PREFIX "rpz-"
224 * RPZ policy version number.
300 dns_rpz_zone_t *rpz; member in struct:__anon24276::__anon24277
339 * A copy of the 'have' and 'p' structures and the RPZ
340 * policy version as of the beginning of RPZ processing,
342 * RPZ recursion is ongoing.
390 dns_rpz_decode_cname(dns_rpz_zone_t *rpz, dns_rdataset_t *rdataset,
|
| /src/external/mpl/bind/dist/bin/tests/system/rpz/ns9/ |
| named.conf.j2 | 15 * DNS64 / RPZ server.
36 zone "rpz";
45 logging { category rpz { default_debug; }; };
58 zone "rpz." {
60 file "rpz.db";
|
| /src/external/mpl/bind/dist/bin/tests/system/rpz/ns6/ |
| named.conf.j2 | 43 logging { category rpz { default_debug; }; };
|
| /src/external/mpl/bind/dist/bin/tests/system/rpz/ns7/ |
| named.conf.j2 | 39 logging { category rpz { default_debug; }; };
|
| /src/external/mpl/bind/dist/bin/tests/system/rpz/ns8/ |
| named.conf.j2 | 15 * Main rpz test DNS server.
35 zone "manual-update-rpz";
51 logging { category rpz { default_debug; }; };
64 zone "manual-update-rpz." {
66 file "manual-update-rpz.db";
|
| /src/external/mpl/bind/dist/bin/tests/system/rpzextra/ns3/ |
| named.conf.j2 | 37 zone "rpz-extra.local";
51 file "rpz.txt" versions 3 size 20m;
58 category rpz { rpz_log; default_debug; };
59 category rpz-passthru { rpz_passthru; default_debug; };
68 zone "rpz.local" {
70 file "first-rpz.local.db";
75 zone "rpz.local";
85 zone "rpz-external.local" {
88 file "second-rpz-external.local.db";
92 zone "rpz-external.local"
[all...] |
| /src/external/mpl/bind/dist/bin/tests/system/rpzrecurse/ |
| testgen.pl | 58 return "32.1.0.0.127.rpz-client-ip CNAME .\n";
67 return "32.255.255.255.255.rpz-ip CNAME .\n";
71 return "ns.example.org.rpz-nsdname CNAME .\n";
75 return "32.255.255.255.255.rpz-ip CNAME .\n";
270 32.1.0.0.127.rpz-client-ip CNAME .
274 32.255.255.255.255.rpz-ip CNAME .
276 ns.example.org.rpz-nsdname CNAME .
278 32.255.255.255.255.rpz-nsip CNAME .
|
| /src/external/bsd/unbound/dist/testdata/acl_interface.tdir/ |
| acl_interface.conf | 8 module-config: "respip validator iterator" # respip for the RPZ part
11 define-tag: "one two refuse rpz-one rpz-two rpz-nx"
43 interface-tag: @IPV4_ADDR@@@PORT_RPZ_1@ "rpz-one"
44 interface-tag: @IPV4_ADDR@@@PORT_RPZ_2@ "rpz-two"
45 interface-tag: @IPV4_ADDR@@@PORT_RPZ_NX@ "rpz-nx"
86 interface-tag: @IPV6_ADDR@@@PORT_RPZ_1@ "rpz-one"
87 interface-tag: @IPV6_ADDR@@@PORT_RPZ_2@ "rpz-two"
88 interface-tag: @IPV6_ADDR@@@PORT_RPZ_NX@ "rpz-nx
[all...] |
| /src/external/mpl/bind/dist/bin/tests/system/rpz/ns5/ |
| named.conf.j2 | 15 * Test rpz performance.
36 # turn rpz on or off
37 include "rpz-switch";
|
| /src/external/mpl/bind/dist/lib/ns/include/ns/ |
| query.h | 28 #include <dns/rpz.h>
202 bool dns64, dns64_exclude, rpz; member in struct:query_ctx
207 bool nxrewrite; /* negative answer from RPZ */
230 dns_rpz_st_t *rpz_st; /* RPZ state */
|
| /src/external/bsd/unbound/lib/libunbound/ |
| Makefile | 77 rpz.c \
|
| /src/external/mpl/bind/dist/lib/ns/ |
| query.c | 399 * DNS64, RPZ, RRL, and the SERVFAIL cache. It also doesn't discuss
1309 /* It's possible to have a separate log channel for rpz passthru. */
1336 * bin/tests/system/rpz/tests.sh looks for "rpz.*failed" for problems.
1366 level, "rpz %s%s%s rewrite %s%s%s%s%s%s%s", rpztypestr1,
1409 "try rpz %s rewrite %s via %s",
3052 * the earliest configured policy zone (rpz->num)
3060 zbits &= DNS_RPZ_ZMASK(st->m.rpz->num);
3062 zbits &= DNS_RPZ_ZMASK(st->m.rpz->num) >> 1;
3121 CTRACE(ISC_LOG_ERROR, "RPZ recursing")
3769 dns_rpz_zone_t *rpz; local
4095 dns_rpz_zone_t *rpz; local
[all...] |
| /src/external/mpl/bind/dist/bin/tests/system/rpz/ns3/ |
| named.conf.j2 | 15 * Main rpz test DNS server.
54 zone "manual-update-rpz" ede forged;
55 zone "mixed-case-rpz";
58 zone "slow-rpz";
75 logging { category rpz { default_debug; }; };
121 zone "manual-update-rpz." {
123 file "manual-update-rpz.db";
127 zone "mixed-case-rpz." {
129 file "mixed-case-rpz.db";
133 zone "slow-rpz."
[all...] |
