Home | History | Annotate | Line # | Download | only in testdata
iter_privaddr.rpl revision 1.1.1.2 
      1 ; config options
      2 server:
      3 	target-fetch-policy: "0 0 0 0 0"
      4 	qname-minimisation: "no"
      5 
      6 	private-address: 10.0.0.0/8
      7 	private-address: 172.16.0.0/12
      8 	private-address: 192.168.0.0/16
      9 	private-address: 169.254.0.0/16
     10 	private-address: fd00::/8
     11 	private-address: fe80::/10
     12 
     13 	private-domain: "example.net"
     14 
     15 stub-zone:
     16 	name: "."
     17 	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
     18 
     19 CONFIG_END
     20 
     21 SCENARIO_BEGIN Test iterator scrubber with private addresses.
     22 
     23 ; K.ROOT-SERVERS.NET.
     24 RANGE_BEGIN 0 100
     25 	ADDRESS 193.0.14.129 
     26 ENTRY_BEGIN
     27 MATCH opcode qtype qname
     28 ADJUST copy_id
     29 REPLY QR NOERROR
     30 SECTION QUESTION
     31 . IN NS
     32 SECTION ANSWER
     33 . IN NS	K.ROOT-SERVERS.NET.
     34 SECTION ADDITIONAL
     35 K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
     36 ENTRY_END
     37 
     38 ENTRY_BEGIN
     39 MATCH opcode subdomain
     40 ADJUST copy_id copy_query
     41 REPLY QR NOERROR
     42 SECTION QUESTION
     43 com. IN A
     44 SECTION AUTHORITY
     45 com.	IN NS	a.gtld-servers.net.
     46 SECTION ADDITIONAL
     47 a.gtld-servers.net.	IN 	A	192.5.6.30
     48 ENTRY_END
     49 
     50 ; root server authoritative for example.net too.
     51 ENTRY_BEGIN
     52 MATCH opcode qtype qname
     53 ADJUST copy_id
     54 REPLY QR NOERROR
     55 SECTION QUESTION
     56 mail.example.net. IN A
     57 SECTION ANSWER
     58 mail.example.net. IN A 10.20.30.40
     59 ENTRY_END
     60 RANGE_END
     61 
     62 ; a.gtld-servers.net.
     63 RANGE_BEGIN 0 100
     64 	ADDRESS 192.5.6.30
     65 ENTRY_BEGIN
     66 MATCH opcode qtype qname
     67 ADJUST copy_id
     68 REPLY QR NOERROR
     69 SECTION QUESTION
     70 com. IN NS
     71 SECTION ANSWER
     72 com.	IN NS	a.gtld-servers.net.
     73 SECTION ADDITIONAL
     74 a.gtld-servers.net.	IN 	A	192.5.6.30
     75 ENTRY_END
     76 
     77 ENTRY_BEGIN
     78 MATCH opcode subdomain
     79 ADJUST copy_id copy_query
     80 REPLY QR NOERROR
     81 SECTION QUESTION
     82 example.com. IN A
     83 SECTION AUTHORITY
     84 example.com.	IN NS	ns.example.com.
     85 SECTION ADDITIONAL
     86 ns.example.com.		IN 	A	1.2.3.4
     87 ENTRY_END
     88 RANGE_END
     89 
     90 ; ns.example.com.
     91 RANGE_BEGIN 0 100
     92 	ADDRESS 1.2.3.4
     93 ENTRY_BEGIN
     94 MATCH opcode qtype qname
     95 ADJUST copy_id
     96 REPLY QR NOERROR
     97 SECTION QUESTION
     98 example.com. IN NS
     99 SECTION ANSWER
    100 example.com.	IN NS	ns.example.com.
    101 SECTION ADDITIONAL
    102 ns.example.com.		IN 	A	1.2.3.4
    103 ENTRY_END
    104 
    105 ENTRY_BEGIN
    106 MATCH opcode qtype qname
    107 ADJUST copy_id
    108 REPLY QR NOERROR
    109 SECTION QUESTION
    110 ns.example.com. IN A
    111 SECTION ANSWER
    112 ns.example.com.		IN 	A	1.2.3.4
    113 SECTION AUTHORITY
    114 example.com.	IN NS	ns.example.com.
    115 ENTRY_END
    116 
    117 ENTRY_BEGIN
    118 MATCH opcode qtype qname
    119 ADJUST copy_id
    120 REPLY QR NOERROR
    121 SECTION QUESTION
    122 ns.example.com. IN AAAA
    123 SECTION ANSWER
    124 ENTRY_END
    125 
    126 ENTRY_BEGIN
    127 MATCH opcode qtype qname
    128 ADJUST copy_id
    129 REPLY QR NOERROR
    130 SECTION QUESTION
    131 www.example.com. IN A
    132 SECTION ANSWER
    133 www.example.com. IN A	192.20.30.40
    134 SECTION AUTHORITY
    135 example.com.	IN NS	ns.example.com.
    136 SECTION ADDITIONAL
    137 ns.example.com.		IN 	A	1.2.3.4
    138 ENTRY_END
    139 
    140 ENTRY_BEGIN
    141 MATCH opcode qtype qname
    142 ADJUST copy_id
    143 REPLY QR NOERROR
    144 SECTION QUESTION
    145 mail.example.com. IN AAAA
    146 SECTION ANSWER
    147 mail.example.com. IN AAAA fe80::15
    148 SECTION AUTHORITY
    149 example.com.	IN NS	ns.example.com.
    150 SECTION ADDITIONAL
    151 ns.example.com.		IN 	A	1.2.3.4
    152 ENTRY_END
    153 
    154 ENTRY_BEGIN
    155 MATCH opcode qtype qname
    156 ADJUST copy_id
    157 REPLY QR NOERROR
    158 SECTION QUESTION
    159 foo.example.com. IN A
    160 SECTION ANSWER
    161 foo.example.com. IN A	10.20.30.40
    162 SECTION AUTHORITY
    163 example.com.	IN NS	ns.example.com.
    164 SECTION ADDITIONAL
    165 ns.example.com.		IN 	A	1.2.3.4
    166 ENTRY_END
    167 
    168 ENTRY_BEGIN
    169 MATCH opcode qtype qname
    170 ADJUST copy_id
    171 REPLY QR NOERROR
    172 SECTION QUESTION
    173 toss.example.com. IN A
    174 SECTION ANSWER
    175 toss.example.com. IN A	10.20.30.40
    176 toss.example.com. IN A	1.2.3.4
    177 toss.example.com. IN A	10.20.30.41
    178 SECTION AUTHORITY
    179 example.com.	IN NS	ns.example.com.
    180 SECTION ADDITIONAL
    181 ns.example.com.		IN 	A	1.2.3.4
    182 ENTRY_END
    183 RANGE_END
    184 
    185 ; public address is not scrubbed
    186 STEP 1 QUERY
    187 ENTRY_BEGIN
    188 REPLY RD
    189 SECTION QUESTION
    190 www.example.com. IN A
    191 ENTRY_END
    192 
    193 ; recursion happens here.
    194 STEP 2 CHECK_ANSWER
    195 ENTRY_BEGIN
    196 MATCH all
    197 REPLY QR RD RA NOERROR
    198 SECTION QUESTION
    199 www.example.com. IN A
    200 SECTION ANSWER
    201 www.example.com. IN A	192.20.30.40
    202 SECTION AUTHORITY
    203 example.com.	IN NS	ns.example.com.
    204 SECTION ADDITIONAL
    205 ns.example.com.		IN 	A	1.2.3.4
    206 ENTRY_END
    207 
    208 ; IPv4 address is scrubbed
    209 STEP 3 QUERY
    210 ENTRY_BEGIN
    211 REPLY RD
    212 SECTION QUESTION
    213 foo.example.com. IN A
    214 ENTRY_END
    215 
    216 ; recursion happens here.
    217 STEP 10 CHECK_ANSWER
    218 ENTRY_BEGIN
    219 MATCH all
    220 REPLY QR RD RA SERVFAIL
    221 SECTION QUESTION
    222 foo.example.com. IN A
    223 SECTION ANSWER
    224 ; scrubbed away
    225 ;foo.example.com. IN A	10.20.30.40
    226 ENTRY_END
    227 
    228 ; IPv6 address is scrubbed
    229 STEP 20 QUERY
    230 ENTRY_BEGIN
    231 REPLY RD
    232 SECTION QUESTION
    233 mail.example.com. IN AAAA
    234 ENTRY_END
    235 
    236 STEP 30 CHECK_ANSWER
    237 ENTRY_BEGIN
    238 MATCH all
    239 REPLY QR RD RA SERVFAIL
    240 SECTION QUESTION
    241 mail.example.com. IN AAAA
    242 SECTION ANSWER
    243 ENTRY_END
    244 
    245 ; allowed domain is not scrubbed.
    246 STEP 40 QUERY
    247 ENTRY_BEGIN
    248 REPLY RD
    249 SECTION QUESTION
    250 mail.example.net. IN A
    251 ENTRY_END
    252 
    253 STEP 50 CHECK_ANSWER
    254 ENTRY_BEGIN
    255 MATCH all
    256 REPLY QR RD RA NOERROR
    257 SECTION QUESTION
    258 mail.example.net. IN A
    259 SECTION ANSWER
    260 mail.example.net. IN A 10.20.30.40
    261 ENTRY_END
    262 
    263 ; rest of RRset intact, only 10/8 tossed away.
    264 STEP 60 QUERY
    265 ENTRY_BEGIN
    266 REPLY RD
    267 SECTION QUESTION
    268 toss.example.com. IN A
    269 ENTRY_END
    270 
    271 STEP 70 CHECK_ANSWER
    272 ENTRY_BEGIN
    273 MATCH all
    274 REPLY QR RD RA NOERROR
    275 SECTION QUESTION
    276 toss.example.com. IN A
    277 SECTION ANSWER
    278 ; toss.example.com. IN A	10.20.30.40
    279 toss.example.com. IN A	1.2.3.4
    280 SECTION AUTHORITY
    281 example.com.	IN NS	ns.example.com.
    282 SECTION ADDITIONAL
    283 ns.example.com.		IN 	A	1.2.3.4
    284 ENTRY_END
    285 
    286 SCENARIO_END
    287