Home | History | Annotate | Line # | Download | only in testdata 
      1 ; config options
      2 server:
      3 	module-config: "respip validator iterator"
      4 	target-fetch-policy: "0 0 0 0 0"
      5 	qname-minimisation: no
      6 	access-control: 192.0.0.0/8 allow
      7 
      8 rpz:
      9 	name: "rpz.example.com."
     10 	rpz-log: yes
     11 	rpz-log-name: "rpz.example.com"
     12 	rpz-action-override: "nxdomain"
     13 	zonefile:
     14 TEMPFILE_NAME rpz.example.com
     15 TEMPFILE_CONTENTS rpz.example.com
     16 $ORIGIN example.com.
     17 rpz	3600	IN	SOA	ns1.rpz.example.com. hostmaster.rpz.example.com. (
     18 		1379078166 28800 7200 604800 7200 )
     19 	3600	IN	NS	ns1.rpz.example.com.
     20 	3600	IN	NS	ns2.rpz.example.com.
     21 $ORIGIN rpz.example.com.
     22 32.1.5.0.192.rpz-client-ip CNAME rpz-passthru.
     23 32.2.5.0.192.rpz-client-ip A 1.2.3.5
     24 TEMPFILE_END
     25 
     26 rpz:
     27 	name: "rpz2.example.com."
     28 	rpz-log: yes
     29 	rpz-log-name: "rpz2.example.com"
     30 	rpz-action-override: "nodata"
     31 	zonefile:
     32 TEMPFILE_NAME rpz2.example.com
     33 TEMPFILE_CONTENTS rpz2.example.com
     34 $ORIGIN example.com.
     35 rpz2	3600	IN	SOA	ns1.rpz2.example.com. hostmaster.rpz2.example.com. (
     36 		1379078166 28800 7200 604800 7200 )
     37 	3600	IN	NS	ns1.rpz2.example.com.
     38 	3600	IN	NS	ns2.rpz2.example.com.
     39 $ORIGIN rpz2.example.com.
     40 32.4.5.0.192.rpz-client-ip A 1.2.3.5
     41 TEMPFILE_END
     42 
     43 rpz:
     44 	name: "rpz3.example.com."
     45 	rpz-log: yes
     46 	rpz-log-name: "rpz3.example.com"
     47 	rpz-action-override: "passthru"
     48 	zonefile:
     49 TEMPFILE_NAME rpz3.example.com
     50 TEMPFILE_CONTENTS rpz3.example.com
     51 $ORIGIN example.com.
     52 rpz3	3600	IN	SOA	ns1.rpz3.example.com. hostmaster.rpz3.example.com. (
     53 		1379078166 28800 7200 604800 7200 )
     54 	3600	IN	NS	ns1.rpz3.example.com.
     55 	3600	IN	NS	ns2.rpz3.example.com.
     56 $ORIGIN rpz3.example.com.
     57 32.5.5.0.192.rpz-client-ip A 1.2.3.5
     58 TEMPFILE_END
     59 
     60 rpz:
     61 	name: "rpz4.example.com."
     62 	rpz-log: yes
     63 	rpz-log-name: "rpz4.example.com"
     64 	rpz-action-override: "drop"
     65 	zonefile:
     66 TEMPFILE_NAME rpz4.example.com
     67 TEMPFILE_CONTENTS rpz4.example.com
     68 $ORIGIN example.com.
     69 rpz4	3600	IN	SOA	ns1.rpz4.example.com. hostmaster.rpz4.example.com. (
     70 		1379078166 28800 7200 604800 7200 )
     71 	3600	IN	NS	ns1.rpz4.example.com.
     72 	3600	IN	NS	ns2.rpz4.example.com.
     73 $ORIGIN rpz4.example.com.
     74 32.5.5.0.192.rpz-client-ip A 1.2.3.5
     75 32.6.5.0.192.rpz-client-ip A 1.2.3.5
     76 TEMPFILE_END
     77 
     78 rpz:
     79 	name: "rpz5.example.com."
     80 	rpz-log: yes
     81 	rpz-log-name: "rpz5.example.com"
     82 	rpz-action-override: "cname"
     83 	rpz-cname-override: "target.a"
     84 	zonefile:
     85 TEMPFILE_NAME rpz5.example.com
     86 TEMPFILE_CONTENTS rpz5.example.com
     87 $ORIGIN example.com.
     88 rpz5	3600	IN	SOA	ns1.rpz5.example.com. hostmaster.rpz5.example.com. (
     89 		1379078166 28800 7200 604800 7200 )
     90 	3600	IN	NS	ns1.rpz5.example.com.
     91 	3600	IN	NS	ns2.rpz5.example.com.
     92 $ORIGIN rpz5.example.com.
     93 32.7.5.0.192.rpz-client-ip A 1.2.3.5
     94 TEMPFILE_END
     95 
     96 rpz:
     97 	name: "rpz6.example.com."
     98 	rpz-log: yes
     99 	rpz-log-name: "rpz6.example.com"
    100 	rpz-action-override: "disabled"
    101 	zonefile:
    102 TEMPFILE_NAME rpz6.example.com
    103 TEMPFILE_CONTENTS rpz6.example.com
    104 $ORIGIN example.com.
    105 rpz6	3600	IN	SOA	ns1.rpz6.example.com. hostmaster.rpz6.example.com. (
    106 		1379078166 28800 7200 604800 7200 )
    107 	3600	IN	NS	ns1.rpz6.example.com.
    108 	3600	IN	NS	ns2.rpz6.example.com.
    109 $ORIGIN rpz6.example.com.
    110 32.8.5.0.192.rpz-client-ip A 1.2.3.5
    111 TEMPFILE_END
    112 
    113 stub-zone:
    114 	name: "a."
    115 	stub-addr: 10.20.30.40
    116 CONFIG_END
    117 
    118 SCENARIO_BEGIN Test RPZ action override with trigger from clientip.
    119 
    120 ; a.
    121 RANGE_BEGIN 0 1000
    122 	ADDRESS 10.20.30.40
    123 ENTRY_BEGIN
    124 MATCH opcode qtype qname
    125 ADJUST copy_id
    126 REPLY QR NOERROR
    127 SECTION QUESTION
    128 d.a. IN A
    129 SECTION ANSWER
    130 d.a. IN A 1.2.3.4
    131 ENTRY_END
    132 
    133 ENTRY_BEGIN
    134 MATCH opcode qtype qname
    135 ADJUST copy_id
    136 REPLY QR NOERROR
    137 SECTION QUESTION
    138 target.a. IN A
    139 SECTION ANSWER
    140 target.a. IN A 1.2.3.6
    141 ENTRY_END
    142 RANGE_END
    143 
    144 STEP 10 QUERY ADDRESS 192.0.5.2
    145 ENTRY_BEGIN
    146 REPLY RD
    147 SECTION QUESTION
    148 d.a.	IN	A
    149 ENTRY_END
    150 
    151 STEP 11 CHECK_ANSWER
    152 ENTRY_BEGIN
    153 MATCH all
    154 REPLY QR RD RA AA NXDOMAIN
    155 SECTION QUESTION
    156 d.a.	IN	A
    157 SECTION ANSWER
    158 ENTRY_END
    159 
    160 STEP 20 QUERY ADDRESS 192.0.5.1
    161 ENTRY_BEGIN
    162 REPLY RD
    163 SECTION QUESTION
    164 d.a.	IN	A
    165 ENTRY_END
    166 
    167 STEP 21 CHECK_ANSWER
    168 ENTRY_BEGIN
    169 MATCH all
    170 REPLY QR RD RA AA NXDOMAIN
    171 SECTION QUESTION
    172 d.a.	IN	A
    173 SECTION ANSWER
    174 ENTRY_END
    175 
    176 STEP 30 QUERY ADDRESS 192.0.5.3
    177 ENTRY_BEGIN
    178 REPLY RD
    179 SECTION QUESTION
    180 d.a.	IN	A
    181 ENTRY_END
    182 
    183 STEP 31 CHECK_ANSWER
    184 ENTRY_BEGIN
    185 MATCH all
    186 REPLY QR RD RA NOERROR
    187 SECTION QUESTION
    188 d.a.	IN	A
    189 SECTION ANSWER
    190 d.a.	IN	A 1.2.3.4
    191 ENTRY_END
    192 
    193 STEP 40 QUERY ADDRESS 192.0.5.4
    194 ENTRY_BEGIN
    195 REPLY RD
    196 SECTION QUESTION
    197 d.a.	IN	A
    198 ENTRY_END
    199 
    200 STEP 41 CHECK_ANSWER
    201 ENTRY_BEGIN
    202 MATCH all
    203 REPLY QR RD RA AA NOERROR
    204 SECTION QUESTION
    205 d.a.	IN	A
    206 SECTION ANSWER
    207 ENTRY_END
    208 
    209 STEP 50 QUERY ADDRESS 192.0.5.5
    210 ENTRY_BEGIN
    211 REPLY RD
    212 SECTION QUESTION
    213 d.a.	IN	A
    214 ENTRY_END
    215 
    216 STEP 51 CHECK_ANSWER
    217 ENTRY_BEGIN
    218 MATCH all
    219 REPLY QR RD RA NOERROR
    220 SECTION QUESTION
    221 d.a.	IN	A
    222 SECTION ANSWER
    223 d.a.	IN	A 1.2.3.4
    224 ENTRY_END
    225 
    226 STEP 60 QUERY ADDRESS 192.0.5.6
    227 ENTRY_BEGIN
    228 REPLY RD
    229 SECTION QUESTION
    230 d.a.	IN	A
    231 ENTRY_END
    232 ; dropped.
    233 
    234 STEP 70 QUERY ADDRESS 192.0.5.7
    235 ENTRY_BEGIN
    236 REPLY RD
    237 SECTION QUESTION
    238 d.a.	IN	A
    239 ENTRY_END
    240 
    241 STEP 71 CHECK_ANSWER
    242 ENTRY_BEGIN
    243 MATCH all
    244 REPLY QR RD RA AA NOERROR
    245 SECTION QUESTION
    246 d.a.	IN	A
    247 SECTION ANSWER
    248 d.a. CNAME target.a.
    249 target.a. A 1.2.3.6
    250 ENTRY_END
    251 
    252 STEP 80 QUERY ADDRESS 192.0.5.8
    253 ENTRY_BEGIN
    254 REPLY RD
    255 SECTION QUESTION
    256 d.a.	IN	A
    257 ENTRY_END
    258 
    259 STEP 81 CHECK_ANSWER
    260 ENTRY_BEGIN
    261 MATCH all
    262 REPLY QR RD RA NOERROR
    263 SECTION QUESTION
    264 d.a.	IN	A
    265 SECTION ANSWER
    266 d.a.	IN	A 1.2.3.4
    267 ENTRY_END
    268 
    269 SCENARIO_END
    270