Home | History | Annotate | Line # | Download | only in testdata 
      1 ; config options
      2 server:
      3 	module-config: "respip validator iterator"
      4 	target-fetch-policy: "0 0 0 0 0"
      5 	qname-minimisation: no
      6 	access-control: 192.0.0.0/8 allow
      7 
      8 rpz:
      9 	name: "rpz.example.com."
     10 	rpz-signal-nxdomain-ra: yes
     11 	zonefile:
     12 TEMPFILE_NAME rpz.example.com
     13 TEMPFILE_CONTENTS rpz.example.com
     14 $ORIGIN example.com.
     15 rpz	3600	IN	SOA	ns1.rpz.example.com. hostmaster.rpz.example.com. (
     16 		1379078166 28800 7200 604800 7200 )
     17 	3600	IN	NS	ns1.rpz.example.com.
     18 	3600	IN	NS	ns2.rpz.example.com.
     19 $ORIGIN rpz.example.com.
     20 a.a CNAME .
     21 b.a CNAME .
     22 ns1.a.rpz-nsdname CNAME .
     23 24.0.0.0.192.rpz-nsip CNAME .
     24 24.0.3.0.192.rpz-client-ip CNAME .
     25 TEMPFILE_END
     26 
     27 stub-zone:
     28 	name: "a."
     29 	stub-addr: 10.20.30.40
     30 CONFIG_END
     31 
     32 SCENARIO_BEGIN Test RPZ qname trigger and signal NXDOMAIN with unset RA.
     33 
     34 RANGE_BEGIN 0 100
     35 	ADDRESS 10.20.30.40
     36 ENTRY_BEGIN
     37 MATCH opcode qtype qname
     38 ADJUST copy_id
     39 REPLY QR NOERROR
     40 SECTION QUESTION
     41 a. IN NS
     42 SECTION ANSWER
     43 a. IN NS ns.a.
     44 SECTION ADDITIONAL
     45 ns.a IN A 10.20.30.40
     46 ENTRY_END
     47 
     48 ENTRY_BEGIN
     49 MATCH opcode qtype qname
     50 ADJUST copy_id
     51 REPLY QR NOERROR
     52 SECTION QUESTION
     53 a.a.  IN  TXT
     54 SECTION ANSWER
     55 a.a.  IN  TXT "upstream txt rr a.a."
     56 ENTRY_END
     57 
     58 ENTRY_BEGIN
     59 MATCH opcode qtype qname
     60 ADJUST copy_id
     61 REPLY QR NOERROR
     62 SECTION QUESTION
     63 b.a.  IN  TXT
     64 SECTION ANSWER
     65 b.a.  IN  TXT "upstream txt rr b.a."
     66 ENTRY_END
     67 
     68 ENTRY_BEGIN
     69 MATCH opcode qtype qname
     70 ADJUST copy_id
     71 REPLY QR NOERROR
     72 SECTION QUESTION
     73 c.a.  IN  TXT
     74 SECTION ANSWER
     75 c.a.  IN  CNAME b.a
     76 ENTRY_END
     77 
     78 ENTRY_BEGIN
     79 MATCH opcode subdomain
     80 ADJUST copy_id copy_query
     81 REPLY QR NOERROR
     82 SECTION QUESTION
     83 d.a.  IN  NS
     84 SECTION ANSWER
     85 SECTION AUTHORITY
     86 d.a.  IN  NS ns1.a.
     87 SECTION ADDITIONAL
     88 ns1.a. IN A 10.20.30.50
     89 ENTRY_END
     90 
     91 ENTRY_BEGIN
     92 MATCH opcode subdomain
     93 ADJUST copy_id copy_query
     94 REPLY QR NOERROR
     95 SECTION QUESTION
     96 e.a.  IN  NS
     97 SECTION ANSWER
     98 SECTION AUTHORITY
     99 e.a.  IN  NS ns2.a.
    100 SECTION ADDITIONAL
    101 ns2.a. IN A 192.0.0.5
    102 ENTRY_END
    103 
    104 ENTRY_BEGIN
    105 MATCH opcode qtype qname
    106 ADJUST copy_id
    107 REPLY QR NOERROR
    108 SECTION QUESTION
    109 f.a.  IN  TXT
    110 SECTION ANSWER
    111 f.a.  IN  TXT "upstream txt rr f.a."
    112 ENTRY_END
    113 
    114 RANGE_END
    115 
    116 RANGE_BEGIN 0 100
    117 	ADDRESS 10.20.30.50
    118 ENTRY_BEGIN
    119 MATCH opcode qtype qname
    120 ADJUST copy_id
    121 REPLY QR NOERROR
    122 SECTION QUESTION
    123 d.a. IN NS
    124 SECTION ANSWER
    125 d.a. IN NS ns1.a.
    126 SECTION ADDITIONAL
    127 ns1.a. IN A 10.20.30.50
    128 ENTRY_END
    129 
    130 ENTRY_BEGIN
    131 MATCH opcode qtype qname
    132 ADJUST copy_id
    133 REPLY QR NOERROR
    134 SECTION QUESTION
    135 d.d.a. IN TXT
    136 SECTION ANSWER
    137 d.d.a. IN TXT "upstream answer for d.d.a"
    138 ENTRY_END
    139 
    140 RANGE_END
    141 
    142 RANGE_BEGIN 0 100
    143 	ADDRESS 192.0.0.5
    144 ENTRY_BEGIN
    145 MATCH opcode qtype qname
    146 ADJUST copy_id
    147 REPLY QR NOERROR
    148 SECTION QUESTION
    149 e.a. IN NS
    150 SECTION ANSWER
    151 e.a. IN NS ns2.a.
    152 SECTION ADDITIONAL
    153 ns2.a. IN A 192.0.0.5
    154 ENTRY_END
    155 
    156 ENTRY_BEGIN
    157 MATCH opcode qtype qname
    158 ADJUST copy_id
    159 REPLY QR NOERROR
    160 SECTION QUESTION
    161 e.e.a. IN TXT
    162 SECTION ANSWER
    163 e.e.a. IN TXT "upstream answer for e.e.a"
    164 ENTRY_END
    165 
    166 RANGE_END
    167 
    168 ; qname trigger
    169 STEP 10 QUERY
    170 ENTRY_BEGIN
    171 REPLY RD
    172 SECTION QUESTION
    173 a.a.  IN TXT
    174 ENTRY_END
    175 
    176 STEP 11 CHECK_ANSWER
    177 ENTRY_BEGIN
    178 MATCH all
    179 REPLY QR RD AA NXDOMAIN
    180 SECTION QUESTION
    181 a.a.  IN TXT
    182 SECTION ANSWER
    183 ENTRY_END
    184 
    185 ; qname trigger after cname
    186 STEP 20 QUERY
    187 ENTRY_BEGIN
    188 REPLY RD
    189 SECTION QUESTION
    190 c.a.  IN TXT
    191 ENTRY_END
    192 
    193 STEP 21 CHECK_ANSWER
    194 ENTRY_BEGIN
    195 MATCH all
    196 REPLY QR RD AA NXDOMAIN
    197 SECTION QUESTION
    198 c.a.  IN TXT
    199 SECTION ANSWER
    200 c.a.  IN  CNAME b.a
    201 ENTRY_END
    202 
    203 ; nsdname trigger
    204 STEP 30 QUERY
    205 ENTRY_BEGIN
    206 REPLY RD
    207 SECTION QUESTION
    208 d.d.a.  IN TXT
    209 ENTRY_END
    210 
    211 STEP 31 CHECK_ANSWER
    212 ENTRY_BEGIN
    213 MATCH all
    214 REPLY QR RD AA NXDOMAIN
    215 SECTION QUESTION
    216 d.d.a.  IN TXT
    217 SECTION ANSWER
    218 ENTRY_END
    219 
    220 ; nsip trigger
    221 STEP 40 QUERY
    222 ENTRY_BEGIN
    223 REPLY RD
    224 SECTION QUESTION
    225 e.e.a.  IN TXT
    226 ENTRY_END
    227 
    228 STEP 41 CHECK_ANSWER
    229 ENTRY_BEGIN
    230 MATCH all
    231 REPLY QR RD AA NXDOMAIN
    232 SECTION QUESTION
    233 e.e.a.  IN TXT
    234 SECTION ANSWER
    235 ENTRY_END
    236 
    237 ; clientip trigger
    238 STEP 50 QUERY ADDRESS 192.0.3.1
    239 ENTRY_BEGIN
    240 REPLY RD
    241 SECTION QUESTION
    242 f.a.  IN TXT
    243 ENTRY_END
    244 
    245 STEP 51 CHECK_ANSWER
    246 ENTRY_BEGIN
    247 MATCH all
    248 REPLY QR AA RD NXDOMAIN
    249 SECTION QUESTION
    250 f.a.  IN TXT
    251 SECTION ANSWER
    252 ENTRY_END
    253 
    254 SCENARIO_END
    255