diff options
Diffstat (limited to 'contrib/unbound/testdata/rpz_clientip.rpl')
-rw-r--r-- | contrib/unbound/testdata/rpz_clientip.rpl | 264 |
1 files changed, 0 insertions, 264 deletions
diff --git a/contrib/unbound/testdata/rpz_clientip.rpl b/contrib/unbound/testdata/rpz_clientip.rpl deleted file mode 100644 index 78e05ad91994..000000000000 --- a/contrib/unbound/testdata/rpz_clientip.rpl +++ /dev/null @@ -1,264 +0,0 @@ -; config options -server: - module-config: "respip validator iterator" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: no - minimal-responses: no - access-control: 192.0.0.0/8 allow - -rpz: - name: "rpz.example.com." - zonefile: -TEMPFILE_NAME rpz.example.com -TEMPFILE_CONTENTS rpz.example.com -$ORIGIN example.com. -rpz 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( - 1379078166 28800 7200 604800 7200 ) - 3600 IN NS ns1.rpz.example.com. - 3600 IN NS ns2.rpz.example.com. -$ORIGIN rpz.example.com. -24.0.0.0.192.rpz-client-ip CNAME . -24.0.1.0.192.rpz-client-ip CNAME *. -24.0.2.0.192.rpz-client-ip CNAME rpz-drop. -24.0.3.0.192.rpz-client-ip CNAME rpz-passthru. -24.0.4.0.192.rpz-client-ip CNAME rpz-tcp-only. -24.0.5.0.192.rpz-client-ip A 127.0.0.1 -24.0.5.0.192.rpz-client-ip TXT "42" -TEMPFILE_END - -stub-zone: - name: "a." - stub-addr: 10.20.30.40 -CONFIG_END - -SCENARIO_BEGIN Test RPZ client ip triggers - -RANGE_BEGIN 0 100 - ADDRESS 10.20.30.40 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -a. IN NS -SECTION ANSWER -a. IN NS ns.a. -SECTION ADDITIONAL -ns.a IN A 10.20.30.40 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -a.a. IN TXT -SECTION ANSWER -a.a. IN TXT "upstream txt rr a.a." -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -a.a. IN A -SECTION ANSWER -a.a. IN A 10.20.30.40 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -a.a. IN AAAA -SECTION ANSWER -a.a. IN AAAA 2001:db8::123 -ENTRY_END - -RANGE_END - -; unrelated client ip address -- passthru - -STEP 10 QUERY -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN TXT -ENTRY_END - -STEP 11 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA NOERROR -SECTION QUESTION -a.a. IN TXT -SECTION ANSWER -a.a. IN TXT "upstream txt rr a.a." -ENTRY_END - -; should be NXDOMAIN - -STEP 20 QUERY ADDRESS 192.0.0.1 -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN TXT -ENTRY_END - -STEP 21 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR AA RD RA NXDOMAIN -SECTION QUESTION -a.a. IN TXT -SECTION ANSWER -ENTRY_END - -; should be NODATA - -STEP 30 QUERY ADDRESS 192.0.1.1 -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN TXT -ENTRY_END - -STEP 31 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR AA RD RA NOERROR -SECTION QUESTION -a.a. IN TXT -SECTION ANSWER -ENTRY_END - -; should be PASSTHRU - -STEP 40 QUERY ADDRESS 192.0.3.1 -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN TXT -ENTRY_END - -STEP 41 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA NOERROR -SECTION QUESTION -a.a. IN TXT -SECTION ANSWER -a.a. IN TXT "upstream txt rr a.a." -ENTRY_END - -; should be TRUNCATED - -STEP 50 QUERY ADDRESS 192.0.4.1 -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN TXT -ENTRY_END - -STEP 51 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR AA TC RD RA NOERROR -SECTION QUESTION -a.a. IN TXT -SECTION ANSWER -ENTRY_END - -; should not be TRUNCATED via TCP - -STEP 52 QUERY ADDRESS 192.0.4.1 -ENTRY_BEGIN -MATCH TCP -REPLY RD -SECTION QUESTION -a.a. IN TXT -ENTRY_END - -STEP 53 CHECK_ANSWER -ENTRY_BEGIN -MATCH all TCP -REPLY QR RD RA NOERROR -SECTION QUESTION -a.a. IN TXT -SECTION ANSWER -a.a. IN TXT "upstream txt rr a.a." -ENTRY_END - -; should be synthesized - -STEP 60 QUERY ADDRESS 192.0.5.1 -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN A -ENTRY_END - -STEP 61 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR AA RD RA NOERROR -SECTION QUESTION -a.a. IN A -SECTION ANSWER -a.a. IN A 127.0.0.1 -SECTION ADDITIONAL -rpz.example.com. 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 1379078166 28800 7200 604800 7200 ) -ENTRY_END - -; should be synthesized - -STEP 62 QUERY ADDRESS 192.0.5.1 -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN TXT -ENTRY_END - -STEP 63 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR AA RD RA NOERROR -SECTION QUESTION -a.a. IN TXT -SECTION ANSWER -a.a. IN TXT "42" -SECTION ADDITIONAL -rpz.example.com. 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 1379078166 28800 7200 604800 7200 ) -ENTRY_END - -; should be synthesized NODATA - -STEP 64 QUERY ADDRESS 192.0.5.1 -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN AAAA -ENTRY_END - -STEP 65 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR AA RD RA NOERROR -SECTION QUESTION -a.a. IN AAAA -SECTION ADDITIONAL -rpz.example.com. 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 1379078166 28800 7200 604800 7200 ) -ENTRY_END - -; should be DROPPED - -STEP 90 QUERY ADDRESS 192.0.2.1 -ENTRY_BEGIN -REPLY RD -SECTION QUESTION -a.a. IN TXT -ENTRY_END - -SCENARIO_END |