--- /dev/null
+#!/bin/bash -e
+echo ""
+echo "from: http://dnsdist.org/download/"
+echo ""
+echo "clone from: git clone https://github.com/PowerDNS/pdns.git"
+echo "--or from our copy--"
+echo "https://github.com/GlobalCyberAlliance/pdns.git"
+echo ""
+
+echo "cd ../pdns/dnsdistdist"
+echo ""
+cd ../pdns/dnsdistdist
+echo ""
+echo "autoreconf -i"
+echo ""
+autoreconf -i
+echo ""
+echo "NOTE: configure with libsodium enabled to allow cache test to succeed - Seth - Global Cyber Alliance"
+echo "./configure --enable-libsodium"
+./configure --enable-libsodium
+echo ""
+echo "do a \"make clean\" incase this is not the first time through"
+echo ""
+make clean
+echo ""
+echo "now do a make"
+echo ""
+echo "make"
+echo ""
+make
+echo ""
+echo "test out the cache code"
+echo ""
+cd "../../regression-tests.dnsdist"
+echo ""
+echo "test_Caching"
+DNSDISTBIN=../pdns/dnsdistdist/dnsdist ./runtests test_Caching
+echo ""
+echo "test_CacheHitResponses"
+DNSDISTBIN=../pdns/dnsdistdist/dnsdist ./runtests test_CacheHitResponses
+echo ""
+echo "you can now do \"make install\" if desired."
+echo ""
+echo "finished"
+
+
+
--- /dev/null
+echo "test dnsdist with nocookie option to allow cache hits"
+echo "dig @127.0.0.1 -p 5200 +nocookie google.com"
+echo ""
+dig @127.0.0.1 -p 5200 +nocookie google.com
--- /dev/null
+echo "test dnsdist with rpz bad entry"
+echo "dig @127.0.0.1 -p 5200 1jw2mr4fmky.net"
+echo ""
+dig @127.0.0.1 -p 5200 1jw2mr4fmky.net
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE abiword PUBLIC "-//ABISOURCE//DTD AWML 1.0 Strict//EN" "http://www.abisource.com/awml.dtd">
+<abiword template="false" xmlns:ct="http://www.abisource.com/changetracking.dtd" xmlns:fo="http://www.w3.org/1999/XSL/Format" xmlns:math="http://www.w3.org/1998/Math/MathML" xid-max="241" xmlns:dc="http://purl.org/dc/elements/1.1/" styles="unlocked" fileformat="1.0" xmlns:svg="http://www.w3.org/2000/svg" xmlns:awml="http://www.abisource.com/awml.dtd" xmlns="http://www.abisource.com/awml.dtd" xmlns:xlink="http://www.w3.org/1999/xlink" version="0.99.2" xml:space="preserve" props="dom-dir:ltr; document-footnote-restart-section:0; document-endnote-type:numeric; document-endnote-place-enddoc:1; document-endnote-initial:1; lang:en-US; document-endnote-restart-section:0; document-footnote-restart-page:0; document-footnote-type:numeric; document-footnote-initial:1; document-endnote-place-endsection:0">
+<!-- ======================================================================== -->
+<!-- This file is an AbiWord document. -->
+<!-- AbiWord is a free, Open Source word processor. -->
+<!-- More information about AbiWord is available at http://www.abisource.com/ -->
+<!-- You should not edit this file by hand. -->
+<!-- ======================================================================== -->
+
+<metadata>
+<m key="abiword.date_last_changed">Wed Jun 7 15:14:33 2017
+</m>
+<m key="abiword.generator">AbiWord</m>
+<m key="dc.creator">SethO</m>
+<m key="dc.date">Wed Jun 7 11:06:40 2017
+</m>
+<m key="dc.format">application/x-abiword</m>
+</metadata>
+<rdf>
+</rdf>
+<history version="17" edit-time="15978" last-saved="1496862873" uid="567dac60-4b90-11e7-9b16-bb055255232b">
+<version id="17" started="1496848000" uid="8a46647c-4bb5-11e7-9b16-bb055255232b" auto="0" top-xid="31"/>
+</history>
+<styles>
+<s type="P" name="Normal" followedby="Current Settings" props="font-family:Times New Roman; margin-top:0pt; color:000000; margin-left:0pt; text-position:normal; widows:2; font-style:normal; text-indent:0in; font-variant:normal; font-weight:normal; margin-right:0pt; font-size:12pt; text-decoration:none; margin-bottom:0pt; line-height:1.0; bgcolor:transparent; text-align:left; font-stretch:normal"/>
+</styles>
+<pagesize pagetype="Letter" orientation="portrait" width="8.500000" height="11.000000" units="in" page-scale="1.000000"/>
+<section footer="0" xid="12" props="page-margin-footer:0.5in; page-margin-header:0.5in">
+<p style="Normal" xid="13"><c>Proposed new Lua commands for DNSDIST</c></p>
+<p style="Normal" xid="5"><c>June 7, 2017</c></p>
+<p style="Normal" xid="1"><c>Seth Ornstein</c></p>
+<p style="Normal" xid="2"><c>Global Cyber Alliance</c></p>
+<p style="Normal" xid="3"><c>sornstein@globalcyberalliance.org</c></p>
+<p style="Normal" xid="4"><c></c></p>
+<p style="Normal" xid="6"><c></c></p>
+<p style="Normal" xid="8" props="text-align:left; dom-dir:ltr"><c props="font-weight:bold">To obtain a copy of the source for the modified DNSDIST version: </c><c> </c></p>
+<p style="Normal" xid="10" props="text-align:left; dom-dir:ltr"><c></c></p>
+<p style="Normal" xid="11" props="text-align:left; dom-dir:ltr"><c> git clone -b dnsdist-mod2 https://github.com/GlobalCyberAlliance/pdns.git</c></p>
+<p style="Normal" xid="9" props="text-align:left; dom-dir:ltr"><c></c></p>
+<p style="Normal" xid="113" props="text-align:left; dom-dir:ltr"><c props="font-weight:bold">Example scripts and configuration file are located in: pdns/zzz-gca-examples</c></p>
+<p style="Normal" xid="7"><c></c></p>
+<p style="Normal" xid="14"><c></c></p>
+<p style="Normal" xid="15"><c props="font-weight:bold">Lua additional functions that act on the DNSQuestion parameter dq.</c></p>
+<p style="Normal" xid="177"><c props="font-weight:bold"></c></p>
+<p style="Normal" xid="32"><c>They are expected to be used inside of a Lua function that is setup for use in the dnsdist configuration file by the addLuaAction function. They are used to store text label and value pairs in the DNSQuestion dq and accessed by the DNSResponse Lua functions below.</c></p>
+<p style="Normal" xid="16"><c></c></p>
+<p style="Normal" xid="27"><c> To store a text label and value pair in the DNSQuestion:</c></p>
+<p style="Normal" xid="28"><c></c></p>
+<p style="Normal" xid="23"><c> dq:setTag(“LabelText”, “ValueText”) </c></p>
+<p style="Normal" xid="29"><c></c></p>
+<p style="Normal" xid="30"><c> To </c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">store values as a table in the DNSQuestion structure</c><c>:</c></p>
+<p style="Normal" xid="31" props="margin-top:0.0000in; margin-left:0.0000in; text-indent:0.0000in; dom-dir:ltr; margin-bottom:0.0000in; line-height:1.000000; text-align:left; margin-right:0.0000in"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="25" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c> dq:setTagArray(exampleTable)</c></p>
+<p style="Normal" xid="33" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="34" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="35" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-weight:bold">Lua additional functions that act on the DNSResponse parameter dr.</c></p>
+<p style="Normal" xid="178" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-weight:bold"></c></p>
+<p style="Normal" xid="36" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c>These are expected to be located inside of a Lua function that is setup for use in the dnsdist configuration file by the RemoteLogAction function as the “alterFunction”. They are used to obtain the text label and value pairs that were stored in the DNSQuestion Lua functions above.</c></p>
+<p style="Normal" xid="37" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="44" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c> T</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">o read matching value from DNSQuestion structure</c><c>:</c></p>
+<p style="Normal" xid="45" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="46" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c> dr:getTagMatch(“LabelText”)</c></p>
+<p style="Normal" xid="48" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="49" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c> T</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">o read text values as an array from DNSQuestion structure</c><c>:</c></p>
+<p style="Normal" xid="50" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="51" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c> dr:getTagArray()</c></p>
+<p style="Normal" xid="52" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="53" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="86" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="87" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="88" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="89" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="90" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="91" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c><c props="font-weight:bold">Lua additional functions that act on the DNSDistProtoBufMessage parameter pbMsg.</c></p>
+<p style="Normal" xid="179" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-weight:bold"></c></p>
+<p style="Normal" xid="55" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c>These are expected to be located inside of a Lua function that is setup for use in the dnsdist configuration file by the RemoteLogAction function as the “alterFunction”. They are used to modify the protobuf message that is being sent to the protobuf server.</c></p>
+<p style="Normal" xid="56" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="77" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c> To store text values in the protobuf “tags” field:</c></p>
+<p style="Normal" xid="78" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="79" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c> pbMsg:setTag(“LabelText”, “ValueText”)</c></p>
+<p style="Normal" xid="80" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="81" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c> T</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">o store text values as a table in protobuf tag fields</c></p>
+<p style="Normal" xid="82" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="83" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> pbMsg:setTagArray(exampleTable)</c></p>
+<p style="Normal" xid="85" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="84" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="95" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> To change the protobuf message from a ‘query’ to a ‘response’.</c></p>
+<p style="Normal" xid="96" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> The variable is the dns name the client requested to be looked up.</c></p>
+<p style="Normal" xid="100" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> A zero is inserted in the ‘query time’ protobuf field.</c></p>
+<p style="Normal" xid="97" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="98" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> pbMsg:setProtobufResponseType(“example.com”)</c></p>
+<p style="Normal" xid="99" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="101" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="103" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> To change the protobuf message from a ‘query’ to a ‘response’ and set ‘query time’.</c></p>
+<p style="Normal" xid="104" props="margin-top:0.0000in; margin-left:0.0000in; text-indent:0.0000in; dom-dir:ltr; margin-bottom:0.0000in; line-height:1.000000; text-align:left; margin-right:0.0000in"><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"> The variable is the dns name the client requested to be looked up.</c></p>
+<p style="Normal" xid="105" props="margin-top:0.0000in; margin-left:0.0000in; text-indent:0.0000in; dom-dir:ltr; margin-bottom:0.0000in; line-height:1.000000; text-align:left; margin-right:0.0000in"><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"> </c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">The second variable is the query time in seconds. </c></p>
+<p style="Normal" xid="106" props="margin-top:0.0000in; margin-left:0.0000in; text-indent:0.0000in; dom-dir:ltr; margin-bottom:0.0000in; line-height:1.000000; text-align:left; margin-right:0.0000in"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> The third variable is the fractional micro-seconds.</c></p>
+<p style="Normal" xid="107" props="margin-top:0.0000in; margin-left:0.0000in; text-indent:0.0000in; dom-dir:ltr; margin-bottom:0.0000in; line-height:1.000000; text-align:left; margin-right:0.0000in"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="108" props="margin-top:0.0000in; margin-left:0.0000in; text-indent:0.0000in; dom-dir:ltr; margin-bottom:0.0000in; line-height:1.000000; text-align:left; margin-right:0.0000in"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> pbMsg:setProtobufResponseTypeQT(“example.com”, os.time(), 123456)</c></p>
+<p style="Normal" xid="102" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="110" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; color:000000; text-decoration:none; text-position:normal; font-size:12pt; bgcolor:transparent; font-weight:bold; font-style:normal; lang:en-US">Building the modified dnsdist with the new Lua functions:</c></p>
+<p style="Normal" xid="172" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="173" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> 1. Open a console in pdns/zzz-gca-examples and run ./build-dnsdist2.sh</c></p>
+<p style="Normal" xid="174" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> This builds dnsdist with libsodium enabled for cache testing.</c></p>
+<p style="Normal" xid="175" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="111" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="112" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:bold; font-style:normal; lang:en-US">Running the test scripts:</c></p>
+<p style="Normal" xid="114" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="115" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> 1. Open a console in pdns/zzz-gca-examples and run ./protobuf-server2.sh</c></p>
+<p style="Normal" xid="116" props="font-family:Times New Roman; font-size:12pt; color:000000; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="117" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> 2. Open a console in pdns/zzz-gca-examples and run ./</c><c>dnsdist</c><c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">2.sh</c></p>
+<p style="Normal" xid="119" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
+<p style="Normal" xid="120" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"> 3. Open a console in pdns/zzz-gca-examples and run </c><c>./dig-test-rpz.sh</c></p>
+<p style="Normal" xid="121" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="137" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> 4. Verify that the protobuf server console shows a response with tags indicating RPZ.</c></p>
+<p style="Normal" xid="131" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="132" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c> 5. Open a console in pdns/zzz-gca-examples and run ./dig-test-nocookie.sh</c></p>
+<p style="Normal" xid="133" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="134" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c> 6. Verify that the protobuf server console shows a response with tags indicating FWD.</c></p>
+<p style="Normal" xid="135" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="136" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c> 7. Run ./dig-test-nocookie.sh a second time.</c></p>
+<p style="Normal" xid="144" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="145" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c> 8. Verify that the protobuf server console shows a response with tags indicating CACHE.</c></p>
+<p style="Normal" xid="138" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="238" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="239" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="240" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="241" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="139" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:bold">Protobuf server sample output:</c></p>
+<p style="Normal" xid="229" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="230" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c> </c><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"> Note that the unused “Tags” protobuf field now has the entries passed by the pbMsg:setTag and pbMsg:setTagArray functions. The tag data is separated by commas and the order is label followed by value for each ‘Tag’ in the protobuf ‘Tags’ field. The values in the protobuf ‘Tags’ field were set by the </c><c>pbMsg:setTagArray</c><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"> function in </c><c>luaLogBL</c><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"> in dnsdist.conf</c></p>
+<p style="Normal" xid="231" props="margin-top:0.0000in; margin-left:0.0000in; text-indent:0.0000in; dom-dir:ltr; margin-bottom:0.0000in; line-height:1.000000; text-align:left; margin-right:0.0000in"><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"></c></p>
+<p style="Normal" xid="228" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; text-align:left; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="147" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:bold">Typical response from the protobuf server from a RPZ ‘hit’ :</c></p>
+<p style="Normal" xid="232" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:bold"></c></p>
+<p style="Normal" xid="233" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:bold"> </c><c props="font-weight:normal">Note that since this protobuf was originally a ‘query’ and not a ‘response’ due to dnsdist’s treatment of returning a NXDOMAIN response to the client without having examined the cache or forwarded the request to a DNS server. Also since the function </c><c>pbMsg:setProtobufResponseType was used the ‘Query time’ field has the zero time.</c></p>
+<p style="Normal" xid="149" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="148" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c><c>[2017-06-07 12:11:45.745800] Response of size 56: 127.0.0.1 -> 127.0.0.1 (UDP), id: 15891, uuid: dc7c809436b74bc48b7dc07b49f3831d</c></p>
+<p style="Normal" xid="140" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c>- Question: 1, 1, 1jw2mr4fmky.net.</c></p>
+<p style="Normal" xid="141" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c>- Query time: 1969-12-31 19:00:00.0</c></p>
+<p style="Normal" xid="142" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c>- Response Code: 3, RRs: 1, Tags: lua-time,12:11:45-06/07/17,Test1,One Two Three,lua-ver,Lua 5.1,Test2,Four Five Six,Trans,RPZ,RPZ-Info,reject-example,From,127.0.0.1:56144,TCP,false</c></p>
+<p style="Normal" xid="143" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> - 1, 1, 1jw2mr4fmky.net., 123, 127.0.0.1</c></p>
+<p style="Normal" xid="129" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="130" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="150" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; text-align:left; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; text-decoration:none; lang:en-US; text-position:normal; font-weight:bold; font-style:normal; font-size:12pt">Typical response from the protobuf server from a forwarded message:</c></p>
+<p style="Normal" xid="151" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; text-align:left; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"></c></p>
+<p style="Normal" xid="234" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"> Note that the protobuf ‘Tags’ field has the label ‘Trans’ and the value ‘FWD’, which was set using the </c><c>pbMsg:setTagArray function in luaLogForward in dnsdist.conf</c><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none">.</c></p>
+<p style="Normal" xid="235" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; text-align:left; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"></c></p>
+<p style="Normal" xid="152" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c>[2017-06-07 12:12:50.409444] Response of size 87: 127.0.0.1 -> 127.0.0.1 (UDP), id: 52616, uuid: 3ec48935be3846609cc175136693608f</c></p>
+<p style="Normal" xid="153" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c>- Question: 1, 1, google.com.</c></p>
+<p style="Normal" xid="154" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c>- Query time: 2017-06-07 12:12:50.390094</c></p>
+<p style="Normal" xid="155" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c>- Response Code: 0, RRs: 3, Tags: Trans,FWD</c></p>
+<p style="Normal" xid="156" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c> - 1, 1, google.com., 299, 216.58.217.78</c></p>
+<p style="Normal" xid="157" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> - 1, 1, google.com., 299, 216.58.217.78</c></p>
+<p style="Normal" xid="158" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c> - 1, 1, google.com., 299, 216.58.217.78</c></p>
+<p style="Normal" xid="159" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="160" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="161" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:bold">Typical response from the protobuf server from a cache message:</c></p>
+<p style="Normal" xid="162" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="236" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"> Note that the protobuf ‘Tags’ field has the label ‘Trans’ and the value ‘CACHE’, which was set using the pbMsg:setTagArray function in luaLogForward in dnsdist.conf.</c></p>
+<p style="Normal" xid="237" props="margin-top:0.0000in; margin-left:0.0000in; text-indent:0.0000in; dom-dir:ltr; margin-bottom:0.0000in; line-height:1.000000; text-align:left; margin-right:0.0000in"><c props="font-family:Times New Roman; font-size:12pt; lang:en-US; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"></c></p>
+<p style="Normal" xid="164" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; text-align:left; text-position:normal; font-weight:normal; font-style:normal; text-decoration:none"><c>[2017-06-07 12:12:55.598121] Response of size 87: 127.0.0.1 -> 127.0.0.1 (UDP), id: 29215, uuid: d16852328b394d49ac0519fd7a2b6a25</c></p>
+<p style="Normal" xid="165" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c>- Question: 1, 1, google.com.</c></p>
+<p style="Normal" xid="166" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c>- Query time: 2017-06-07 12:12:55.598087</c></p>
+<p style="Normal" xid="167" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c>- Response Code: 0, RRs: 3, Tags: Trans,CACHE</c></p>
+<p style="Normal" xid="168" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> - 1, 1, google.com., 294, 216.58.217.78</c></p>
+<p style="Normal" xid="169" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c> - 1, 1, google.com., 294, 216.58.217.78</c></p>
+<p style="Normal" xid="170" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> - 1, 1, google.com., 294, 216.58.217.78</c></p>
+<p style="Normal" xid="171" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="163" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="194" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="195" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c><c props="font-weight:bold">Additional scripts:</c></p>
+<p style="Normal" xid="181" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="183" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> make-dnsdist.sh - make script for dnsdist</c></p>
+<p style="Normal" xid="184" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="185" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> dnsdist-check-config.sh - quick checking of dnsdist.conf configuration file.</c></p>
+<p style="Normal" xid="200" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="187" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> dnsdist2-debug.sh - run dnsdist with configuration file with debugging statements.</c></p>
+<p style="Normal" xid="188" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> </c></p>
+<p style="Normal" xid="189" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> dnsdist-debug.conf - configuration file for use with dnsdist2-debug.sh</c></p>
+<p style="Normal" xid="190" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c> Note that you need to set lines 20 to 25 to true to enable the text debugging.</c></p>
+<p style="Normal" xid="201" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="202" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="203" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:bold">Source code files modified in DNSDIST:</c></p>
+<p style="Normal" xid="204" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="205" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; text-position:normal; lang:en-US; font-weight:normal; color:000000; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="186" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> dnsdist-lua.cc</c></p>
+<p style="Normal" xid="206" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="207" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> dnsdist-lua2.cc</c></p>
+<p style="Normal" xid="208" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="209" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> dnsdist.hh</c></p>
+<p style="Normal" xid="210" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="211" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> protobuf.cc</c></p>
+<p style="Normal" xid="212" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="213" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> protobuf.hh</c></p>
+<p style="Normal" xid="214" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="215" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="216" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> To locate the modified source code search for the words Seth or GCA</c></p>
+<p style="Normal" xid="217" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="218" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"> ie. grep -i Seth * or grep -i GCA *</c></p>
+<p style="Normal" xid="224" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="225" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="220" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="font-weight:normal"></c></p>
+<p style="Normal" xid="221" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c props="color:008000"></c></p>
+<p style="Normal" xid="222" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+<p style="Normal" xid="223" props="font-family:Times New Roman; font-size:12pt; dom-dir:ltr; color:000000; lang:en-US; font-weight:normal; text-position:normal; text-align:left; font-style:normal; text-decoration:none"><c></c></p>
+</section>
+<section id="0" listid="0" parentid="0" type="footer" xid="191">
+<p xid="192" props="text-align:right"><field type="page_number" xid="193"></field></p>
+</section>
+</abiword>
--- /dev/null
+echo "dnsdist-check-config.sh - check dnsdist config file"
+echo ""
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+SLASH="/"
+CFG_FILE="dnsdist.conf"
+CONFIG_FILE=$DIR$SLASH$CFG_FILE
+echo "current directory: " $DIR
+echo ""
+echo "configuration file: " $CONFIG_FILE
+echo ""
+echo "cd ../pdns/dnsdistdist"
+echo ""
+cd ../pdns/dnsdistdist
+echo ""
+./dnsdist --config=$CONFIG_FILE --check-config
+echo ""
+
--- /dev/null
+-- -----------------------------------------------------------------------------------------------\r
+-- dnsdist2.conf\r
+-- Seth Ornstein - sornstein@globalcyberalliance.org\r
+-- 6/7/2017\r
+-- for use in testing out new Lua commands for dnsdist\r
+-- git clone -b dnsdist-mod2 https://github.com/GlobalCyberAlliance/pdns.git\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ warnlog(string.format("Script starting ----------------- %s ", "dnsdist2.conf"))\r
+\r
+ warnlog(string.format("Script starting ----------------- %s ", os.date("%X-%x")))\r
+\r
+ warnlog(string.format("Script starting ----------------- Lua Version: %s - (should be 5.1)", _VERSION))\r
+\r
+\r
+\r
+ strTestDns1 = "1jw2mr4fmky.net" -- test #1 dns lookup name - (reject)\r
+\r
+ maintCounter = 0 -- maintainance counter\r
+\r
+ bDebugCheckBL = false -- true if debugging luaCheckBL\r
+ bDebugLogBL = false -- true if debugging luaLogBL\r
+ bDebugLogForward = false -- true if debugging luaLogForward\r
+ bDebugLogCache = false -- true if debugging luaLogCache\r
+ bDebugRetNXDOMAIN = false -- true if debugging luaRetNXDOMAIN\r
+\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- setup servers to use\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** setup servers to use ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+--newServer({address="64.6.64.6:53", name="Verisign_1", pool="masterpool"}) -- verisign dns server #1\r
+--newServer({address="64.6.65.6:53", name="Verisign_2", pool="masterpool"}) -- verisign dns server #2\r
+newServer({address="8.8.8.8:53", name="Google_1", pool="masterpool"}) -- google dns server #1\r
+newServer({address="8.8.4.4:53", name="Google_2", pool="masterpool"}) -- google dns server #2\r
+--newServer({address="208.67.222.222:53", name="Opendns_1", pool="masterpool"}) -- opendns dns server #1\r
+--newServer({address="208.67.220.220:53", name="Opendns_2", pool="masterpool"}) -- opendns dns server #2\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- set up the cache \r
+-- 10000 -> maximum number of entries stored in the cache (required)\r
+-- 86400 -> maximum lifetime of an entry in the cache (seconds)\r
+-- 0 -> minimum TTL an entry should have to be considered for insertion in the cache (seconds)\r
+-- 60 -> TTL used for a Server Failure or a Refused response (seconds)\r
+-- 60 -> TTL that will be used when a stale cache entry is returned (seconds)\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** setup cache *** "))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ pc = newPacketCache(10000, 86400, 0, 60, 60) -- new cache\r
+ getPool("masterpool"):setCache(pc) -- masterpool cache\r
+\r
+\r
+ setStaleCacheEntriesTTL(3600) -- If no backends working, use cached data\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- listen on local port 5200\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** listen on port 0.0.0.0:5200 for DNS requests ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ setLocal("0.0.0.0:5200")\r
+\r
+\r
+ rlBlkLst = newRemoteLogger('127.0.0.1:60000') -- rpz hit protobuf handler for local address, port 60,000\r
+ rlCache = newRemoteLogger('127.0.0.1:60000') -- cache hit protobuf handler for local address, port 60,000\r
+ rlFwd = newRemoteLogger('127.0.0.1:60000') -- forward protobuf handler for local address, port 60,000\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- maintenance() function called every second\r
+\r
+ function maintenance()\r
+\r
+ if ((maintCounter % 60) == 0) then -- do this once a minute\r
+ print(string.format("\n maintenance() - %s", os.date("%X-%x")))\r
+\r
+ local tableStat = getStatisticsCounters() -- display statistics\r
+ for k, v in pairs( tableStat ) do\r
+ print(string.format(" %-23s %d ", k, v))\r
+ end\r
+\r
+\r
+ end\r
+ maintCounter = maintCounter + 1\r
+ end\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- luaCheckBL() - check for rpz hit\r
+-- if in blacklist then spoof response\r
+-- else forward normally to masterpool \r
+ warnlog(string.format("Script starting ----------------- %s ", "*** luaCheckBL() *** "))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ function luaCheckBL(dq)\r
+\r
+ if (bDebugCheckBL)\r
+ then\r
+ print(string.format("luaCheckBL -> qname.: %s ", dq.qname:toString()))\r
+\r
+ print(string.format("luaCheckBL -> qtype.: %d ", dq.qtype))\r
+ print(string.format("luaCheckBL -> from..: %s ", dq.remoteaddr:toStringWithPort()))\r
+ print(string.format("luaCheckBL -> opcode: %d ", dq.opcode))\r
+ print(string.format("luaCheckBL -> rcode.: %d ", dq.rcode))\r
+ print(string.format("luaCheckBL -> qclass: %d ", dq.qclass))\r
+ print(string.format("luaCheckBL -> DO....: %s ", tostring(dq:getDO())))\r
+ print(string.format("luaCheckBL -> Len...: %d ", dq.len)) \r
+ print(string.format("luaCheckBL -> Size..: %d ", dq.size)) \r
+ print(string.format("luaCheckBL -> TCP...: %s ", tostring(dq.tcp)))\r
+ end\r
+\r
+\r
+ local tKey = dq.qname:toString() -- get dns name client requested to be looked up\r
+ if(tKey ~= nil)\r
+ then\r
+ local tKey2 = string.sub(tKey, 1, string.len(tKey) - 1) -- get rid of final period at end of dnsname\r
+ if (bDebugCheckBL)\r
+ then\r
+ print(string.format("luaCheckBL -> tKey2.: %s ", tKey2))\r
+ end\r
+ if(tKey2 == strTestDns1)\r
+ then\r
+ dq:setTag("Trans", "RPZ") -- label this transaction as rpz for protobuf - NEW LUA COMMAND - 5/22/2017\r
+ dq:setTag("RPZ-Info", "reject-example") -- store blacklist extra data in dq for protobuf later -- NEW LUA COMMAND - 5/22/2017\r
+ dq:setTag("lua-time", os.date("%X-%x")) -- an example of storing extra data -- NEW LUA COMMAND - 5/22/2017\r
+ dq:setTag("lua-ver", _VERSION) -- another example of storing extra data -- NEW LUA COMMAND - 5/22/2017\r
+ dq:setTag("From", dq.remoteaddr:toStringWithPort()) -- store blacklist extra data in dq for protobuf later -- NEW LUA COMMAND - 5/22/2017\r
+ dq:setTag("TCP", tostring(dq.tcp)) -- store blacklist extra data in dq for protobuf later -- NEW LUA COMMAND - 5/22/2017\r
+\r
+ local tableTags = {} -- create a table as an experiment\r
+ tableTags["TestLabel1"] = "Test Value One" -- add transaction type to table\r
+ tableTags["TestLabel2"] = "Test Value Two" -- add transaction type to table\r
+ dq:setTagArray(tableTags) -- store table in dq for protobuf later -- NEW LUA COMMAND - 6/2/2017\r
+\r
+ if (bDebugCheckBL)\r
+ then\r
+ print(string.format("luaCheckBL -> RpzHit: %s **********", tValue))\r
+ print(string.format("--"))\r
+ end\r
+\r
+ return DNSAction.None, "" -- continue to the next rule\r
+\r
+ end\r
+ end\r
+\r
+ if (bDebugCheckBL)\r
+ then\r
+ print(string.format("luaCheckBL -> return DNSAction.Pool to masterpool "))\r
+ print(string.format("--"))\r
+ end\r
+\r
+ return DNSAction.Pool, "masterpool" -- use the specified pool to forward this query\r
+\r
+ end\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- declare a Lua action functino to alter the protobuf when a BlackList (RPZ) hit occurs\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** luaLogBL() -> 127.0.0.1:60000 ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+function luaLogBL(dr, pbMsg) -- this is the lua code that executes for a request\r
+\r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ print(string.format("luaLogBL -> qname: %s qtype: %d from: %s TCP: %s ", dr.qname:toString(), dr.qtype, dr.remoteaddr:toStringWithPort(), tostring(dr.tcp)))\r
+ print(string.format("luaLogBL -> pb: %s ", pbMsg:toDebugString())) \r
+ end\r
+\r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ print(string.format("luaLogBL -> dr:getTagArray() ")) \r
+ end\r
+ \r
+ local tableTags = dr:getTagArray() -- get array of tags inserted by setTag() - NEW LUA COMMAND - 5/24/2017\r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ for k, v in pairs( tableTags ) do\r
+ print(string.format("\t Label: %-15s Value: %s ", k, v))\r
+ end\r
+ end\r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ print(string.format("luaLogBL-> Test adding to table tableTags"))\r
+ tableTags["dude1"] = "test1" -- test adding extra entries to table\r
+ tableTags["dude2"] = "test2" -- test adding extra entries to table\r
+ tableTags["dude3"] = "test3" -- test adding extra entries to table\r
+ tableTags["dude4"] = "test4" -- test adding extra entries to table\r
+ end\r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ print(string.format("luaLogBL-> setTagArray(tableTags)"))\r
+ end\r
+\r
+ pbMsg:setTagArray(tableTags) -- store tableTags in the 'tags' field of the protobuf - NEW LUA COMMAND - 5/24/2017\r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ print(string.format("luaLogBL-> setResponseCode(dnsdist.NXDOMAIN)"))\r
+ end\r
+\r
+ \r
+ pbMsg:setResponseCode(dnsdist.NXDOMAIN) -- set protobuf response code to be NXDOMAIN\r
+\r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ print(string.format("luaLogBL-> get dns name"))\r
+ end\r
+\r
+\r
+ local strReqName = dr.qname:toString() -- get request dns name\r
+\r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ print(string.format("luaLogBL-> strReqName = %s", strReqName))\r
+ end\r
+\r
+ pbMsg:setProtobufResponseType(strReqName) -- set protobuf to look like a response and not a query, no query time -- NEW LUA COMMAND\r
+ -- strReqName - The DNS name that was sent by the client to be looked up.\r
+\r
+-- pbMsg:setProtobufResponseTypeQT(strReqName, os.time(), 0) -- set protobuf to look like a response and not a query, insert query time -- NEW LUA COMMAND\r
+ -- strReqName - The DNS name that was sent by the client to be looked up.\r
+ -- timestamp - Timestamp for protobuf field \r
+ -- timestamp - microseconds \r
+\r
+ if (bDebugLogBL)\r
+ then\r
+ print(string.format("--"))\r
+ end\r
+\r
+\r
+end\r
+\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- declare a Lua action function to alter the protobuf when a normal forwarding happens\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** luaLogForward() ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+function luaLogForward(dr, pbMsg)\r
+\r
+\r
+ if (bDebugLogForward)\r
+ then\r
+ print(string.format("luaLogForward -> qname: %s qtype: %d from: %s TCP: %s ", dr.qname:toString(), dr.qtype, dr.remoteaddr:toStringWithPort(), tostring(dr.tcp)))\r
+ print(string.format("luaLogForward -> opcode: %d ", dr.opcode))\r
+ print(string.format("luaLogForward -> rcode.: %d ", dr.rcode))\r
+ print(string.format("luaLogForward -> qclass: %d ", dr.qclass))\r
+ print(string.format("luaLogForward -> len...: %d ", dr.len))\r
+ print(string.format("luaLogForward -> pb: %s ", pbMsg:toDebugString())) \r
+ end\r
+\r
+\r
+ if (bDebugLogForward)\r
+ then\r
+ print(string.format("luaLogForward -> Creating a table with transaction type. ")) \r
+ end\r
+\r
+ local tableTags = {} -- create a table\r
+ tableTags["Trans"] = "FWD" -- add transaction type to table\r
+\r
+ if (bDebugLogForward)\r
+ then\r
+ print(string.format("luaLogBL-> setTagArray(tableTags)"))\r
+ end\r
+\r
+ pbMsg:setTagArray(tableTags) -- store tableTags in the 'tags' field of the protobuf - NEW LUA COMMAND - 5/24/2017\r
+\r
+\r
+\r
+ if (bDebugLogForward)\r
+ then\r
+ print(string.format("--"))\r
+ end\r
+\r
+end\r
+\r
+\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- declare a Lua action function to alter the protobuf when a Cache hit occurs\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** luaLogCache() ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+function luaLogCache(dr, pbMsg) -- this is the lua code that executes after a cache hit\r
+\r
+\r
+ if (bDebugLogCache)\r
+ then\r
+ print(string.format("luaLogCache -> qname: %s qtype: %d from: %s TCP: %s ", dr.qname:toString(), dr.qtype, dr.remoteaddr:toStringWithPort(), tostring(dr.tcp)))\r
+ end\r
+\r
+ if (bDebugLogCache)\r
+ then\r
+ print(string.format("luaLogForward -> Creating a table with transaction type. ")) \r
+ end\r
+\r
+ local tableTags = {} -- create a table\r
+ tableTags["Trans"] = "CACHE" -- add transaction type to table\r
+\r
+ if (bDebugLogCache)\r
+ then\r
+ print(string.format("luaLogBL-> setTagArray(tableTags)"))\r
+ end\r
+\r
+ pbMsg:setTagArray(tableTags) -- store tableTags in the 'tags' field of the protobuf - NEW LUA COMMAND - 5/24/2017\r
+\r
+\r
+\r
+ if (bDebugLogForward)\r
+ then\r
+ print(string.format("--"))\r
+ end\r
+\r
+\r
+ if (bDebugLogCache)\r
+ then\r
+ print(string.format("--"))\r
+ end\r
+\r
+end\r
+\r
+\r
+\r
+\r
+-- ----------------------------------------------------------------------------------------------\r
+ -- put this here so blacklist sends out protobuf......\r
+function luaRetNXDOMAIN(dq)\r
+\r
+ if (bDebugRetNXDOMAIN)\r
+ then\r
+ print(string.format("luaRetNXDOMAIN() - return NXDOMAIN to client"))\r
+ print(string.format("--"))\r
+ end\r
+ return DNSAction.Nxdomain, "" -- return NXDOMAIN response to client\r
+end\r
+\r
+\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- Rules\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** setting rules *** "))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+\r
+ addLuaAction(AllRule(), luaCheckBL) -- first, check blacklist, if match process next rule below, else send to "masterpool"\r
+\r
+ addAction(AllRule(), RemoteLogAction(rlBlkLst, luaLogBL)) -- then send out protobuf for rpz hit \r
+\r
+ addLuaAction(AllRule(), luaRetNXDOMAIN) -- then send nxdomain response back to the client.\r
+\r
+ addAction(AllRule(), PoolAction("masterpool")) -- direct requests that are not RPZ to pool "masterpool" \r
+\r
+\r
+ addCacheHitResponseAction(AllRule(), RemoteLogResponseAction(rlCache, luaLogCache)) -- used to send out protobuf on cache hit \r
+\r
+ \r
+ addResponseAction(AllRule(), RemoteLogResponseAction(rlFwd, luaLogForward)) -- used to send out protobuf on forward (normal) out \r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- finished setting up script\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ warnlog(string.format("Script finished ----------------- %s ", os.date("%X-%x")))\r
+\r
--- /dev/null
+-- -----------------------------------------------------------------------------------------------\r
+-- dnsdist2.conf - with NO text debugging comments.......\r
+-- see dnsdist2-debug.conf for a copy with text debugging.\r
+-- Seth Ornstein - sornstein@globalcyberalliance.org\r
+-- 6/7/2017\r
+-- for use in testing out new Lua commands for dnsdist\r
+-- git clone -b dnsdist-mod2 https://github.com/GlobalCyberAlliance/pdns.git\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ warnlog(string.format("Script starting ----------------- %s ", "dnsdist2.conf"))\r
+\r
+ warnlog(string.format("Script starting ----------------- %s ", os.date("%X-%x")))\r
+\r
+ warnlog(string.format("Script starting ----------------- Lua Version: %s - (should be 5.1)", _VERSION))\r
+\r
+\r
+\r
+ strTestDns1 = "1jw2mr4fmky.net" -- test #1 dns lookup name - (reject)\r
+\r
+ maintCounter = 0 -- maintainance counter\r
+\r
+ bDebugCheckBL = false -- true if debugging luaCheckBL\r
+ bDebugLogBL = false -- true if debugging luaLogBL\r
+ bDebugLogForward = false -- true if debugging luaLogForward\r
+ bDebugLogCache = false -- true if debugging luaLogCache\r
+ bDebugRetNXDOMAIN = false -- true if debugging luaRetNXDOMAIN\r
+\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- setup servers to use\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** setup servers to use ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+--newServer({address="64.6.64.6:53", name="Verisign_1", pool="masterpool"}) -- verisign dns server #1\r
+--newServer({address="64.6.65.6:53", name="Verisign_2", pool="masterpool"}) -- verisign dns server #2\r
+newServer({address="8.8.8.8:53", name="Google_1", pool="masterpool"}) -- google dns server #1\r
+newServer({address="8.8.4.4:53", name="Google_2", pool="masterpool"}) -- google dns server #2\r
+--newServer({address="208.67.222.222:53", name="Opendns_1", pool="masterpool"}) -- opendns dns server #1\r
+--newServer({address="208.67.220.220:53", name="Opendns_2", pool="masterpool"}) -- opendns dns server #2\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- set up the cache \r
+-- 10000 -> maximum number of entries stored in the cache (required)\r
+-- 86400 -> maximum lifetime of an entry in the cache (seconds)\r
+-- 0 -> minimum TTL an entry should have to be considered for insertion in the cache (seconds)\r
+-- 60 -> TTL used for a Server Failure or a Refused response (seconds)\r
+-- 60 -> TTL that will be used when a stale cache entry is returned (seconds)\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** setup cache *** "))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ pc = newPacketCache(10000, 86400, 0, 60, 60) -- new cache\r
+ getPool("masterpool"):setCache(pc) -- masterpool cache\r
+\r
+\r
+ setStaleCacheEntriesTTL(3600) -- If no backends working, use cached data\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- listen on local port 5200\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** listen on port 0.0.0.0:5200 for DNS requests ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ setLocal("0.0.0.0:5200")\r
+\r
+\r
+ rlBlkLst = newRemoteLogger('127.0.0.1:60000') -- rpz hit protobuf handler for local address, port 60,000\r
+ rlCache = newRemoteLogger('127.0.0.1:60000') -- cache hit protobuf handler for local address, port 60,000\r
+ rlFwd = newRemoteLogger('127.0.0.1:60000') -- forward protobuf handler for local address, port 60,000\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- maintenance() function called every second\r
+\r
+ function maintenance()\r
+\r
+ if ((maintCounter % 60) == 0) then -- do this once a minute\r
+ print(string.format("\n maintenance() - %s", os.date("%X-%x")))\r
+\r
+ local tableStat = getStatisticsCounters() -- display statistics\r
+ for k, v in pairs( tableStat ) do\r
+ print(string.format(" %-23s %d ", k, v))\r
+ end\r
+\r
+\r
+ end\r
+ maintCounter = maintCounter + 1\r
+ end\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- luaCheckBL() - check for rpz hit\r
+-- if in blacklist then spoof response\r
+-- else forward normally to masterpool \r
+ warnlog(string.format("Script starting ----------------- %s ", "*** luaCheckBL() *** "))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ function luaCheckBL(dq)\r
+\r
+\r
+\r
+ local tKey = dq.qname:toString() -- get dns name client requested to be looked up\r
+ if(tKey ~= nil)\r
+ then\r
+ local tKey2 = string.sub(tKey, 1, string.len(tKey) - 1) -- get rid of final period at end of dnsname\r
+ if(tKey2 == strTestDns1)\r
+ then\r
+ dq:setTag("Trans", "RPZ") -- label this transaction as rpz for protobuf - NEW LUA COMMAND - 5/22/2017\r
+ dq:setTag("RPZ-Info", "reject-example") -- store blacklist extra data in dq for protobuf later -- NEW LUA COMMAND - 5/22/2017\r
+\r
+ local tableTags = {} -- create a table as an experiment\r
+ tableTags["TestLabel1"] = "Test Value One" -- add transaction type to table\r
+ tableTags["TestLabel2"] = "Test Value Two" -- add transaction type to table\r
+ dq:setTagArray(tableTags) -- store table in dq for protobuf later -- NEW LUA COMMAND - 6/2/2017\r
+\r
+\r
+ return DNSAction.None, "" -- continue to the next rule\r
+\r
+ end\r
+ end\r
+\r
+\r
+ return DNSAction.Pool, "masterpool" -- use the specified pool to forward this query\r
+\r
+ end\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- declare a Lua action functino to alter the protobuf when a BlackList (RPZ) hit occurs\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** luaLogBL() -> 127.0.0.1:60000 ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+function luaLogBL(dr, pbMsg) -- this is the lua code that executes for a request\r
+\r
+\r
+\r
+\r
+ \r
+ local tableTags = dr:getTagArray() -- get array of tags inserted by setTag() - NEW LUA COMMAND - 5/24/2017\r
+\r
+\r
+\r
+\r
+ pbMsg:setTagArray(tableTags) -- store tableTags in the 'tags' field of the protobuf - NEW LUA COMMAND - 5/24/2017\r
+\r
+\r
+ \r
+ pbMsg:setResponseCode(dnsdist.NXDOMAIN) -- set protobuf response code to be NXDOMAIN\r
+\r
+\r
+\r
+\r
+ local strReqName = dr.qname:toString() -- get request dns name\r
+\r
+\r
+\r
+ pbMsg:setProtobufResponseType(strReqName) -- set protobuf to look like a response and not a query, no query time -- NEW LUA COMMAND\r
+ -- strReqName - The DNS name that was sent by the client to be looked up.\r
+\r
+-- pbMsg:setProtobufResponseTypeQT(strReqName, os.time(), 0) -- set protobuf to look like a response and not a query, insert query time -- NEW LUA COMMAND\r
+ -- strReqName - The DNS name that was sent by the client to be looked up.\r
+ -- timestamp - Timestamp for protobuf field \r
+ -- timestamp - microseconds \r
+\r
+\r
+\r
+end\r
+\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- declare a Lua action function to alter the protobuf when a normal forwarding happens\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** luaLogForward() ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+function luaLogForward(dr, pbMsg)\r
+\r
+\r
+\r
+\r
+ local tableTags = {} -- create a table\r
+ tableTags["Trans"] = "FWD" -- add transaction type to table\r
+\r
+\r
+ pbMsg:setTagArray(tableTags) -- store tableTags in the 'tags' field of the protobuf - NEW LUA COMMAND - 5/24/2017\r
+\r
+\r
+\r
+\r
+end\r
+\r
+\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- declare a Lua action function to alter the protobuf when a Cache hit occurs\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** luaLogCache() ***"))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+function luaLogCache(dr, pbMsg) -- this is the lua code that executes after a cache hit\r
+\r
+\r
+\r
+ local tableTags = {} -- create a table\r
+ tableTags["Trans"] = "CACHE" -- add transaction type to table\r
+\r
+\r
+ pbMsg:setTagArray(tableTags) -- store tableTags in the 'tags' field of the protobuf - NEW LUA COMMAND - 5/24/2017\r
+\r
+\r
+end\r
+\r
+\r
+\r
+\r
+-- ----------------------------------------------------------------------------------------------\r
+ -- put this here so blacklist sends out protobuf......\r
+function luaRetNXDOMAIN(dq)\r
+\r
+ return DNSAction.Nxdomain, "" -- return NXDOMAIN response to client\r
+end\r
+\r
+\r
+\r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- Rules\r
+ warnlog(string.format("Script starting ----------------- %s ", "*** setting rules *** "))\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+\r
+ addLuaAction(AllRule(), luaCheckBL) -- first, check blacklist, if match process next rule below, else send to "masterpool"\r
+\r
+ addAction(AllRule(), RemoteLogAction(rlBlkLst, luaLogBL)) -- then send out protobuf for rpz hit \r
+\r
+ addLuaAction(AllRule(), luaRetNXDOMAIN) -- then send nxdomain response back to the client.\r
+\r
+ addAction(AllRule(), PoolAction("masterpool")) -- direct requests that are not RPZ to pool "masterpool" \r
+\r
+\r
+ addCacheHitResponseAction(AllRule(), RemoteLogResponseAction(rlCache, luaLogCache)) -- used to send out protobuf on cache hit \r
+\r
+ \r
+ addResponseAction(AllRule(), RemoteLogResponseAction(rlFwd, luaLogForward)) -- used to send out protobuf on forward (normal) out \r
+\r
+-- -----------------------------------------------------------------------------------------------\r
+-- finished setting up script\r
+-- -----------------------------------------------------------------------------------------------\r
+\r
+ warnlog(string.format("Script finished ----------------- %s ", os.date("%X-%x")))\r
+\r
--- /dev/null
+echo "test-dnsdist2.sh - test dnsdist - debugging configuration"
+echo ""
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+SLASH="/"
+CFG_FILE="dnsdist-debug.conf"
+CONFIG_FILE=$DIR$SLASH$CFG_FILE
+echo "current directory: " $DIR
+echo ""
+echo "configuration file: " $CONFIG_FILE
+echo ""
+echo "cd ../pdns/dnsdistdist"
+echo ""
+cd ../pdns/dnsdistdist
+echo ""
+###echo "listen on port 5200 for requests"
+###echo ""
+###./dnsdist --config=$CONFIG_FILE --local=0.0.0.0:5200
+
+./dnsdist --config=$CONFIG_FILE
--- /dev/null
+echo "test-dnsdist2.sh - test dnsdist"
+echo ""
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+SLASH="/"
+CFG_FILE="dnsdist.conf"
+CONFIG_FILE=$DIR$SLASH$CFG_FILE
+echo "current directory: " $DIR
+echo ""
+echo "configuration file: " $CONFIG_FILE
+echo ""
+echo "cd ../pdns/dnsdistdist"
+echo ""
+cd ../pdns/dnsdistdist
+echo ""
+###echo "listen on port 5200 for requests"
+###echo ""
+###./dnsdist --config=$CONFIG_FILE --local=0.0.0.0:5200
+
+./dnsdist --config=$CONFIG_FILE
--- /dev/null
+echo "-------------- cd ../pdns/dnsdistdist -----------"
+cd ../pdns/dnsdistdist
+echo "-------------- make--------------------------------"
+make
+
--- /dev/null
+echo "protobuf-server2 for testing dnsdist Seth Global Cyber Alliance 6/7/2017"
+
+cd ../contrib/
+
+echo ""
+echo "----------------------------"
+echo "listening on 127.0.0.1:60000"
+echo "----------------------------"
+echo ""
+
+./ProtobufLogger.py 127.0.0.1 60000
+
+
+
projects / pdns / commitdiff