From 7211d47b451bd3f6b984a9d75051b4275836a5af Mon Sep 17 00:00:00 2001
From: bert hubert <bert.hubert@netherlabs.nl>
Date: Thu, 10 Jan 2019 22:41:47 +0100
Subject: [PATCH] add -f,--filter-name option to dnsscope to limit processing
 to queries within a certain domain

---
 docs/manpages/dnsscope.1.rst |  1 +
 pdns/dnsscope.cc             | 15 ++++++++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/docs/manpages/dnsscope.1.rst b/docs/manpages/dnsscope.1.rst
index 921d8585f..3945d9ebb 100644
--- a/docs/manpages/dnsscope.1.rst
+++ b/docs/manpages/dnsscope.1.rst
@@ -23,6 +23,7 @@ INFILE
                                        flag set. By default, we process all DNS packets in *INFILE*.
 --ipv4=<state>                         Process IPv4 packets. On by default, disable with **--ipv4 false**.
 --ipv6=<state>                         Process IPv6 packets. On by default, disable with **--ipv6 false**.
+-f, --filter-name=<domain>             Only process packets within this domain 
 --full-histogram <msec>                Write out histogram with specified bin-size to 'full-histogram'
 --log-histogram                        Write out a log-histogram of response times to 'log-histogram'
 --no-servfail-stats                    Remove servfail responses from latency statistics
diff --git a/pdns/dnsscope.cc b/pdns/dnsscope.cc
index 82a36acad..841a0bf45 100644
--- a/pdns/dnsscope.cc
+++ b/pdns/dnsscope.cc
@@ -144,6 +144,7 @@ try
     ("log-histogram", "Write a log-histogram to file 'log-histogram'")
     ("full-histogram", po::value<double>(), "Write a log-histogram to file 'full-histogram' with this millisecond bin size")
 #endif
+    ("filter-name,f", po::value<string>(), "Do statistics only for queries within this domain")
     ("load-stats,l", po::value<string>()->default_value(""), "if set, emit per-second load statistics (questions, answers, outstanding)")
     ("no-servfail-stats", "Don't include servfails in response time stats")
     ("servfail-tree", "Figure out subtrees that generate servfails")
@@ -177,6 +178,11 @@ try
     exit(0);
   }
 
+  DNSName filtername;
+  if(g_vm.count("filter-name"))
+    filtername = DNSName(g_vm["filter-name"].as<string>());
+  uint32_t nameMismatch = 0;
+
   StatNode root;
 
   bool verbose = g_vm.count("verbose");
@@ -245,7 +251,12 @@ try
 	    rdFilterMismatch++;
 	    continue;
 	  }
-
+          
+          if(!filtername.empty() && !qname.isPartOf(filtername)) {
+            nameMismatch++;
+            continue;
+          }
+          
 	  if(!header.qr) {
             uint16_t udpsize, z;
             if(getEDNSUDPPayloadSizeAndZ((const char*)pr.d_payload, pr.d_len, &udpsize, &z)) {
@@ -390,6 +401,8 @@ try
   cout<<nonDNSIP<<" non-DNS UDP, "<<dnserrors<<" dns decoding errors, "<<parsefail<<" packets failed to parse"<<endl;
   cout<<"Ignored fragment packets: "<<fragmented<<endl;
   cout<<"Dropped DNS packets based on recursion-desired filter: "<<rdFilterMismatch<<endl;
+  if(!filtername.empty())
+    cout <<"Dropped DNS packets because not part of '"<<filtername<<"': "<<nameMismatch << endl;
   cout<<"DNS IPv4: "<<ipv4DNSPackets<<" packets, IPv6: "<<ipv6DNSPackets<<" packets"<<endl;
   cout<<"Questions: "<<queries<<", answers: "<<answers<<endl;
   cout<<"Reuses of same state entry: "<<reuses<<endl;
-- 
2.40.0