module_view_tsig.rpl 1.29 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
; config options
	stub-addr: 1.2.3.4
        feature-list: view=view:tsig('\8testkey1\0', policy.suffix(policy.DENY,{"\3com\0"}))
        feature-list: view=view:tsig('\7testkey\0', policy.suffix(policy.FORWARD('1.2.3.4'),{"\2cz\0"}))
	val-override-date: "20120420235959"
CONFIG_END

SCENARIO_BEGIN view:addr test

RANGE_BEGIN 0 110
	ADDRESS 1.2.3.4
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR RD RA NOERROR
SECTION QUESTION
example.cz. IN A
SECTION ANSWER
example.cz. IN A 5.6.7.8
ENTRY_END

ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR RD RA NOERROR
SECTION QUESTION
example.com. IN A
SECTION ANSWER
example.com. IN A 21.22.23.24
ENTRY_END
RANGE_END

; allowed by view 
STEP 10 QUERY
ENTRY_BEGIN
REPLY RD
TSIG testkey +Cdjlkef9ZTSeixERZ433Q==
SECTION QUESTION
example.cz. IN A
ENTRY_END

STEP 20 CHECK_ANSWER
ENTRY_BEGIN
44
MATCH flags rcode question answer
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
REPLY QR RD RA NOERROR
SECTION QUESTION
example.cz. IN A
SECTION ANSWER
example.cz. IN A 5.6.7.8
ENTRY_END

; blocked by view
; NXDOMAIN expected
STEP 30 QUERY
ENTRY_BEGIN
REPLY RD
TSIG testkey1 +Cdjlkef9ZTSeixERZ433Q==
SECTION QUESTION
example.com. IN A
ENTRY_END

STEP 40 CHECK_ANSWER
ENTRY_BEGIN
64
MATCH flags rcode question answer
65
REPLY QR RD RA AA NXDOMAIN
66 67 68 69 70 71
SECTION QUESTION
example.com. IN A
SECTION ANSWER
ENTRY_END

SCENARIO_END