Commit Diff
Diff:
80f566b3012568eeb4ce5a798e1f69e5e108b9eb
b996898f8767d6251f15f76926adbb85d01e1f80
Commit:
b996898f8767d6251f15f76926adbb85d01e1f80
Tree:
7cea919a295b3dc827397a6938900b302cfc730e
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Tue Jul 9 12:24:09 2019 UTC
Message:
allow one to set a port when notifying a remote server, this could be good for dns servers that are on a nonstandard port. update manpage delphinudsns.conf.5
blob - 1c80cb63b4852c6b9ad2fe0217a29185455cfba1
blob + 9fe989b2398d6ccc10a437560d0b2c2cfb7b1c55
--- axfr.c
+++ axfr.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: axfr.c,v 1.32 2019/06/27 04:20:26 pjp Exp $
+ * $Id: axfr.c,v 1.33 2019/07/09 12:24:09 pjp Exp $
*/
#include <sys/types.h>
@@ -1672,7 +1672,7 @@ notifypacket(int so, void *vnotnp, void *vmd, int pack
sin = (struct sockaddr_in *)&md->notifydest;
memset(&bsin, 0, sizeof(bsin));
bsin.sin_family = AF_INET;
- bsin.sin_port = htons(53);
+ bsin.sin_port = htons(md->port);
bsin.sin_addr.s_addr = tmpsin->sin_addr.s_addr;
ret = sendto(so, packet, outlen, 0, (struct sockaddr *)&bsin, slen);
@@ -1683,7 +1683,7 @@ notifypacket(int so, void *vnotnp, void *vmd, int pack
sin6 = (struct sockaddr_in6 *)&md->notifydest;
memset(&bsin6, 0, sizeof(bsin6));
bsin6.sin6_family = AF_INET6;
- bsin6.sin6_port = htons(53);
+ bsin6.sin6_port = htons(md->port);
memcpy(&bsin6.sin6_addr, &tmpsin->sin6_addr, 16);
ret = sendto(so, packet, outlen, 0, (struct sockaddr *)sin6, slen);
blob - 748cf0755a74db7a3cbb22afe5587a659ee4dae4
blob + 5dcbb7d2b0e8751fc2309f05f8e1dfa7c6970746
--- ddd-db.h
+++ ddd-db.h
@@ -27,7 +27,7 @@
*/
/*
- * $Id: ddd-db.h,v 1.19 2019/06/26 12:38:35 pjp Exp $
+ * $Id: ddd-db.h,v 1.20 2019/07/09 12:24:09 pjp Exp $
*/
#ifndef _DB_H
@@ -383,6 +383,7 @@ struct mzone_dest {
int notified;
char requestmac[32];
char *tsigkey;
+ u_int16_t port;
};
struct mzone {
blob - ee3e0d651e8e35baa3974cd8a6062ecf5c41731c
blob + 00785f4385421ef4e57ae078ad808387dc8fc041
--- delphinusdns.conf.5
+++ delphinusdns.conf.5
@@ -45,7 +45,7 @@ Here is a sample
.Nm
file:
.Bd -literal
-version "8";
+version "9";
options "cool stuff" {
interface "lo0";
interface "em0";
@@ -70,13 +70,12 @@ axfr-for "these hosts" {
192.168.0.0/16;
}
-notify "these hosts" {
- 192.168.34.1;
- 192.168.35.1 DNSKEY;
- ::1;
+mzone "centroid.eu" {
+ zonename "centroid.eu";
+ notifydest 192.168.34.1 NOKEY;
+ notifydest ::1 port 8053 NOKEY;
}
-
zone "centroid.eu" {
centroid.eu,soa,3600,uranus.centroid.eu.,pjp.solarscale.de.,2014051701,3600,1800,7200,3600
centroid.eu,ns,3600,proteus.solarscale.de.
@@ -124,66 +123,12 @@ zone "centroid.eu" {
; glue record
;ns2.server.com.,a,3600,10.0.0.2
}
-zone "ipv6.centroid.eu" {
- ipv6.centroid.eu,soa,3600,uranus.centroid.eu.,pjp.solarscale.de.,1244725285,3600,1800,7200,3600
- ipv6.centroid.eu,aaaa,3600,2001:a60:f074::8
- www.ipv6.centroid.eu,aaaa,3600,2001:a60:f074::8
-}
-zone "ipv6.solarscale.de" {
- ipv6.solarscale.de,soa,3600,proteus.solarscale.de.,pjp.solarscale.de.,1234896563,3600,1800,7200,3600
- ipv6.solarscale.de,ns,3600,proteus.solarscale.de.
- ipv6.solarscale.de,ns,3600,uranus.centroid.eu.
- ipv6.solarscale.de,aaaa,3600,2001:a60:f074::8
- www.ipv6.solarscale.de,aaaa,3600,2001:a60:f074::8
-}
-zone "reverse dns" {
- 0.4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa.,soa,3600,proteus.solarscale.de.,pjp.solarscale.de.,1234896562,3600,1800,7200,3600
- 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa.,ptr,3600,uranus.centroid.eu.
- 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.7.0.f.0.6.a.0.1.0.0.2.ip6.arpa.,ptr,3600,setebos.centroid.eu.
-}
-
-zone "root hints" {
- .,hint,3600000,A.ROOT-SERVERS.NET.
- A.ROOT-SERVERS.NET.,a,3600000,198.41.0.4
- A.ROOT-SERVERS.NET.,aaaa,3600000,2001:503:BA3E::2:30
- .,hint,3600000,B.ROOT-SERVERS.NET.
- B.ROOT-SERVERS.NET.,a,3600000,192.228.79.201
- .,hint,3600000,C.ROOT-SERVERS.NET.
- C.ROOT-SERVERS.NET.,a,3600000,192.33.4.12
- .,hint,3600000,D.ROOT-SERVERS.NET.
- D.ROOT-SERVERS.NET.,a,3600000,199.7.91.13
- D.ROOT-SERVERS.NET.,aaaa,3600000,2001:500:2D::D
- .,hint,3600000,E.ROOT-SERVERS.NET.
- E.ROOT-SERVERS.NET.,a,3600000,192.203.230.10
- .,hint,3600000,F.ROOT-SERVERS.NET.
- F.ROOT-SERVERS.NET.,a,3600000,192.5.5.241
- F.ROOT-SERVERS.NET.,aaaa,3600000,2001:500:2f::f
- .,hint,3600000,G.ROOT-SERVERS.NET.
- G.ROOT-SERVERS.NET.,a,3600000,192.112.36.4
- .,hint,3600000,H.ROOT-SERVERS.NET.
- H.ROOT-SERVERS.NET.,a,3600000,128.63.2.53
- H.ROOT-SERVERS.NET.,aaaa,3600000,2001:500:1::803f:235
- .,hint,3600000,I.ROOT-SERVERS.NET.
- I.ROOT-SERVERS.NET.,a,3600000,192.36.148.17
- .,hint,3600000,J.ROOT-SERVERS.NET.
- J.ROOT-SERVERS.NET.,a,3600000,192.58.128.30
- J.ROOT-SERVERS.NET.,aaaa,3600000,2001:503:C27::2:30
- .,hint,3600000,K.ROOT-SERVERS.NET.
- K.ROOT-SERVERS.NET.,a,3600000,193.0.14.129
- K.ROOT-SERVERS.NET.,aaaa,3600000,2001:7fd::1
- .,hint,3600000,L.ROOT-SERVERS.NET.
- L.ROOT-SERVERS.NET.,a,3600000,199.7.83.42
- L.ROOT-SERVERS.NET.,aaaa,3600000,2001:500:3::42
- .,hint,3600000,M.ROOT-SERVERS.NET.
- M.ROOT-SERVERS.NET.,a,3600000,202.12.27.33
- M.ROOT-SERVERS.NET.,aaaa,3600000,2001:dc3::35
-}
.Ed
Here is a sample
.Nm
file suited for DNSSEC:
.Bd -literal
-version "7";
+version "9";
options "some options" {
ratelimit-pps 12;
bind 127.0.0.1;
@@ -192,7 +137,7 @@ options "some options" {
port 32253;
log;
dnssec;
- versionstring "delphinusdnsd 1.1.0";
+ versionstring "delphinusdnsd 1.4.0";
}
axfr-for "these hosts" {
::1/128;
@@ -202,14 +147,15 @@ axfr-for "these hosts" {
axfrport "10053";
-notify "these hosts" {
- 10.110.99.88 DNSKEY;
- ::1;
+mzone "centroid.eu" {
+ zonename "centroid.eu";
+ notifydest 10.1110.99.88 NOKEY;
+ notifydest ::1 port 8053 NOKEY;
}
+
zinclude "/etc/delphinusdns/centroid.eu.signed";
zinclude "/etc/delphinusdns/virgostar.net.signed";
-zinclude "/etc/delphinusdns/solarscale.de.signed";
.Ed
Then the included files are output of
@@ -220,7 +166,7 @@ Syntax for
in BNF:
.Bd -literal
line = ( version | axfrport | include | zinclude | zone | region |
- axfr | notify | whitelist | filter | recurse | logging
+ axfr | mzone | whitelist | filter | recurse | logging
| comment | options )
version = "version" ("number") ;
@@ -248,9 +194,12 @@ cidrlist = { [ cidr-address ] ; ... }
axfr = "axfr-for" ("string") [ "{" cidrlist "}" ]
-notifylist = { [ cidr-address ] [ tsig-keyname ] ; ... }
+mzonelist = ( optzonename | optnotifydest | optnotifybind )
+optzonename = "zonename" ("string") ;
+optnotifydest = "notifydest" cidr-address ["port number"] "tsigkey" ;
+optnotifybind = "notifybind" cidr-address ;
-notify = "notify" ("string") [ "{" notifylist "}" ]
+mzone = "mzone" ("string") [ "{" mzonelist "}" ]
whitelist = "whitelist" ("string") [ "{" cidrlist "}" ]
blob - 4d016193be08fc44f3bbca3b10b4885d211572ea
blob + 4b0f0477be8c6d86c4ad32d6bd79d1e38df1262c
--- parse.y
+++ parse.y
@@ -21,7 +21,7 @@
*/
/*
- * $Id: parse.y,v 1.73 2019/07/05 08:14:50 pjp Exp $
+ * $Id: parse.y,v 1.74 2019/07/09 12:24:09 pjp Exp $
*/
%{
@@ -242,7 +242,7 @@ static int pull_remote_zone(struct rzone *);
%token DOT COLON TEXT WOF INCLUDE ZONE COMMA CRLF
%token ERROR AXFRPORT LOGGING OPTIONS FILTER MZONE
%token WHITELIST ZINCLUDE MASTER MASTERPORT TSIGAUTH
-%token TSIG NOTIFYDEST NOTIFYBIND
+%token TSIG NOTIFYDEST NOTIFYBIND PORT
%token <v.string> POUND
%token <v.string> SEMICOLON
@@ -468,6 +468,69 @@ mzonestatement:
free($2);
}
|
+ NOTIFYDEST ipcidr PORT NUMBER STRING SEMICOLON CRLF
+ {
+ struct sockaddr_in *sin;
+ struct sockaddr_in6 *sin6;
+ struct mzone_dest *md;
+
+ mz = SLIST_FIRST(&mzones);
+ if (mz == NULL) {
+ mz = add_mzone();
+ SLIST_INIT(&mz->dest);
+ }
+
+ md = calloc(sizeof(struct mzone_dest), 1);
+ if (md == NULL) {
+ dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
+ return (-1);
+ }
+
+ sin = (struct sockaddr_in *)&md->notifydest;
+ sin6 = (struct sockaddr_in6 *)&md->notifydest;
+
+ if (strchr($2, ':')) {
+ inet_pton(AF_INET6, $2, &sin6->sin6_addr);
+ md->port = $4 & 0xffff;
+ md->notifydest.ss_family = AF_INET6;
+ if (strcmp($5, "NOKEY") == 0) {
+ md->tsigkey = NULL;
+ } else {
+ md->tsigkey = strdup($5);
+ if (md->tsigkey == NULL) {
+ perror("stdup");
+ return -1;
+ }
+ }
+
+
+ SLIST_INSERT_HEAD(&mz->dest, md, entries);
+
+ notify++;
+ } else {
+ inet_pton(AF_INET, $2, &sin->sin_addr.s_addr);
+ md->notifydest.ss_family = AF_INET;
+ md->port = $4 & 0xffff;
+
+ if (strcmp($5, "NOKEY") == 0) {
+ md->tsigkey = NULL;
+ } else {
+ md->tsigkey = strdup($5);
+ if (md->tsigkey == NULL) {
+ perror("stdup");
+ return -1;
+ }
+ }
+
+ SLIST_INSERT_HEAD(&mz->dest, md, entries);
+ notify++;
+ }
+
+
+ free($2);
+ free($5);
+ }
+ |
NOTIFYDEST ipcidr STRING SEMICOLON CRLF
{
struct sockaddr_in *sin;
@@ -492,6 +555,7 @@ mzonestatement:
if (strchr($2, ':')) {
inet_pton(AF_INET6, $2, &sin6->sin6_addr);
md->notifydest.ss_family = AF_INET6;
+ md->port = 53;
if (strcmp($3, "NOKEY") == 0) {
md->tsigkey = NULL;
} else {
@@ -509,6 +573,7 @@ mzonestatement:
} else {
inet_pton(AF_INET, $2, &sin->sin_addr.s_addr);
md->notifydest.ss_family = AF_INET;
+ md->port = 53;
if (strcmp($3, "NOKEY") == 0) {
md->tsigkey = NULL;
@@ -1105,15 +1170,18 @@ optionsstatement:
}
}
|
+ PORT NUMBER SEMICOLON CRLF
+ {
+ port = $2 & 0xffff;
+ dolog(LOG_DEBUG, "listening on port %d\n", port);
+ }
+ |
STRING NUMBER SEMICOLON CRLF
{
if (file->descend == DESCEND_YES) {
if (strcasecmp($1, "fork") == 0) {
dolog(LOG_DEBUG, "forking %d times\n", $2);
nflag = $2;
- } else if (strcasecmp($1, "port") == 0) {
- port = $2 & 0xffff;
- dolog(LOG_DEBUG, "listening on port %d\n", port);
} else if (strcasecmp($1, "ratelimit-pps") == 0) {
if ($2 > 127 || $2 < 1) {
dolog(LOG_ERR, "ratelimit packets per second must be between 1 and 127, or leave it off!\n");
@@ -1604,6 +1672,7 @@ struct tab cmdtab[] = {
{ "notifybind", NOTIFYBIND, 0},
{ "notifydest", NOTIFYDEST, 0},
{ "options", OPTIONS, 0 },
+ { "port", PORT, 0},
{ "region", REGION, STATE_IP },
{ "rzone", RZONE, 0 },
{ "tsig", TSIG, 0 },
repomaster@centroid.eu