Lines Matching defs:rpz
31 #include <dns/rpz.h>
41 * for rpz-ip policies or policies triggered by addresses in A or
43 * The second set is for rpz-nsip policies or policies triggered by addresses
162 "rpz hit failed: %s %s", str, tgt);
183 FATAL_ERROR(__FILE__, __LINE__, "impossible rpz type %d", type);
647 * bin/tests/system/rpz/tests.sh looks for "invalid rpz".
654 "invalid rpz IP address \"%s\"%s%s",
748 type_from_name(dns_rpz_zone_t *rpz, dns_name_t *name) {
750 if (dns_name_issubdomain(name, &rpz->ip))
753 if (dns_name_issubdomain(name, &rpz->client_ip))
757 if (dns_name_issubdomain(name, &rpz->nsip))
762 if (dns_name_issubdomain(name, &rpz->nsdname))
781 dns_rpz_zone_t *rpz;
796 rpz = rpzs->zones[rpz_num];
797 REQUIRE(rpz != NULL);
803 ip_labels -= dns_name_countlabels(&rpz->origin);
805 ip_labels -= dns_name_countlabels(&rpz->nsdname);
939 "rpz IP address \"%s\""
957 dns_rpz_zone_t *rpz;
963 rpz = rpzs->zones[rpz_num];
964 REQUIRE(rpz != NULL);
985 n -= dns_name_countlabels(&rpz->origin);
987 n -= dns_name_countlabels(&rpz->nsdname);
1300 * bin/tests/system/rpz/tests.sh looks for "rpz.*failed".
1305 "rpz add_cidr(%s) failed: %s",
1484 * before discarding the overall rpz structure.
1488 dns_rpz_zone_t *rpz;
1491 rpz = *rpzp;
1493 isc_refcount_decrement(&rpz->refs, &refs);
1496 isc_refcount_destroy(&rpz->refs);
1498 if (dns_name_dynamic(&rpz->origin))
1499 dns_name_free(&rpz->origin, rpzs->mctx);
1500 if (dns_name_dynamic(&rpz->client_ip))
1501 dns_name_free(&rpz->client_ip, rpzs->mctx);
1502 if (dns_name_dynamic(&rpz->ip))
1503 dns_name_free(&rpz->ip, rpzs->mctx);
1504 if (dns_name_dynamic(&rpz->nsdname))
1505 dns_name_free(&rpz->nsdname, rpzs->mctx);
1506 if (dns_name_dynamic(&rpz->nsip))
1507 dns_name_free(&rpz->nsip, rpzs->mctx);
1508 if (dns_name_dynamic(&rpz->passthru))
1509 dns_name_free(&rpz->passthru, rpzs->mctx);
1510 if (dns_name_dynamic(&rpz->drop))
1511 dns_name_free(&rpz->drop, rpzs->mctx);
1512 if (dns_name_dynamic(&rpz->tcp_only))
1513 dns_name_free(&rpz->tcp_only, rpzs->mctx);
1514 if (dns_name_dynamic(&rpz->cname))
1515 dns_name_free(&rpz->cname, rpzs->mctx);
1517 isc_mem_put(rpzs->mctx, rpz, sizeof(*rpz));
1533 dns_rpz_zone_t *rpz;
1547 * Forget the last of view's rpz machinery after the last
1551 rpz = rpzs->zones[rpz_num];
1553 if (rpz != NULL)
1554 rpz_detach(&rpz, rpzs);
1574 dns_rpz_zone_t *rpz;
1579 rpz = rpzs->zones[rpz_num];
1580 REQUIRE(rpz != NULL);
1624 load_rpzs->zones[rpz_num] = rpz;
1625 isc_refcount_increment(&rpz->refs, NULL);
1733 * nsdname+qname RBT trees) are then swapped into the view's common rpz
1735 * swap, the search_lock of the view's common rpz struct is acquired so
1739 * common rpz struct, and some other summary counts and masks are
1908 dns_rpz_zone_t *rpz;
1913 rpz = rpzs->zones[rpz_num];
1914 REQUIRE(rpz != NULL);
1916 rpz_type = type_from_name(rpz, src_name);
1954 * Do not worry about invalid rpz IP address names. If we
2067 "rpz del_name(%s) node search failed: %s",
2097 * bin/tests/system/rpz/tests.sh looks for "rpz.*failed".
2102 "rpz del_name(%s) node delete failed: %s",
2117 dns_rpz_zone_t *rpz;
2121 rpz = rpzs->zones[rpz_num];
2122 REQUIRE(rpz != NULL);
2124 rpz_type = type_from_name(rpz, src_name);
2261 * bin/tests/system/rpz/tests.sh looks for "rpz.*failed".
2265 "rpz ip2name() failed: %s",
2325 * bin/tests/system/rpz/tests.sh looks for "rpz.*failed".
2343 dns_rpz_decode_cname(dns_rpz_zone_t *rpz, dns_rdataset_t *rdataset,
2381 * CNAME rpz-tcp-only. means "send truncated UDP responses."
2383 if (dns_name_equal(&cname.cname, &rpz->tcp_only))
2387 * CNAME rpz-drop. means "do not respond."
2389 if (dns_name_equal(&cname.cname, &rpz->drop))
2393 * CNAME rpz-passthru. means "do not rewrite."
2395 if (dns_name_equal(&cname.cname, &rpz->passthru))
2399 * 128.1.0.127.rpz-ip CNAME 128.1.0.0.127. is obsolete PASSTHRU