Hey Simon, when a client makes a query for a reply type that is not cache-able (i.e., is not one of [A, AAAA, SRV, PTR]), the reply is not mentioned at all in the log file. This is because extract_names() calls "continue" on the reply and logging would only have happened in insert_cache(). A noteworthy exception to this are TXT records that are handled in do_doctor() separately. However, client association is lost in this place (can be seen with log-queries=extra).
The attached patch fixes this by ensuring we call log_query() also for replies that do not enter the cache. I also moved the printing of TXT records here so "log-queries=extra" works as expected for those, too. ---- Test 1: $ dig SOA soa.dns.netmeister.org > Aug 27 10:33:08 dnsmasq[1497026]: query[SOA] soa.dns.netmeister.org > from 127.0.0.1 > Aug 27 10:33:08 dnsmasq[1497026]: forwarded soa.dns.netmeister.org to > 127.0.0.1 > Aug 27 10:33:08 dnsmasq[1497026]: reply soa.dns.netmeister.org is > non-cached [SOA] The last line is only visible with my patch. ---- Test 2 (log-queries=extra): $ dig TXT txt.dns.netmeister.org BEFORE (note missing "1 127.0.0.1/45114" in the last two): > Aug 27 10:35:33 dnsmasq[1497046]: 1 127.0.0.1/45114 query[TXT] > txt.dns.netmeister.org from 127.0.0.1 > Aug 27 10:35:33 dnsmasq[1497046]: 1 127.0.0.1/45114 forwarded > txt.dns.netmeister.org to 127.0.0.1 > Aug 27 10:35:33 dnsmasq[1497046]: reply txt.dns.netmeister.org is > Descriptive text. Completely overloaded for all sorts of things. > RFC1035 (1987) > Aug 27 10:35:33 dnsmasq[1497046]: reply txt.dns.netmeister.org is > Format: <text> NOW: > Aug 27 10:35:53 dnsmasq[1497049]: 1 127.0.0.1/42014 query[TXT] > txt.dns.netmeister.org from 127.0.0.1 > Aug 27 10:35:53 dnsmasq[1497049]: 1 127.0.0.1/42014 forwarded > txt.dns.netmeister.org to 127.0.0.1 > Aug 27 10:35:53 dnsmasq[1497049]: 1 127.0.0.1/42014 reply > txt.dns.netmeister.org is Descriptive text. Completely overloaded for > all sorts of things. RFC1035 (1987) > Aug 27 10:35:53 dnsmasq[1497049]: 1 127.0.0.1/42014 reply > txt.dns.netmeister.org is Format: <text> Best, Dominik
From b84cf751e933ec7b0fb6113bc0e8a751e25a7178 Mon Sep 17 00:00:00 2001 From: Dominik DL6ER <dl...@dl6er.de> Date: Fri, 27 Aug 2021 10:28:09 +0200 Subject: [PATCH] Also log non-cacheable replies Signed-off-by: Dominik DL6ER <dl...@dl6er.de> --- src/rfc1035.c | 98 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 60 insertions(+), 38 deletions(-) diff --git a/src/rfc1035.c b/src/rfc1035.c index 43d1060..a26a86b 100644 --- a/src/rfc1035.c +++ b/src/rfc1035.c @@ -444,34 +444,6 @@ static unsigned char *do_doctor(unsigned char *p, int count, struct dns_header * break; } } - else if (qtype == T_TXT && name && option_bool(OPT_LOG)) - { - unsigned char *p1 = p; - if (!CHECK_LEN(header, p1, qlen, rdlen)) - return 0; - while ((p1 - p) < rdlen) - { - unsigned int i, len = *p1; - unsigned char *p2 = p1; - if ((p1 + len - p) >= rdlen) - return 0; /* bad packet */ - /* make counted string zero-term and sanitise */ - for (i = 0; i < len; i++) - { - if (!isprint((int)*(p2+1))) - break; - - *p2 = *(p2+1); - p2++; - } - *p2 = 0; - my_syslog(LOG_INFO, "reply %s is %s", name, p1); - /* restore */ - memmove(p1 + 1, p1, i); - *p1 = len; - p1 += len+1; - } - } if (!ADD_RDLEN(header, p, qlen, rdlen)) return 0; /* bad packet */ @@ -534,6 +506,40 @@ static int find_soa(struct dns_header *header, size_t qlen, char *name, int *doc return minttl; } +/* Print TXT reply to log */ +static int print_txt(struct dns_header *header, const size_t qlen, char *name, + const int flags, unsigned char *p, const int ardlen) +{ + unsigned char *p1 = p; + if (!CHECK_LEN(header, p1, qlen, ardlen)) + return 0; + /* Loop over TXT payload */ + while ((p1 - p) < ardlen) + { + unsigned int i, len = *p1; + unsigned char *p3 = p1; + if ((p1 + len - p) >= ardlen) + return 0; /* bad packet */ + + /* make counted string zero-term and sanitise */ + for (i = 0; i < len; i++) + { + if (!isprint((int)*(p3+1))) + break; + *p3 = *(p3+1); + p3++; + } + + *p3 = 0; + log_query(flags | F_UPSTREAM, name, NULL, (char*)p1); + /* restore */ + memmove(p1 + 1, p1, i); + *p1 = len; + p1 += len+1; + } + return 1; +} + /* Note that the following code can create CNAME chains that don't point to a real record, either because of lack of memory, or lack of SOA records. These are treated by the cache code as expired and cleaned out that way. @@ -689,7 +695,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t { /* everything other than PTR */ struct crec *newc; - int addrlen = 0; + int addrlen = 0, insert = 1; if (qtype == T_A) { @@ -704,7 +710,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t else if (qtype == T_SRV) flags |= F_SRV; else - continue; + insert = 0; cname_loop1: if (!(p1 = skip_questions(header, qlen))) @@ -790,7 +796,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t if (!extract_name(header, qlen, &tmp, name, 1, 0)) return 0; } - else + else if(insert) { /* copy address into aligned storage */ if (!CHECK_LEN(header, p1, qlen, addrlen)) @@ -821,15 +827,31 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t } #endif } - - newc = cache_insert(name, &addr, C_IN, now, attl, flags | F_FORWARD | secflag); - if (newc && cpp) + if(insert) { - next_uid(newc); - cpp->addr.cname.target.cache = newc; - cpp->addr.cname.uid = newc->uid; + newc = cache_insert(name, &addr, C_IN, now, attl, flags | F_FORWARD | secflag); + if (newc && cpp) + { + next_uid(newc); + cpp->addr.cname.target.cache = newc; + cpp->addr.cname.uid = newc->uid; + } + cpp = NULL; + } + else + { + /* Handle non-cacheable replies. We still want to log those */ + if (aqtype == T_TXT) + { + if(!print_txt(header, qlen, name, flags, p1, ardlen)) + return 0; + } + else + { + char *atype = querystr("non-cached ", aqtype); + log_query(flags | F_UPSTREAM, name, NULL, atype); + } } - cpp = NULL; } } -- 2.25.1
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss