diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 07:24:22 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 07:24:22 +0000 |
commit | 45d6379135504814ab723b57f0eb8be23393a51d (patch) | |
tree | d4f2ec4acca824a8446387a758b0ce4238a4dffa /bin/tests/system/geoip2 | |
parent | Initial commit. (diff) | |
download | bind9-upstream.tar.xz bind9-upstream.zip |
Adding upstream version 1:9.16.44.upstream/1%9.16.44upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
35 files changed, 3137 insertions, 0 deletions
diff --git a/bin/tests/system/geoip2/clean.sh b/bin/tests/system/geoip2/clean.sh new file mode 100644 index 0000000..46de65b --- /dev/null +++ b/bin/tests/system/geoip2/clean.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +rm -f ns2/named.conf +rm -f ns2/example*.db +rm -f dig.out.* rndc.out.* +rm -f ns?/named.run +rm -f ns?/named.memstats +rm -f ns*/named.lock +rm -f ns*/managed-keys.bind* ns*/*.mkeys* diff --git a/bin/tests/system/geoip2/conf/bad-areacode.conf b/bin/tests/system/geoip2/conf/bad-areacode.conf new file mode 100644 index 0000000..2ca9dd4 --- /dev/null +++ b/bin/tests/system/geoip2/conf/bad-areacode.conf @@ -0,0 +1,38 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +controls { /* empty */ }; + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + geoip-directory "data"; + allow-query { + geoip area 831; + geoip areacode 831; + geoip metro 828; + geoip metrocode 828; + geoip tz "America/Los_Angeles"; + geoip timezone "America/Los_Angeles"; + geoip postal 95060; + geoip postalcode 95060; + }; +}; diff --git a/bin/tests/system/geoip2/conf/bad-dbname.conf b/bin/tests/system/geoip2/conf/bad-dbname.conf new file mode 100644 index 0000000..9fc5238 --- /dev/null +++ b/bin/tests/system/geoip2/conf/bad-dbname.conf @@ -0,0 +1,30 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; +}; + +view one { + match-clients { geoip db unknown asnum "WX"; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; diff --git a/bin/tests/system/geoip2/conf/bad-netspeed.conf b/bin/tests/system/geoip2/conf/bad-netspeed.conf new file mode 100644 index 0000000..133fd42 --- /dev/null +++ b/bin/tests/system/geoip2/conf/bad-netspeed.conf @@ -0,0 +1,37 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +controls { /* empty */ }; + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + geoip-directory "data"; + allow-query { + geoip netspeed 100; + geoip metro 828; + geoip metrocode 828; + geoip tz "America/Los_Angeles"; + geoip timezone "America/Los_Angeles"; + geoip postal 95060; + geoip postalcode 95060; + }; +}; diff --git a/bin/tests/system/geoip2/conf/bad-regiondb.conf b/bin/tests/system/geoip2/conf/bad-regiondb.conf new file mode 100644 index 0000000..aebdbed --- /dev/null +++ b/bin/tests/system/geoip2/conf/bad-regiondb.conf @@ -0,0 +1,44 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip db region region "California"; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; diff --git a/bin/tests/system/geoip2/conf/bad-threeletter.conf b/bin/tests/system/geoip2/conf/bad-threeletter.conf new file mode 100644 index 0000000..ec0a9df --- /dev/null +++ b/bin/tests/system/geoip2/conf/bad-threeletter.conf @@ -0,0 +1,35 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +view one { + match-clients { geoip db country country AUS; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; diff --git a/bin/tests/system/geoip2/conf/good-options.conf b/bin/tests/system/geoip2/conf/good-options.conf new file mode 100644 index 0000000..02c5e5d --- /dev/null +++ b/bin/tests/system/geoip2/conf/good-options.conf @@ -0,0 +1,36 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +controls { /* empty */ }; + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + geoip-directory "data"; + allow-query { + geoip metro 828; + geoip metrocode 828; + geoip tz "America/Los_Angeles"; + geoip timezone "America/Los_Angeles"; + geoip postal 95060; + geoip postalcode 95060; + }; +}; diff --git a/bin/tests/system/geoip2/data/GeoIP2-City.json b/bin/tests/system/geoip2/data/GeoIP2-City.json new file mode 100644 index 0000000..5490d42 --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoIP2-City.json @@ -0,0 +1,506 @@ +[ + { + "::10.53.0.1/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Redwood City" + } + }, + "location" : { + "metro_code" : "807", + "time_zone" : "America/Los_Angeles" + }, + "postal" : { + "code" : "94063" + }, + "subdivisions" : [ + { + "iso_code" : "CA", + "names" : { + "en" : "California" + } + } + ] + } + }, + { + "::10.53.0.2/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Santa Cruz" + } + }, + "location" : { + "metro_code" : "828", + "time_zone" : "America/Los_Angeles" + }, + "postal" : { + "code" : "95060" + }, + "subdivisions" : [ + { + "iso_code" : "CA", + "names" : { + "en" : "California" + } + } + ] + } + }, + { + "::10.53.0.3/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Oklahoma City" + } + }, + "location" : { + "metro_code" : "650", + "time_zone" : "America/Chicago" + }, + "postal" : { + "code" : "73120" + }, + "subdivisions" : [ + { + "iso_code" : "OK", + "names" : { + "en" : "Oklahoma" + } + } + ] + } + }, + { + "::10.53.0.4/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Ashland" + } + }, + "location" : { + "metro_code" : "556", + "time_zone" : "America/New_York" + }, + "postal" : { + "code" : "23005" + }, + "subdivisions" : [ + { + "iso_code" : "VA", + "names" : { + "en" : "Virginia" + } + } + ] + } + }, + { + "::10.53.0.5/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Atlanta" + } + }, + "location" : { + "metro_code" : "524", + "time_zone" : "America/New_York" + }, + "postal" : { + "code" : "30345" + }, + "subdivisions" : [ + { + "iso_code" : "GA", + "names" : { + "en" : "Georgia" + } + } + ] + } + }, + { + "::10.53.0.6/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Morrison" + } + }, + "location" : { + "metro_code" : "751", + "time_zone" : "America/Denver" + }, + "postal" : { + "code" : "80465" + }, + "subdivisions" : [ + { + "iso_code" : "CO", + "names" : { + "en" : "Colorado" + } + } + ] + } + }, + { + "::10.53.0.7/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Ketchikan" + } + }, + "location" : { + "metro_code" : "747", + "time_zone" : "America/Anchorage" + }, + "postal" : { + "code" : "99901" + }, + "subdivisions" : [ + { + "iso_code" : "AK", + "names" : { + "en" : "Alaska" + } + } + ] + } + }, + { + "fd92:7065:b8e:ffff::1/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Redwood City" + } + }, + "location" : { + "metro_code" : "807", + "time_zone" : "America/Los_Angeles" + }, + "postal" : { + "code" : "94063" + }, + "subdivisions" : [ + { + "iso_code" : "CA", + "names" : { + "en" : "California" + } + } + ] + } + }, + { + "fd92:7065:b8e:ffff::2/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Santa Cruz" + } + }, + "location" : { + "metro_code" : "828", + "time_zone" : "America/Los_Angeles" + }, + "postal" : { + "code" : "95060" + }, + "subdivisions" : [ + { + "iso_code" : "CA", + "names" : { + "en" : "California" + } + } + ] + } + }, + { + "fd92:7065:b8e:ffff::3/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Oklahoma City" + } + }, + "location" : { + "metro_code" : "650", + "time_zone" : "America/Chicago" + }, + "postal" : { + "code" : "73120" + }, + "subdivisions" : [ + { + "iso_code" : "OK", + "names" : { + "en" : "Oklahoma" + } + } + ] + } + }, + { + "fd92:7065:b8e:ffff::4/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Ashland" + } + }, + "location" : { + "metro_code" : "556", + "time_zone" : "America/New_York" + }, + "postal" : { + "code" : "23005" + }, + "subdivisions" : [ + { + "iso_code" : "VA", + "names" : { + "en" : "Virginia" + } + } + ] + } + }, + { + "fd92:7065:b8e:ffff::5/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Atlanta" + } + }, + "location" : { + "metro_code" : "524", + "time_zone" : "America/New_York" + }, + "postal" : { + "code" : "30345" + }, + "subdivisions" : [ + { + "iso_code" : "GA", + "names" : { + "en" : "Georgia" + } + } + ] + } + }, + { + "fd92:7065:b8e:ffff::6/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Morrison" + } + }, + "location" : { + "metro_code" : "751", + "time_zone" : "America/Denver" + }, + "postal" : { + "code" : "80465" + }, + "subdivisions" : [ + { + "iso_code" : "CO", + "names" : { + "en" : "Colorado" + } + } + ] + } + }, + { + "fd92:7065:b8e:ffff::7/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + }, + "city" : { + "names" : { + "en" : "Ketchikan" + } + }, + "location" : { + "metro_code" : "747", + "time_zone" : "America/Anchorage" + }, + "postal" : { + "code" : "99901" + }, + "subdivisions" : [ + { + "iso_code" : "AK", + "names" : { + "en" : "Alaska" + } + } + ] + } + } +] diff --git a/bin/tests/system/geoip2/data/GeoIP2-City.mmdb b/bin/tests/system/geoip2/data/GeoIP2-City.mmdb Binary files differnew file mode 100644 index 0000000..79c5314 --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoIP2-City.mmdb diff --git a/bin/tests/system/geoip2/data/GeoIP2-Country.json b/bin/tests/system/geoip2/data/GeoIP2-Country.json new file mode 100644 index 0000000..83a8ca8 --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoIP2-Country.json @@ -0,0 +1,242 @@ +[ + { + "::10.53.0.1/128" : { + "continent" : { + "code" : "OC", + "names" : { + "en" : "Oceania" + } + }, + "country" : { + "iso_code" : "AU", + "names" : { + "en" : "Australia" + } + } + } + }, + { + "::10.53.0.2/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + } + } + }, + { + "::10.53.0.3/128" : { + "continent" : { + "code" : "EU", + "names" : { + "en" : "Europe" + } + }, + "country" : { + "iso_code" : "GB", + "names" : { + "en" : "United Kingdom" + } + } + } + }, + { + "::10.53.0.4/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "CA", + "names" : { + "en" : "Canada" + } + } + } + }, + { + "::10.53.0.5/128" : { + "continent" : { + "code" : "SA", + "names" : { + "en" : "South America" + } + }, + "country" : { + "iso_code" : "CL", + "names" : { + "en" : "Chile" + } + } + } + }, + { + "::10.53.0.6/128" : { + "continent" : { + "code" : "EU", + "names" : { + "en" : "Europe" + } + }, + "country" : { + "iso_code" : "DE", + "names" : { + "en" : "Germany" + } + } + } + }, + { + "::10.53.0.7/128" : { + "continent" : { + "code" : "AF", + "names" : { + "en" : "Africa" + } + }, + "country" : { + "iso_code" : "EH", + "names" : { + "en" : "Western Sahara" + } + } + } + }, + { + "::192.0.2.0/120" : { + "continent" : { + "code" : "O1", + "names" : { + "en" : "Other" + } + }, + "country" : { + "iso_code" : "O1", + "names" : { + "en" : "Other" + } + } + } + }, + { + "fd92:7065:b8e:ffff::1/128" : { + "continent" : { + "code" : "OC", + "names" : { + "en" : "Oceania" + } + }, + "country" : { + "iso_code" : "AU", + "names" : { + "en" : "Australia" + } + } + } + }, + { + "fd92:7065:b8e:ffff::2/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "US", + "names" : { + "en" : "United States" + } + } + } + }, + { + "fd92:7065:b8e:ffff::3/128" : { + "continent" : { + "code" : "EU", + "names" : { + "en" : "Europe" + } + }, + "country" : { + "iso_code" : "GB", + "names" : { + "en" : "United Kingdom" + } + } + } + }, + { + "fd92:7065:b8e:ffff::4/128" : { + "continent" : { + "code" : "NA", + "names" : { + "en" : "North America" + } + }, + "country" : { + "iso_code" : "CA", + "names" : { + "en" : "Canada" + } + } + } + }, + { + "fd92:7065:b8e:ffff::5/128" : { + "continent" : { + "code" : "SA", + "names" : { + "en" : "South America" + } + }, + "country" : { + "iso_code" : "CL", + "names" : { + "en" : "Chile" + } + } + } + }, + { + "fd92:7065:b8e:ffff::6/128" : { + "continent" : { + "code" : "EU", + "names" : { + "en" : "Europe" + } + }, + "country" : { + "iso_code" : "DE", + "names" : { + "en" : "Germany" + } + } + } + }, + { + "fd92:7065:b8e:ffff::7/128" : { + "continent" : { + "code" : "AF", + "names" : { + "en" : "Africa" + } + }, + "country" : { + "iso_code" : "EH", + "names" : { + "en" : "Western Sahara" + } + } + } + } +] diff --git a/bin/tests/system/geoip2/data/GeoIP2-Country.mmdb b/bin/tests/system/geoip2/data/GeoIP2-Country.mmdb Binary files differnew file mode 100644 index 0000000..7771dc7 --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoIP2-Country.mmdb diff --git a/bin/tests/system/geoip2/data/GeoIP2-Domain.json b/bin/tests/system/geoip2/data/GeoIP2-Domain.json new file mode 100644 index 0000000..fb8e914 --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoIP2-Domain.json @@ -0,0 +1,72 @@ +[ + { + "::10.53.0.1/128" : { + "domain" : "one.de" + } + }, + { + "::10.53.0.2/128" : { + "domain" : "two.com" + } + }, + { + "::10.53.0.3/128" : { + "domain" : "three.com" + } + }, + { + "::10.53.0.4/128" : { + "domain" : "four.edu" + } + }, + { + "::10.53.0.5/128" : { + "domain" : "five.es" + } + }, + { + "::10.53.0.6/128" : { + "domain" : "six.it" + } + }, + { + "::10.53.0.7/128" : { + "domain" : "seven.org" + } + }, + { + "fd92:7065:b8e:ffff::1/128" : { + "domain" : "one.de" + } + }, + { + "fd92:7065:b8e:ffff::2/128" : { + "domain" : "two.com" + } + }, + { + "fd92:7065:b8e:ffff::3/128" : { + "domain" : "three.com" + } + }, + { + "fd92:7065:b8e:ffff::4/128" : { + "domain" : "four.edu" + } + }, + { + "fd92:7065:b8e:ffff::5/128" : { + "domain" : "five.es" + } + }, + { + "fd92:7065:b8e:ffff::6/128" : { + "domain" : "six.it" + } + }, + { + "fd92:7065:b8e:ffff::7/128" : { + "domain" : "seven.org" + } + } +] diff --git a/bin/tests/system/geoip2/data/GeoIP2-Domain.mmdb b/bin/tests/system/geoip2/data/GeoIP2-Domain.mmdb Binary files differnew file mode 100644 index 0000000..fe93dec --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoIP2-Domain.mmdb diff --git a/bin/tests/system/geoip2/data/GeoIP2-ISP.json b/bin/tests/system/geoip2/data/GeoIP2-ISP.json new file mode 100644 index 0000000..c6b0a5d --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoIP2-ISP.json @@ -0,0 +1,86 @@ +[ + { + "::10.53.0.1/128" : { + "isp" : "One Systems, Inc.", + "organization" : "One Systems, Inc." + } + }, + { + "::10.53.0.2/128" : { + "isp" : "Two Technology Ltd.", + "organization" : "Two Technology Ltd." + } + }, + { + "::10.53.0.3/128" : { + "isp" : "Three Network Labs", + "organization" : "Three Network Labs" + } + }, + { + "::10.53.0.4/128" : { + "isp" : "Four University", + "organization" : "Four University" + } + }, + { + "::10.53.0.5/128" : { + "isp" : "Five Telecom", + "organization" : "Five Telecom" + } + }, + { + "::10.53.0.6/128" : { + "isp" : "Six Company", + "organization" : "Six Company" + } + }, + { + "::10.53.0.7/128" : { + "isp" : "Seven Communications", + "organization" : "Seven Communications" + } + }, + { + "fd92:7065:b8e:ffff::1/128" : { + "isp" : "One Systems, Inc.", + "organization" : "One Systems, Inc." + } + }, + { + "fd92:7065:b8e:ffff::2/128" : { + "isp" : "Two Technology Ltd.", + "organization" : "Two Technology Ltd." + } + }, + { + "fd92:7065:b8e:ffff::3/128" : { + "isp" : "Three Network Labs", + "organization" : "Three Network Labs" + } + }, + { + "fd92:7065:b8e:ffff::4/128" : { + "isp" : "Four University", + "organization" : "Four University" + } + }, + { + "fd92:7065:b8e:ffff::5/128" : { + "isp" : "Five Telecom", + "organization" : "Five Telecom" + } + }, + { + "fd92:7065:b8e:ffff::6/128" : { + "isp" : "Six Company", + "organization" : "Six Company" + } + }, + { + "fd92:7065:b8e:ffff::7/128" : { + "isp" : "Seven Communications", + "organization" : "Seven Communications" + } + } +] diff --git a/bin/tests/system/geoip2/data/GeoIP2-ISP.mmdb b/bin/tests/system/geoip2/data/GeoIP2-ISP.mmdb Binary files differnew file mode 100644 index 0000000..73f0718 --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoIP2-ISP.mmdb diff --git a/bin/tests/system/geoip2/data/GeoLite2-ASN.json b/bin/tests/system/geoip2/data/GeoLite2-ASN.json new file mode 100644 index 0000000..8fad0ce --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoLite2-ASN.json @@ -0,0 +1,86 @@ +[ + { + "::10.53.0.1/128" : { + "autonomous_system_number" : 100001, + "autonomous_system_organization" : "One Systems, Inc." + } + }, + { + "::10.53.0.2/128" : { + "autonomous_system_number" : 100002, + "autonomous_system_organization" : "Two Technology Ltd." + } + }, + { + "::10.53.0.3/128" : { + "autonomous_system_number" : 100003, + "autonomous_system_organization" : "Three Network Labs" + } + }, + { + "::10.53.0.4/128" : { + "autonomous_system_number" : 100004, + "autonomous_system_organization" : "Four University" + } + }, + { + "::10.53.0.5/128" : { + "autonomous_system_number" : 100005, + "autonomous_system_organization" : "Five Telecom" + } + }, + { + "::10.53.0.6/128" : { + "autonomous_system_number" : 100006, + "autonomous_system_organization" : "Six Company" + } + }, + { + "::10.53.0.7/128" : { + "autonomous_system_number" : 100007, + "autonomous_system_organization" : "Seven Communications" + } + }, + { + "fd92:7065:b8e:ffff::1/128" : { + "autonomous_system_number" : 100001, + "autonomous_system_organization" : "One Systems, Inc." + } + }, + { + "fd92:7065:b8e:ffff::2/128" : { + "autonomous_system_number" : 100002, + "autonomous_system_organization" : "Two Technology Ltd." + } + }, + { + "fd92:7065:b8e:ffff::3/128" : { + "autonomous_system_number" : 100003, + "autonomous_system_organization" : "Three Network Labs" + } + }, + { + "fd92:7065:b8e:ffff::4/128" : { + "autonomous_system_number" : 100004, + "autonomous_system_organization" : "Four University" + } + }, + { + "fd92:7065:b8e:ffff::5/128" : { + "autonomous_system_number" : 100005, + "autonomous_system_organization" : "Five Telecom" + } + }, + { + "fd92:7065:b8e:ffff::6/128" : { + "autonomous_system_number" : 100006, + "autonomous_system_organization" : "Six Company" + } + }, + { + "fd92:7065:b8e:ffff::7/128" : { + "autonomous_system_number" : 100007, + "autonomous_system_organization" : "Seven Communications" + } + } +] diff --git a/bin/tests/system/geoip2/data/GeoLite2-ASN.mmdb b/bin/tests/system/geoip2/data/GeoLite2-ASN.mmdb Binary files differnew file mode 100644 index 0000000..05260c0 --- /dev/null +++ b/bin/tests/system/geoip2/data/GeoLite2-ASN.mmdb diff --git a/bin/tests/system/geoip2/data/README.md b/bin/tests/system/geoip2/data/README.md new file mode 100644 index 0000000..e326843 --- /dev/null +++ b/bin/tests/system/geoip2/data/README.md @@ -0,0 +1,23 @@ +Copyright (C) Internet Systems Consortium, Inc. ("ISC") + +SPDX-License-Identifier: MPL-2.0 + +This Source Code Form is subject to the terms of the Mozilla Public +License, v. 2.0. If a copy of the MPL was not distributed with this +file, you can obtain one at https://mozilla.org/MPL/2.0/. + +See the COPYRIGHT file distributed with this work for additional +information regarding copyright ownership. + +##### Test MMDB databases + +This directory contains test versions of the GeoIP2/GeoLite2 CIty, +Country, Domain, ISP, and ASN databases. The `.mmdb` files are built +from the corresponding `.json` source files; to regenerate them, modify +the source files and run `perl write-test-data.pl`. + +This script is adapted from one in +[https://github.com/maxmind/MaxMind-DB](https://github.com/maxmind/MaxMind-DB). +It depends on the MaxMind:DB:Writer module, which can be found in +CPAN or at +[https://github.com/maxmind/MaxMind-DB-Writer-perl](https://github.com/maxmind/MaxMind-DB-Writer-perl) . diff --git a/bin/tests/system/geoip2/data/write-test-data.pl b/bin/tests/system/geoip2/data/write-test-data.pl new file mode 100755 index 0000000..d12a014 --- /dev/null +++ b/bin/tests/system/geoip2/data/write-test-data.pl @@ -0,0 +1,194 @@ +#!/usr/bin/env perl + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +use strict; +use warnings; +use autodie; +use utf8; + +use Carp qw( croak ); +use Cwd qw( abs_path ); +use File::Basename qw( dirname ); +use File::Slurper qw( read_binary write_binary ); +use Cpanel::JSON::XS qw( decode_json ); +use Math::Int128 qw( MAX_UINT128 string_to_uint128 uint128 ); +use MaxMind::DB::Writer::Serializer 0.100004; +use MaxMind::DB::Writer::Tree 0.100004; +use MaxMind::DB::Writer::Util qw( key_for_data ); +use Net::Works::Network; +use Test::MaxMind::DB::Common::Util qw( standard_test_metadata ); + +my $Dir = dirname( abs_path($0) ); + +sub main { + write_geoip2_dbs(); +} + +sub write_geoip2_dbs { + _write_geoip2_db( @{$_}[ 0, 1 ], 'Test' ) + for ( + ['GeoIP2-City'], + ['GeoIP2-Country'], + ['GeoIP2-Domain'], + ['GeoIP2-ISP'], + ['GeoLite2-ASN'], + ); +} + +sub _universal_map_key_type_callback { + my $map = { + + # languages + de => 'utf8_string', + en => 'utf8_string', + es => 'utf8_string', + fr => 'utf8_string', + ja => 'utf8_string', + 'pt-BR' => 'utf8_string', + ru => 'utf8_string', + 'zh-CN' => 'utf8_string', + + # production + accuracy_radius => 'uint16', + autonomous_system_number => 'uint32', + autonomous_system_organization => 'utf8_string', + average_income => 'uint32', + city => 'map', + code => 'utf8_string', + confidence => 'uint16', + connection_type => 'utf8_string', + continent => 'map', + country => 'map', + domain => 'utf8_string', + geoname_id => 'uint32', + ipv4_24 => 'uint32', + ipv4_32 => 'uint32', + ipv6_32 => 'uint32', + ipv6_48 => 'uint32', + ipv6_64 => 'uint32', + is_anonymous => 'boolean', + is_anonymous_proxy => 'boolean', + is_anonymous_vpn => 'boolean', + is_hosting_provider => 'boolean', + is_in_european_union => 'boolean', + is_legitimate_proxy => 'boolean', + is_public_proxy => 'boolean', + is_satellite_provider => 'boolean', + is_tor_exit_node => 'boolean', + iso_code => 'utf8_string', + isp => 'utf8_string', + latitude => 'double', + location => 'map', + longitude => 'double', + metro_code => 'uint16', + names => 'map', + organization => 'utf8_string', + population_density => 'uint32', + postal => 'map', + registered_country => 'map', + represented_country => 'map', + subdivisions => [ 'array', 'map' ], + time_zone => 'utf8_string', + traits => 'map', + traits => 'map', + type => 'utf8_string', + user_type => 'utf8_string', + + # for testing only + foo => 'utf8_string', + bar => 'utf8_string', + buzz => 'utf8_string', + our_value => 'utf8_string', + }; + + my $callback = sub { + my $key = shift; + + return $map->{$key} || die <<"ERROR"; +Unknown tree key '$key'. + +The universal_map_key_type_callback doesn't know what type to use for the passed +key. If you are adding a new key that will be used in a frozen tree / mmdb then +you should update the mapping in both our internal code and here. +ERROR + }; + + return $callback; +} + +sub _write_geoip2_db { + my $type = shift; + my $populate_all_networks_with_data = shift; + my $description = shift; + + my $writer = MaxMind::DB::Writer::Tree->new( + ip_version => 6, + record_size => 28, + ip_version => 6, + database_type => $type, + languages => [ 'en', $type eq 'GeoIP2-City' ? ('zh') : () ], + description => { + en => ( $type =~ s/-/ /gr ) + . " $description Database (fake GeoIP2 data, for example purposes only)", + $type eq 'GeoIP2-City' ? ( zh => '小型数据库' ) : (), + }, + alias_ipv6_to_ipv4 => 1, + map_key_type_callback => _universal_map_key_type_callback(), + remove_reserved_networks => 0, + ); + + _populate_all_networks( $writer, $populate_all_networks_with_data ) + if $populate_all_networks_with_data; + + my $value = shift; + my $nodes + = decode_json( read_binary("$Dir/$type.json") ); + + for my $node (@$nodes) { + for my $network ( keys %$node ) { + $writer->insert_network( + Net::Works::Network->new_from_string( string => $network ), + $node->{$network} + ); + } + } + + open my $output_fh, '>', "$Dir/$type.mmdb"; + $writer->write_tree($output_fh); + close $output_fh; + + return; +} + +sub _populate_all_networks { + my $writer = shift; + my $data = shift; + + my $max_uint128 = uint128(0) - 1; + my @networks = Net::Works::Network->range_as_subnets( + Net::Works::Address->new_from_integer( + integer => 0, + version => 6, + ), + Net::Works::Address->new_from_integer( + integer => $max_uint128, + version => 6, + ), + ); + + for my $network (@networks) { + $writer->insert_network( $network => $data ); + } +} + +main(); diff --git a/bin/tests/system/geoip2/ns2/example.db.in b/bin/tests/system/geoip2/ns2/example.db.in new file mode 100644 index 0000000..fa3874c --- /dev/null +++ b/bin/tests/system/geoip2/ns2/example.db.in @@ -0,0 +1,21 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2000042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns2 +ns2 A 10.53.0.2 diff --git a/bin/tests/system/geoip2/ns2/named1.conf.in b/bin/tests/system/geoip2/ns2/named1.conf.in new file mode 100644 index 0000000..8c5784a --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named1.conf.in @@ -0,0 +1,108 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip db country country AU; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip db country country US; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip db country country GB; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip db country country CA; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip db country country CL; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip db country country DE; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip db country country EH; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view other { + match-clients { geoip db country country O1; }; + zone "example" { + type primary; + file "exampleother.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named10.conf.in b/bin/tests/system/geoip2/ns2/named10.conf.in new file mode 100644 index 0000000..da3f9cd --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named10.conf.in @@ -0,0 +1,100 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip asnum 100001; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip asnum 100002; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip asnum 100003; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip asnum 100004; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip asnum 100005; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip asnum 100006; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip asnum 100007; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named11.conf.in b/bin/tests/system/geoip2/ns2/named11.conf.in new file mode 100644 index 0000000..578a484 --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named11.conf.in @@ -0,0 +1,100 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip domain one.de; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip domain two.com; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip domain three.com; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip domain four.edu; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip domain five.es; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip domain six.it; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip domain seven.org; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named12.conf.in b/bin/tests/system/geoip2/ns2/named12.conf.in new file mode 100644 index 0000000..9c90c79 --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named12.conf.in @@ -0,0 +1,41 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +acl blocking { + geoip db country country AU; +}; + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; + blackhole { blocking; }; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; diff --git a/bin/tests/system/geoip2/ns2/named2.conf.in b/bin/tests/system/geoip2/ns2/named2.conf.in new file mode 100644 index 0000000..5ca5fcf --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named2.conf.in @@ -0,0 +1,108 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 127.0.0.1; 10.53.0.2; }; + listen-on-v6 { ::1; fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +acl gAU { geoip db country country AU; }; +acl gUS { geoip db country country US; }; +acl gGB { geoip db country country GB; }; +acl gCA { geoip db country country CA; }; +acl gCL { geoip db country country CL; }; +acl gDE { geoip db country country DE; }; +acl gEH { geoip db country country EH; }; + +view one { + match-clients { gAU; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { gUS; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { gGB; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { gCA; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { gCL; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { gDE; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { gEH; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "examplebogus.db"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named3.conf.in b/bin/tests/system/geoip2/ns2/named3.conf.in new file mode 100644 index 0000000..295122a --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named3.conf.in @@ -0,0 +1,100 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip db country country Australia; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip db country country "United States"; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip db country country "United Kingdom"; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip db country country Canada; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip db country country Chile; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip db country country Germany; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip db country country "Western Sahara"; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named4.conf.in b/bin/tests/system/geoip2/ns2/named4.conf.in new file mode 100644 index 0000000..efdcaeb --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named4.conf.in @@ -0,0 +1,84 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip db country continent OC; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip db country continent NA; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip db country continent EU; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view five { + match-clients { geoip db country continent SA; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view seven { + match-clients { geoip db country continent AF; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named5.conf.in b/bin/tests/system/geoip2/ns2/named5.conf.in new file mode 100644 index 0000000..675dc18 --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named5.conf.in @@ -0,0 +1,92 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip region CA; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view three { + match-clients { geoip region OK; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip region VA; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip region GA; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip region CO; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip region AK; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named6.conf.in b/bin/tests/system/geoip2/ns2/named6.conf.in new file mode 100644 index 0000000..456462f --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named6.conf.in @@ -0,0 +1,100 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip city "Redwood City"; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip city "Santa Cruz"; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip city "Oklahoma City"; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip city "Ashland"; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip city "Atlanta"; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip city "Morrison"; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip city "Ketchikan"; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named7.conf.in b/bin/tests/system/geoip2/ns2/named7.conf.in new file mode 100644 index 0000000..b248e02 --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named7.conf.in @@ -0,0 +1,100 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip isp "One Systems, Inc."; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip isp "Two Technology Ltd."; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip isp "Three Network Labs"; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip isp "Four University"; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip isp "Five Telecom"; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip isp "Six Company"; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip isp "Seven Communications"; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named8.conf.in b/bin/tests/system/geoip2/ns2/named8.conf.in new file mode 100644 index 0000000..26660b5 --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named8.conf.in @@ -0,0 +1,100 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip org "One Systems, Inc."; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip org "Two Technology Ltd."; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip org "Three Network Labs"; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip org "Four University"; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip org "Five Telecom"; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip org "Six Company"; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip org "Seven Communications"; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/ns2/named9.conf.in b/bin/tests/system/geoip2/ns2/named9.conf.in new file mode 100644 index 0000000..392879b --- /dev/null +++ b/bin/tests/system/geoip2/ns2/named9.conf.in @@ -0,0 +1,100 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS2 + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { fd92:7065:b8e:ffff::2; }; + recursion no; + dnssec-validation no; + geoip-directory "../data"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view one { + match-clients { geoip asnum "AS100001"; }; + zone "example" { + type primary; + file "example1.db"; + }; +}; + +view two { + match-clients { geoip asnum "AS100002"; }; + zone "example" { + type primary; + file "example2.db"; + }; +}; + +view three { + match-clients { geoip asnum "AS100003"; }; + zone "example" { + type primary; + file "example3.db"; + }; +}; + +view four { + match-clients { geoip asnum "AS100004"; }; + zone "example" { + type primary; + file "example4.db"; + }; +}; + +view five { + match-clients { geoip asnum "AS100005"; }; + zone "example" { + type primary; + file "example5.db"; + }; +}; + +view six { + match-clients { geoip asnum "AS100006"; }; + zone "example" { + type primary; + file "example6.db"; + }; +}; + +view seven { + match-clients { geoip asnum "AS100007"; }; + zone "example" { + type primary; + file "example7.db"; + }; +}; + +view none { + match-clients { any; }; + zone "example" { + type primary; + file "example.db.in"; + }; +}; diff --git a/bin/tests/system/geoip2/prereq.sh b/bin/tests/system/geoip2/prereq.sh new file mode 100644 index 0000000..8d8528f --- /dev/null +++ b/bin/tests/system/geoip2/prereq.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$FEATURETEST --have-geoip2 || { + echo_i "This test requires GeoIP support." >&2 + exit 255 +} +exit 0 diff --git a/bin/tests/system/geoip2/setup.sh b/bin/tests/system/geoip2/setup.sh new file mode 100644 index 0000000..22d3c46 --- /dev/null +++ b/bin/tests/system/geoip2/setup.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +copy_setports ns2/named1.conf.in ns2/named.conf + +for i in 1 2 3 4 5 6 7 other bogus; do + cp ns2/example.db.in ns2/example${i}.db + echo "@ IN TXT \"$i\"" >> ns2/example$i.db +done diff --git a/bin/tests/system/geoip2/tests.sh b/bin/tests/system/geoip2/tests.sh new file mode 100644 index 0000000..77b6f93 --- /dev/null +++ b/bin/tests/system/geoip2/tests.sh @@ -0,0 +1,489 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +status=0 +n=0 + +rm -f dig.out.* + +DIGOPTS="+tcp +short -p ${PORT} @10.53.0.2" +DIGOPTS6="+tcp +short -p ${PORT} @fd92:7065:b8e:ffff::2 -6" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + +for conf in conf/good*.conf +do + n=`expr $n + 1` + echo_i "checking that $conf is accepted ($n)" + ret=0 + $CHECKCONF "$conf" || ret=1 + if [ $ret != 0 ]; then echo_i "failed"; fi + status=`expr $status + $ret` +done + +for conf in conf/bad*.conf +do + n=`expr $n + 1` + echo_i "checking that $conf is rejected ($n)" + ret=0 + $CHECKCONF "$conf" >/dev/null && ret=1 + if [ $ret != 0 ]; then echo_i "failed"; fi + status=`expr $status + $ret` +done + +n=`expr $n + 1` +echo_i "checking Country database by code using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking Country database by code using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 country code test" +fi + +echo_i "reloading server" +copy_setports ns2/named2.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking Country database with nested ACLs using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking Country database with nested ACLs using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 country nested ACL test" +fi + +echo_i "reloading server" +copy_setports ns2/named3.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking Country database by name using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking Country database by name using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 country name test" +fi + +echo_i "reloading server" +copy_setports ns2/named4.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking Country database by continent code using IPv4 ($n)" +ret=0 +lret=0 +# deliberately skipping 4 and 6 as they have duplicate continents +for i in 1 2 3 5 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking Country database by continent code using IPv6 ($n)" + ret=0 + lret=0 + # deliberately skipping 4 and 6 as they have duplicate continents + for i in 1 2 3 5 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 continent code test" +fi + +echo_i "reloading server" +copy_setports ns2/named5.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking City database by region code using IPv4 ($n)" +ret=0 +lret=0 +# skipping 2 on purpose here; it has the same region code as 1 +for i in 1 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking City database by region code using IPv6 ($n)" + ret=0 + lret=0 +# skipping 2 on purpose here; it has the same region code as 1 + for i in 1 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 region code test" +fi + +n=`expr $n + 1` +echo_i "reloading server" +copy_setports ns2/named6.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking City database by city name using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking City database by city name using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 city test" +fi + +echo_i "reloading server" +copy_setports ns2/named7.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking ISP database using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking ISP database using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 ISP test" +fi + +echo_i "reloading server" +copy_setports ns2/named8.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking ASN database by org name using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking ASN database by org name using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 ASN test" +fi + +echo_i "reloading server" +copy_setports ns2/named9.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking GeoIP6 ASN database, ASNNNN only, using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking ASN database, ASNNNN only, using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 ASN test" +fi + +echo_i "reloading server" +copy_setports ns2/named10.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking GeoIP6 ASN database, NNNN only, using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking ASN database, NNNN only, using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 ASN test" +fi + +echo_i "reloading server" +copy_setports ns2/named11.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking Domain database using IPv4 ($n)" +ret=0 +lret=0 +for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break +done +[ $lret -eq 1 ] && ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +if testsock6 fd92:7065:b8e:ffff::3 +then + n=`expr $n + 1` + echo_i "checking Domain database using IPv6 ($n)" + ret=0 + lret=0 + for i in 1 2 3 4 5 6 7; do + $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::$i > dig.out.ns2.test$n.$i || lret=1 + j=`cat dig.out.ns2.test$n.$i | tr -d '"'` + [ "$i" = "$j" ] || lret=1 + [ $lret -eq 1 ] && break + done + [ $lret -eq 1 ] && ret=1 + [ $ret -eq 0 ] || echo_i "failed" + status=`expr $status + $ret` +else + echo_i "IPv6 unavailable; skipping IPv6 Domain test" +fi + +echo_i "reloading server" +copy_setports ns2/named12.conf.in ns2/named.conf +$CHECKCONF ns2/named.conf | cat_i +rndc_reload ns2 10.53.0.2 +sleep 3 + +n=`expr $n + 1` +echo_i "checking geoip blackhole ACL ($n)" +ret=0 +$DIG $DIGOPTS txt example -b 10.53.0.7 > dig.out.ns2.test$n || ret=1 +$RNDCCMD 10.53.0.2 status 2>&1 > rndc.out.ns2.test$n || ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +echo_i "exit status: $status" +[ $status -eq 0 ] || exit 1 |