From e2fc8e037ea6bb5de92b25ec9c12a624737ac5ca Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 8 Apr 2024 18:41:29 +0200 Subject: Merging upstream version 1:9.18.24. Signed-off-by: Daniel Baumann --- bin/tests/system/allow-query/ns2/named01.conf.in | 2 +- bin/tests/system/allow-query/ns2/named02.conf.in | 2 +- bin/tests/system/allow-query/ns2/named03.conf.in | 2 +- bin/tests/system/allow-query/ns2/named04.conf.in | 2 +- bin/tests/system/allow-query/ns2/named05.conf.in | 2 +- bin/tests/system/allow-query/ns2/named06.conf.in | 2 +- bin/tests/system/allow-query/ns2/named07.conf.in | 2 +- bin/tests/system/allow-query/ns2/named08.conf.in | 2 +- bin/tests/system/allow-query/ns2/named09.conf.in | 2 +- bin/tests/system/allow-query/ns2/named10.conf.in | 2 +- bin/tests/system/allow-query/ns2/named11.conf.in | 2 +- bin/tests/system/allow-query/ns2/named12.conf.in | 2 +- bin/tests/system/allow-query/ns2/named21.conf.in | 2 +- bin/tests/system/allow-query/ns2/named22.conf.in | 2 +- bin/tests/system/allow-query/ns2/named23.conf.in | 2 +- bin/tests/system/allow-query/ns2/named24.conf.in | 2 +- bin/tests/system/allow-query/ns2/named25.conf.in | 2 +- bin/tests/system/allow-query/ns2/named26.conf.in | 2 +- bin/tests/system/allow-query/ns2/named27.conf.in | 2 +- bin/tests/system/allow-query/ns2/named28.conf.in | 2 +- bin/tests/system/allow-query/ns2/named29.conf.in | 2 +- bin/tests/system/allow-query/ns2/named30.conf.in | 2 +- bin/tests/system/allow-query/ns2/named31.conf.in | 2 +- bin/tests/system/allow-query/ns2/named32.conf.in | 2 +- bin/tests/system/allow-query/ns2/named33.conf.in | 2 +- bin/tests/system/allow-query/ns2/named34.conf.in | 2 +- bin/tests/system/allow-query/ns2/named40.conf.in | 2 +- bin/tests/system/allow-query/ns2/named53.conf.in | 2 +- bin/tests/system/allow-query/ns2/named54.conf.in | 2 +- bin/tests/system/allow-query/ns2/named55.conf.in | 2 +- bin/tests/system/allow-query/ns2/named56.conf.in | 2 +- bin/tests/system/allow-query/ns2/named57.conf.in | 2 +- bin/tests/system/allow-query/ns3/named1.conf.in | 2 +- bin/tests/system/allow-query/ns3/named2.conf.in | 2 +- bin/tests/system/allow-query/ns3/named3.conf.in | 2 +- bin/tests/system/allow-query/ns3/named4.conf.in | 2 +- bin/tests/system/allow-query/setup.sh | 8 +- bin/tests/system/allow-query/tests.sh | 419 ++++++++++----------- .../system/allow-query/tests_sh_allow_query.py | 14 + .../system/allow-query/tests_sh_allowquery.py | 14 - 40 files changed, 263 insertions(+), 264 deletions(-) create mode 100644 bin/tests/system/allow-query/tests_sh_allow_query.py delete mode 100644 bin/tests/system/allow-query/tests_sh_allowquery.py (limited to 'bin/tests/system/allow-query') diff --git a/bin/tests/system/allow-query/ns2/named01.conf.in b/bin/tests/system/allow-query/ns2/named01.conf.in index 3069010..fec3ddd 100644 --- a/bin/tests/system/allow-query/ns2/named01.conf.in +++ b/bin/tests/system/allow-query/ns2/named01.conf.in @@ -24,7 +24,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named02.conf.in b/bin/tests/system/allow-query/ns2/named02.conf.in index 678c417..95a78b2 100644 --- a/bin/tests/system/allow-query/ns2/named02.conf.in +++ b/bin/tests/system/allow-query/ns2/named02.conf.in @@ -25,7 +25,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named03.conf.in b/bin/tests/system/allow-query/ns2/named03.conf.in index cdc64ff..fd6add2 100644 --- a/bin/tests/system/allow-query/ns2/named03.conf.in +++ b/bin/tests/system/allow-query/ns2/named03.conf.in @@ -25,7 +25,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named04.conf.in b/bin/tests/system/allow-query/ns2/named04.conf.in index 0544662..f6d231d 100644 --- a/bin/tests/system/allow-query/ns2/named04.conf.in +++ b/bin/tests/system/allow-query/ns2/named04.conf.in @@ -25,7 +25,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named05.conf.in b/bin/tests/system/allow-query/ns2/named05.conf.in index 6f92049..fe6cc0c 100644 --- a/bin/tests/system/allow-query/ns2/named05.conf.in +++ b/bin/tests/system/allow-query/ns2/named05.conf.in @@ -25,7 +25,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named06.conf.in b/bin/tests/system/allow-query/ns2/named06.conf.in index 261c75b..1f78f13 100644 --- a/bin/tests/system/allow-query/ns2/named06.conf.in +++ b/bin/tests/system/allow-query/ns2/named06.conf.in @@ -25,7 +25,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named07.conf.in b/bin/tests/system/allow-query/ns2/named07.conf.in index 8050fa2..15dca8f 100644 --- a/bin/tests/system/allow-query/ns2/named07.conf.in +++ b/bin/tests/system/allow-query/ns2/named07.conf.in @@ -27,7 +27,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named08.conf.in b/bin/tests/system/allow-query/ns2/named08.conf.in index ffa4cdc..c2eed2d 100644 --- a/bin/tests/system/allow-query/ns2/named08.conf.in +++ b/bin/tests/system/allow-query/ns2/named08.conf.in @@ -27,7 +27,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named09.conf.in b/bin/tests/system/allow-query/ns2/named09.conf.in index 49166e6..248da9e 100644 --- a/bin/tests/system/allow-query/ns2/named09.conf.in +++ b/bin/tests/system/allow-query/ns2/named09.conf.in @@ -27,7 +27,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named10.conf.in b/bin/tests/system/allow-query/ns2/named10.conf.in index d684c2d..774dace 100644 --- a/bin/tests/system/allow-query/ns2/named10.conf.in +++ b/bin/tests/system/allow-query/ns2/named10.conf.in @@ -30,7 +30,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named11.conf.in b/bin/tests/system/allow-query/ns2/named11.conf.in index 59b9e0e..c860aed 100644 --- a/bin/tests/system/allow-query/ns2/named11.conf.in +++ b/bin/tests/system/allow-query/ns2/named11.conf.in @@ -36,7 +36,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named12.conf.in b/bin/tests/system/allow-query/ns2/named12.conf.in index a8e9107..1d9c5d5 100644 --- a/bin/tests/system/allow-query/ns2/named12.conf.in +++ b/bin/tests/system/allow-query/ns2/named12.conf.in @@ -30,7 +30,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named21.conf.in b/bin/tests/system/allow-query/ns2/named21.conf.in index c6204a3..b120f2a 100644 --- a/bin/tests/system/allow-query/ns2/named21.conf.in +++ b/bin/tests/system/allow-query/ns2/named21.conf.in @@ -26,7 +26,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named22.conf.in b/bin/tests/system/allow-query/ns2/named22.conf.in index 454f24a..37ccedc 100644 --- a/bin/tests/system/allow-query/ns2/named22.conf.in +++ b/bin/tests/system/allow-query/ns2/named22.conf.in @@ -28,7 +28,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named23.conf.in b/bin/tests/system/allow-query/ns2/named23.conf.in index f62337b..c43e232 100644 --- a/bin/tests/system/allow-query/ns2/named23.conf.in +++ b/bin/tests/system/allow-query/ns2/named23.conf.in @@ -28,7 +28,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named24.conf.in b/bin/tests/system/allow-query/ns2/named24.conf.in index 1e277a9..6cdbeec 100644 --- a/bin/tests/system/allow-query/ns2/named24.conf.in +++ b/bin/tests/system/allow-query/ns2/named24.conf.in @@ -28,7 +28,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named25.conf.in b/bin/tests/system/allow-query/ns2/named25.conf.in index 0548af2..51e247c 100644 --- a/bin/tests/system/allow-query/ns2/named25.conf.in +++ b/bin/tests/system/allow-query/ns2/named25.conf.in @@ -28,7 +28,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named26.conf.in b/bin/tests/system/allow-query/ns2/named26.conf.in index 40e5dfd..a72136c 100644 --- a/bin/tests/system/allow-query/ns2/named26.conf.in +++ b/bin/tests/system/allow-query/ns2/named26.conf.in @@ -28,7 +28,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named27.conf.in b/bin/tests/system/allow-query/ns2/named27.conf.in index 92fa1f8..4c3f958 100644 --- a/bin/tests/system/allow-query/ns2/named27.conf.in +++ b/bin/tests/system/allow-query/ns2/named27.conf.in @@ -30,7 +30,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named28.conf.in b/bin/tests/system/allow-query/ns2/named28.conf.in index 2ecac7c..8db4555 100644 --- a/bin/tests/system/allow-query/ns2/named28.conf.in +++ b/bin/tests/system/allow-query/ns2/named28.conf.in @@ -30,7 +30,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named29.conf.in b/bin/tests/system/allow-query/ns2/named29.conf.in index 9a6c9e5..2031a6e 100644 --- a/bin/tests/system/allow-query/ns2/named29.conf.in +++ b/bin/tests/system/allow-query/ns2/named29.conf.in @@ -30,7 +30,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named30.conf.in b/bin/tests/system/allow-query/ns2/named30.conf.in index f7084c8..e57b7ab 100644 --- a/bin/tests/system/allow-query/ns2/named30.conf.in +++ b/bin/tests/system/allow-query/ns2/named30.conf.in @@ -33,7 +33,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named31.conf.in b/bin/tests/system/allow-query/ns2/named31.conf.in index d6a7af5..776cbb7 100644 --- a/bin/tests/system/allow-query/ns2/named31.conf.in +++ b/bin/tests/system/allow-query/ns2/named31.conf.in @@ -40,7 +40,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named32.conf.in b/bin/tests/system/allow-query/ns2/named32.conf.in index b7d7ee4..35dfb6e 100644 --- a/bin/tests/system/allow-query/ns2/named32.conf.in +++ b/bin/tests/system/allow-query/ns2/named32.conf.in @@ -33,7 +33,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named33.conf.in b/bin/tests/system/allow-query/ns2/named33.conf.in index be31b72..3721e62 100644 --- a/bin/tests/system/allow-query/ns2/named33.conf.in +++ b/bin/tests/system/allow-query/ns2/named33.conf.in @@ -29,7 +29,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named34.conf.in b/bin/tests/system/allow-query/ns2/named34.conf.in index 165ff06..09125ef 100644 --- a/bin/tests/system/allow-query/ns2/named34.conf.in +++ b/bin/tests/system/allow-query/ns2/named34.conf.in @@ -29,7 +29,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named40.conf.in b/bin/tests/system/allow-query/ns2/named40.conf.in index b7a8746..10e0818 100644 --- a/bin/tests/system/allow-query/ns2/named40.conf.in +++ b/bin/tests/system/allow-query/ns2/named40.conf.in @@ -38,7 +38,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named53.conf.in b/bin/tests/system/allow-query/ns2/named53.conf.in index bd0af28..d3463b2 100644 --- a/bin/tests/system/allow-query/ns2/named53.conf.in +++ b/bin/tests/system/allow-query/ns2/named53.conf.in @@ -25,7 +25,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named54.conf.in b/bin/tests/system/allow-query/ns2/named54.conf.in index a6ca424..5dddf89 100644 --- a/bin/tests/system/allow-query/ns2/named54.conf.in +++ b/bin/tests/system/allow-query/ns2/named54.conf.in @@ -25,7 +25,7 @@ include "controls.conf"; zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named55.conf.in b/bin/tests/system/allow-query/ns2/named55.conf.in index 6bcba07..4a0880f 100644 --- a/bin/tests/system/allow-query/ns2/named55.conf.in +++ b/bin/tests/system/allow-query/ns2/named55.conf.in @@ -28,7 +28,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named56.conf.in b/bin/tests/system/allow-query/ns2/named56.conf.in index d89a5fb..564063b 100644 --- a/bin/tests/system/allow-query/ns2/named56.conf.in +++ b/bin/tests/system/allow-query/ns2/named56.conf.in @@ -28,7 +28,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns2/named57.conf.in b/bin/tests/system/allow-query/ns2/named57.conf.in index bcc3a85..db5f3d0 100644 --- a/bin/tests/system/allow-query/ns2/named57.conf.in +++ b/bin/tests/system/allow-query/ns2/named57.conf.in @@ -27,7 +27,7 @@ view "internal" { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "normal.example" { diff --git a/bin/tests/system/allow-query/ns3/named1.conf.in b/bin/tests/system/allow-query/ns3/named1.conf.in index 74b9885..bc42246 100644 --- a/bin/tests/system/allow-query/ns3/named1.conf.in +++ b/bin/tests/system/allow-query/ns3/named1.conf.in @@ -31,5 +31,5 @@ controls { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; diff --git a/bin/tests/system/allow-query/ns3/named2.conf.in b/bin/tests/system/allow-query/ns3/named2.conf.in index c4a4e8f..53e73ad 100644 --- a/bin/tests/system/allow-query/ns3/named2.conf.in +++ b/bin/tests/system/allow-query/ns3/named2.conf.in @@ -34,5 +34,5 @@ controls { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; diff --git a/bin/tests/system/allow-query/ns3/named3.conf.in b/bin/tests/system/allow-query/ns3/named3.conf.in index 0e1f7b0..36b5f77 100644 --- a/bin/tests/system/allow-query/ns3/named3.conf.in +++ b/bin/tests/system/allow-query/ns3/named3.conf.in @@ -34,5 +34,5 @@ controls { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; diff --git a/bin/tests/system/allow-query/ns3/named4.conf.in b/bin/tests/system/allow-query/ns3/named4.conf.in index 36ff911..f9e88d4 100644 --- a/bin/tests/system/allow-query/ns3/named4.conf.in +++ b/bin/tests/system/allow-query/ns3/named4.conf.in @@ -34,5 +34,5 @@ controls { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; diff --git a/bin/tests/system/allow-query/setup.sh b/bin/tests/system/allow-query/setup.sh index c85676e..886c8ac 100644 --- a/bin/tests/system/allow-query/setup.sh +++ b/bin/tests/system/allow-query/setup.sh @@ -13,7 +13,7 @@ . ../conf.sh -copy_setports ../common/controls.conf.in ns2/controls.conf -copy_setports ns1/named.conf.in ns1/named.conf -copy_setports ns2/named01.conf.in ns2/named.conf -copy_setports ns3/named1.conf.in ns3/named.conf +copy_setports ../_common/controls.conf.in ns2/controls.conf +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named01.conf.in ns2/named.conf +copy_setports ns3/named1.conf.in ns3/named.conf diff --git a/bin/tests/system/allow-query/tests.sh b/bin/tests/system/allow-query/tests.sh index 3a1b8b4..cb82370 100644 --- a/bin/tests/system/allow-query/tests.sh +++ b/bin/tests/system/allow-query/tests.sh @@ -61,15 +61,15 @@ DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnss status=0 n=0 -nextpart ns2/named.run > /dev/null +nextpart ns2/named.run >/dev/null # Test 1 - default, query allowed n=$((n + 1)) echo_i "test $n: default - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -80,9 +80,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: explicit any - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -93,11 +93,11 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: none - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 -nextpart ns2/named.run | grep 'recursion not enabled for view' > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 +nextpart ns2/named.run | grep 'recursion not enabled for view' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -106,10 +106,10 @@ DIGNOEDNS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +no echo_i "test $n: none - query refused (no edns)" ret=0 -$DIG $DIGNOEDNS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null && ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGNOEDNS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null && ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -120,9 +120,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: address allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -133,10 +133,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: address not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -147,10 +147,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: address disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -161,9 +161,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: acl allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -174,14 +174,13 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: acl not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) - # Test 9 - acl disallowed, query refused n=$((n + 1)) copy_setports ns2/named09.conf.in ns2/named.conf @@ -189,10 +188,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: acl disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -203,9 +202,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: key allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -216,10 +215,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: key not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -230,10 +229,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: key disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -247,9 +246,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views default - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -260,9 +259,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views explicit any - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -273,10 +272,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views none - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -287,9 +286,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views address allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -300,10 +299,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views address not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -314,10 +313,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views address disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -328,9 +327,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views acl allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -341,10 +340,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views acl not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -355,10 +354,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views acl disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -369,9 +368,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views key allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -382,10 +381,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views key not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -396,10 +395,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views key disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -410,9 +409,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views over options, views allow - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -423,10 +422,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views over options, views disallow - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -441,9 +440,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: zone default - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -451,9 +450,9 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone explicit any - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.any.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.any.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.any.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.any.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -461,10 +460,10 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone none - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.none.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.none.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.none.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.none.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -472,9 +471,9 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone address allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.addrallow.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.addrallow.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -482,10 +481,10 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone address not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrnotallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.addrnotallow.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrnotallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.addrnotallow.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -493,10 +492,10 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone address disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrdisallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.addrdisallow.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrdisallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.addrdisallow.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -504,9 +503,9 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone acl allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.aclallow.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.aclallow.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -514,10 +513,10 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone acl not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclnotallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.aclnotallow.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclnotallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.aclnotallow.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -525,10 +524,10 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone acl disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.acldisallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.acldisallow.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.acldisallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.acldisallow.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -536,9 +535,9 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone key allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.keyallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.keyallow.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.keyallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.keyallow.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -546,10 +545,10 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone key not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.keyallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.keyallow.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.keyallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.keyallow.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -557,10 +556,10 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: zone key disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.keydisallow.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.keydisallow.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.keydisallow.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.keydisallow.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -571,9 +570,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views over options, views allow - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -584,10 +583,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: views over options, views disallow - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -598,9 +597,9 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: zones over views, views allow - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -611,10 +610,10 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: zones over views, views disallow - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -625,13 +624,13 @@ rndc_reload ns2 10.53.0.2 echo_i "test $n: zones over views, allow-query-on" ret=0 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.1.$n || ret=1 -grep 'status: NOERROR' dig.out.ns2.1.$n > /dev/null || ret=1 -grep '^a.normal.example' dig.out.ns2.1.$n > /dev/null || ret=1 -$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclnotallow.example a > dig.out.ns2.2.$n || ret=1 -grep 'status: REFUSED' dig.out.ns2.2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns2.2.$n > /dev/null || ret=1 -grep '^a.aclnotallow.example' dig.out.ns2.2.$n > /dev/null && ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a >dig.out.ns2.1.$n || ret=1 +grep 'status: NOERROR' dig.out.ns2.1.$n >/dev/null || ret=1 +grep '^a.normal.example' dig.out.ns2.1.$n >/dev/null || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclnotallow.example a >dig.out.ns2.2.$n || ret=1 +grep 'status: REFUSED' dig.out.ns2.2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns2.2.$n >/dev/null || ret=1 +grep '^a.aclnotallow.example' dig.out.ns2.2.$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -639,13 +638,13 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: default allow-recursion configuration" ret=0 -nextpart ns3/named.run > /dev/null -$DIG -p ${PORT} @10.53.0.3 -b 127.0.0.1 a.normal.example a > dig.out.ns3.1.$n -grep 'status: NOERROR' dig.out.ns3.1.$n > /dev/null || ret=1 -$DIG -p ${PORT} @10.53.0.3 -b 10.53.0.1 a.normal.example a > dig.out.ns3.2.$n -grep 'status: REFUSED' dig.out.ns3.2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n > /dev/null || ret=1 -nextpart ns3/named.run | grep 'allow-recursion did not match' > /dev/null || ret=1 +nextpart ns3/named.run >/dev/null +$DIG -p ${PORT} @10.53.0.3 -b 127.0.0.1 a.normal.example a >dig.out.ns3.1.$n +grep 'status: NOERROR' dig.out.ns3.1.$n >/dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 -b 10.53.0.1 a.normal.example a >dig.out.ns3.2.$n +grep 'status: REFUSED' dig.out.ns3.2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n >/dev/null || ret=1 +nextpart ns3/named.run | grep 'allow-recursion did not match' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -653,12 +652,12 @@ status=$((status + ret)) n=$((n + 1)) echo_i "test $n: default allow-query-cache configuration" ret=0 -$DIG -p ${PORT} @10.53.0.3 -b 127.0.0.1 ns . > dig.out.ns3.1.$n -grep 'status: NOERROR' dig.out.ns3.1.$n > /dev/null || ret=1 -$DIG -p ${PORT} @10.53.0.3 -b 10.53.0.1 ns . > dig.out.ns3.2.$n -grep 'status: REFUSED' dig.out.ns3.2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n > /dev/null || ret=1 -nextpart ns3/named.run | grep 'allow-recursion did not match' > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 -b 127.0.0.1 ns . >dig.out.ns3.1.$n +grep 'status: NOERROR' dig.out.ns3.1.$n >/dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 -b 10.53.0.1 ns . >dig.out.ns3.2.$n +grep 'status: REFUSED' dig.out.ns3.2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n >/dev/null || ret=1 +nextpart ns3/named.run | grep 'allow-recursion did not match' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -670,14 +669,14 @@ rndc_reload ns3 10.53.0.3 echo_i "test $n: block recursion-on, allow query-cache-on" ret=0 # this should query the cache, and an answer should already be there -$DIG -p ${PORT} @10.53.0.3 a.normal.example a > dig.out.ns3.1.$n -grep 'recursion requested but not available' dig.out.ns3.1.$n > /dev/null || ret=1 -grep 'ANSWER: 1' dig.out.ns3.1.$n > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 a.normal.example a >dig.out.ns3.1.$n +grep 'recursion requested but not available' dig.out.ns3.1.$n >/dev/null || ret=1 +grep 'ANSWER: 1' dig.out.ns3.1.$n >/dev/null || ret=1 # this should require recursion and therefore can't get an answer -$DIG -p ${PORT} @10.53.0.3 b.normal.example a > dig.out.ns3.2.$n -grep 'recursion requested but not available' dig.out.ns3.2.$n > /dev/null || ret=1 -grep 'ANSWER: 0' dig.out.ns3.2.$n > /dev/null || ret=1 -nextpart ns3/named.run | grep 'allow-recursion-on did not match' > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 b.normal.example a >dig.out.ns3.2.$n +grep 'recursion requested but not available' dig.out.ns3.2.$n >/dev/null || ret=1 +grep 'ANSWER: 0' dig.out.ns3.2.$n >/dev/null || ret=1 +nextpart ns3/named.run | grep 'allow-recursion-on did not match' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -689,22 +688,22 @@ rndc_reload ns3 10.53.0.3 echo_i "test $n: inheritance of allow-query-cache-on" ret=0 # this should query the cache, an answer should already be there -$DIG -p ${PORT} @10.53.0.3 a.normal.example a > dig.out.ns3.1.$n -grep 'ANSWER: 1' dig.out.ns3.1.$n > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 a.normal.example a >dig.out.ns3.1.$n +grep 'ANSWER: 1' dig.out.ns3.1.$n >/dev/null || ret=1 # this should be refused due to allow-recursion-on/allow-query-cache-on -$DIG -p ${PORT} @10.53.1.2 a.normal.example a > dig.out.ns3.2.$n -grep 'recursion requested but not available' dig.out.ns3.2.$n > /dev/null || ret=1 -grep 'status: REFUSED' dig.out.ns3.2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.1.2 a.normal.example a >dig.out.ns3.2.$n +grep 'recursion requested but not available' dig.out.ns3.2.$n >/dev/null || ret=1 +grep 'status: REFUSED' dig.out.ns3.2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n >/dev/null || ret=1 # this should require recursion and should be allowed -$DIG -p ${PORT} @10.53.0.3 c.normal.example a > dig.out.ns3.3.$n -grep 'ANSWER: 1' dig.out.ns3.3.$n > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 c.normal.example a >dig.out.ns3.3.$n +grep 'ANSWER: 1' dig.out.ns3.3.$n >/dev/null || ret=1 # this should require recursion and be refused -$DIG -p ${PORT} @10.53.1.2 d.normal.example a > dig.out.ns3.4.$n -grep 'recursion requested but not available' dig.out.ns3.4.$n > /dev/null || ret=1 -grep 'status: REFUSED' dig.out.ns3.4.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns3.4.$n > /dev/null || ret=1 -nextpart ns3/named.run | grep 'allow-recursion-on did not match' > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.1.2 d.normal.example a >dig.out.ns3.4.$n +grep 'recursion requested but not available' dig.out.ns3.4.$n >/dev/null || ret=1 +grep 'status: REFUSED' dig.out.ns3.4.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns3.4.$n >/dev/null || ret=1 +nextpart ns3/named.run | grep 'allow-recursion-on did not match' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -716,22 +715,22 @@ rndc_reload ns3 10.53.0.3 echo_i "test $n: inheritance of allow-recursion-on" ret=0 # this should query the cache, an answer should already be there -$DIG -p ${PORT} @10.53.0.3 a.normal.example a > dig.out.ns3.1.$n -grep 'ANSWER: 1' dig.out.ns3.1.$n > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 a.normal.example a >dig.out.ns3.1.$n +grep 'ANSWER: 1' dig.out.ns3.1.$n >/dev/null || ret=1 # this should be refused due to allow-recursion-on/allow-query-cache-on -$DIG -p ${PORT} @10.53.1.2 a.normal.example a > dig.out.ns3.2.$n -grep 'recursion requested but not available' dig.out.ns3.2.$n > /dev/null || ret=1 -grep 'status: REFUSED' dig.out.ns3.2.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.1.2 a.normal.example a >dig.out.ns3.2.$n +grep 'recursion requested but not available' dig.out.ns3.2.$n >/dev/null || ret=1 +grep 'status: REFUSED' dig.out.ns3.2.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n >/dev/null || ret=1 # this should require recursion and should be allowed -$DIG -p ${PORT} @10.53.0.3 e.normal.example a > dig.out.ns3.3.$n -grep 'ANSWER: 1' dig.out.ns3.3.$n > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.0.3 e.normal.example a >dig.out.ns3.3.$n +grep 'ANSWER: 1' dig.out.ns3.3.$n >/dev/null || ret=1 # this should require recursion and be refused -$DIG -p ${PORT} @10.53.1.2 f.normal.example a > dig.out.ns3.4.$n -grep 'recursion requested but not available' dig.out.ns3.4.$n > /dev/null || ret=1 -grep 'status: REFUSED' dig.out.ns3.4.$n > /dev/null || ret=1 -grep 'EDE: 18 (Prohibited)' dig.out.ns3.4.$n > /dev/null || ret=1 -nextpart ns3/named.run | grep 'allow-recursion-on did not match' > /dev/null || ret=1 +$DIG -p ${PORT} @10.53.1.2 f.normal.example a >dig.out.ns3.4.$n +grep 'recursion requested but not available' dig.out.ns3.4.$n >/dev/null || ret=1 +grep 'status: REFUSED' dig.out.ns3.4.$n >/dev/null || ret=1 +grep 'EDE: 18 (Prohibited)' dig.out.ns3.4.$n >/dev/null || ret=1 +nextpart ns3/named.run | grep 'allow-recursion-on did not match' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) diff --git a/bin/tests/system/allow-query/tests_sh_allow_query.py b/bin/tests/system/allow-query/tests_sh_allow_query.py new file mode 100644 index 0000000..7b22ee2 --- /dev/null +++ b/bin/tests/system/allow-query/tests_sh_allow_query.py @@ -0,0 +1,14 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + + +def test_allow_query(run_tests_sh): + run_tests_sh() diff --git a/bin/tests/system/allow-query/tests_sh_allowquery.py b/bin/tests/system/allow-query/tests_sh_allowquery.py deleted file mode 100644 index ce20d79..0000000 --- a/bin/tests/system/allow-query/tests_sh_allowquery.py +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright (C) Internet Systems Consortium, Inc. ("ISC") -# -# SPDX-License-Identifier: MPL-2.0 -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, you can obtain one at https://mozilla.org/MPL/2.0/. -# -# See the COPYRIGHT file distributed with this work for additional -# information regarding copyright ownership. - - -def test_allowquery(run_tests_sh): - run_tests_sh() -- cgit v1.2.3