From 830407e88f9d40d954356c3754f2647f91d5c06a Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 17:26:00 +0200 Subject: Adding upstream version 5.6.0. Signed-off-by: Daniel Baumann --- .../sets/resolver/module_policy_deny_suff_patt.rpl | 150 +++++++++++++++++++++ 1 file changed, 150 insertions(+) create mode 100644 tests/integration/deckard/sets/resolver/module_policy_deny_suff_patt.rpl (limited to 'tests/integration/deckard/sets/resolver/module_policy_deny_suff_patt.rpl') diff --git a/tests/integration/deckard/sets/resolver/module_policy_deny_suff_patt.rpl b/tests/integration/deckard/sets/resolver/module_policy_deny_suff_patt.rpl new file mode 100644 index 0000000..0197fc2 --- /dev/null +++ b/tests/integration/deckard/sets/resolver/module_policy_deny_suff_patt.rpl @@ -0,0 +1,150 @@ +do-ip6: no + +; config options + stub-addr: 1.2.3.4 + feature-list: policy=policy:add(policy.suffix(policy.DENY, {todname('nic.cz')})) + feature-list: policy=policy:add(policy.pattern(policy.DENY, '\8example[0-8]\2cz')) + query-minimization: off +CONFIG_END + +SCENARIO_BEGIN DENY policy test; uses policy.suffix, policy.pattern, todname + +RANGE_BEGIN 0 110 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR RD RA NOERROR +SECTION QUESTION +nic.cz. IN A +SECTION ANSWER +nic.cz. IN A 5.6.7.8 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR RD RA NOERROR +SECTION QUESTION +dummy.nic.cz. IN A +SECTION ANSWER +dummy.nic.cz. IN A 9.10.11.12 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR RD RA NOERROR +SECTION QUESTION +example0.cz. IN A +SECTION ANSWER +example0.cz. IN A 13.14.15.16 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR RD RA NOERROR +SECTION QUESTION +dummy.example0.cz. IN A +SECTION ANSWER +dummy.example0.cz. IN A 17.18.19.20 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR RD RA NOERROR +SECTION QUESTION +example9.cz. IN A +SECTION ANSWER +example9.cz. IN A 21.22.23.24 +ENTRY_END +RANGE_END + +; denied by policy.suffix(policy.DENY, {todname('nic.cz')}) +STEP 10 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +nic.cz. IN A +ENTRY_END + +STEP 20 CHECK_ANSWER +ENTRY_BEGIN +MATCH flags rcode question answer +REPLY QR RD RA AA NXDOMAIN +SECTION QUESTION +nic.cz. IN A +SECTION ANSWER +ENTRY_END + +; denied by policy.suffix(policy.DENY, {todname('nic.cz')}) +STEP 30 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +dummy.nic.cz. IN A +ENTRY_END + +STEP 40 CHECK_ANSWER +ENTRY_BEGIN +MATCH flags rcode question answer +REPLY QR RD RA AA NXDOMAIN +SECTION QUESTION +dummy.nic.cz. IN A +SECTION ANSWER +ENTRY_END + +; denied by policy.pattern(policy.DENY, todname('example[0-8].cz') +STEP 50 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +example0.cz. IN A +ENTRY_END + +STEP 60 CHECK_ANSWER +ENTRY_BEGIN +MATCH flags rcode question answer +REPLY QR RD RA AA NXDOMAIN +SECTION QUESTION +example0.cz. IN A +SECTION ANSWER +ENTRY_END + +; denied by policy.pattern(policy.DENY, todname('example[0-8].cz') +STEP 70 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +dummy.example0.cz. IN A +ENTRY_END + +STEP 80 CHECK_ANSWER +ENTRY_BEGIN +MATCH flags rcode question answer +REPLY QR RD RA AA NXDOMAIN +SECTION QUESTION +dummy.example0.cz. IN A +SECTION ANSWER +ENTRY_END + +; does not match any policy; allowed +STEP 90 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +example9.cz. IN A +ENTRY_END + +STEP 100 CHECK_ANSWER +ENTRY_BEGIN +MATCH flags rcode question answer +REPLY QR RD RA NOERROR +SECTION QUESTION +example9.cz. IN A +SECTION ANSWER +example9.cz. IN A 21.22.23.24 +ENTRY_END +SCENARIO_END -- cgit v1.2.3