File Manager

Hackfut Security File Manager

Current Path: /usr/include/dns

📁 ..
📄 acl.h(6.28 KB)
📄 adb.h(17.82 KB)
📄 byaddr.h(4.41 KB)
📄 cache.h(7.41 KB)
📄 callbacks.h(2.19 KB)
📄 cert.h(1.94 KB)
📄 compress.h(6.08 KB)
📄 db.h(40.33 KB)
📄 dbiterator.h(7.69 KB)
📄 dbtable.h(3.6 KB)
📄 diff.h(7.45 KB)
📄 dispatch.h(13.25 KB)
📄 dlz.h(10.89 KB)
📄 dnssec.h(10.84 KB)
📄 ds.h(1.87 KB)
📄 dynamic_db.h(1.85 KB)
📄 enumclass.h(1.75 KB)
📄 enumtype.h(6.57 KB)
📄 events.h(3.87 KB)
📄 fixedname.h(2.18 KB)
📄 forward.h(3.52 KB)
📄 iptable.h(1.88 KB)
📄 journal.h(8.27 KB)
📄 keyflags.h(1.76 KB)
📄 keytable.h(9.97 KB)
📄 keyvalues.h(4.22 KB)
📄 lib.h(1.68 KB)
📄 log.h(4.05 KB)
📄 master.h(9.18 KB)
📄 masterdump.h(9.43 KB)
📄 message.h(37.08 KB)
📄 name.h(35.02 KB)
📄 ncache.h(5.06 KB)
📄 nsec.h(2.27 KB)
📄 peer.h(5.31 KB)
📄 portlist.h(2.48 KB)
📄 private.h(1.87 KB)
📄 rbt.h(33.72 KB)
📄 rcode.h(2.93 KB)
📄 rdata.h(20.83 KB)
📄 rdataclass.h(2.26 KB)
📄 rdatalist.h(2.83 KB)
📄 rdataset.h(19.07 KB)
📄 rdatasetiter.h(4.35 KB)
📄 rdataslab.h(4.57 KB)
📄 rdatastruct.h(76.03 KB)
📄 rdatatype.h(2.32 KB)
📄 request.h(10.2 KB)
📄 resolver.h(15.87 KB)
📄 result.h(8.29 KB)
📄 rootns.h(1.4 KB)
📄 rpz.h(5.31 KB)
📄 rrl.h(6.83 KB)
📄 sdb.h(7.17 KB)
📄 sdlz.h(14.1 KB)
📄 secalg.h(2.18 KB)
📄 secproto.h(2.03 KB)
📄 soa.h(2.69 KB)
📄 ssu.h(6.61 KB)
📄 tcpmsg.h(3.56 KB)
📄 time.h(2.04 KB)
📄 tkey.h(7.95 KB)
📄 tsig.h(8.52 KB)
📄 ttl.h(2.08 KB)
📄 types.h(12.01 KB)
📄 validator.h(7.32 KB)
📄 version.h(1.18 KB)
📄 view.h(28.36 KB)
📄 xfrin.h(3.06 KB)
📄 zone.h(45.12 KB)
📄 zonekey.h(1.25 KB)
📄 zt.h(4.54 KB)

Editing: rpz.h

/*
 * Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
 *
 * Permission to use, copy, modify, and/or distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 * PERFORMANCE OF THIS SOFTWARE.
 */

/* $Id: rpz.h,v 1.3.8.2 2011-10-31 02:55:07 marka Exp $ */

#ifndef DNS_RPZ_H
#define DNS_RPZ_H 1

#include <isc/lang.h>

#include <dns/fixedname.h>
#include <dns/rdata.h>
#include <dns/types.h>

ISC_LANG_BEGINDECLS

#define DNS_RPZ_IP_ZONE		"rpz-ip"
#define DNS_RPZ_NSIP_ZONE	"rpz-nsip"
#define DNS_RPZ_NSDNAME_ZONE	"rpz-nsdname"

typedef isc_uint8_t		dns_rpz_cidr_bits_t;

typedef enum {
	DNS_RPZ_TYPE_BAD,
	DNS_RPZ_TYPE_QNAME,
	DNS_RPZ_TYPE_IP,
	DNS_RPZ_TYPE_NSDNAME,
	DNS_RPZ_TYPE_NSIP
} dns_rpz_type_t;

/*
 * Require DNS_RPZ_POLICY_PASSTHRU < DNS_RPZ_POLICY_NXDOMAIN <
 * DNS_RPZ_POLICY_NODATA < DNS_RPZ_POLICY_CNAME to choose among competing
 * policies.
 */
typedef enum {
	DNS_RPZ_POLICY_GIVEN = 0,	/* 'given': what policy record says */
	DNS_RPZ_POLICY_DISABLED = 1,	/* 'cname x': answer with x's rrsets */
	DNS_RPZ_POLICY_PASSTHRU = 2,	/* 'passthru': do not rewrite */
	DNS_RPZ_POLICY_NXDOMAIN = 3,	/* 'nxdomain': answer with NXDOMAIN */
	DNS_RPZ_POLICY_NODATA = 4,	/* 'nodata': answer with ANCOUNT=0 */
	DNS_RPZ_POLICY_CNAME = 5,	/* 'cname x': answer with x's rrsets */
	DNS_RPZ_POLICY_RECORD,
	DNS_RPZ_POLICY_WILDCNAME,
	DNS_RPZ_POLICY_MISS,
	DNS_RPZ_POLICY_ERROR
} dns_rpz_policy_t;

/*
 * Specify a response policy zone.
 */
typedef struct dns_rpz_zone dns_rpz_zone_t;

struct dns_rpz_zone {
	ISC_LINK(dns_rpz_zone_t) link;
	int			 num;
	dns_name_t		 origin;  /* Policy zone name */
	dns_name_t		 nsdname; /* DNS_RPZ_NSDNAME_ZONE.origin */
	dns_rpz_policy_t	 policy;  /* DNS_RPZ_POLICY_GIVEN or override */
	dns_name_t		 cname;	  /* override value for ..._CNAME */
};

/*
 * Radix trees for response policy IP addresses.
 */
typedef struct dns_rpz_cidr	dns_rpz_cidr_t;

/*
 * context for finding the best policy
 */
typedef struct {
	unsigned int		state;
# define DNS_RPZ_REWRITTEN	0x0001
# define DNS_RPZ_DONE_QNAME	0x0002	/* qname checked */
# define DNS_RPZ_DONE_QNAME_IP	0x0004	/* IP addresses of qname checked */
# define DNS_RPZ_DONE_NSDNAME	0x0008	/* NS name missed; checking addresses */
# define DNS_RPZ_DONE_IPv4 	0x0010
# define DNS_RPZ_RECURSING	0x0020
# define DNS_RPZ_HAVE_IP 	0x0040	/* a policy zone has IP addresses */
# define DNS_RPZ_HAVE_NSIPv4	0x0080	/*		  IPv4 NISP addresses */
# define DNS_RPZ_HAVE_NSIPv6	0x0100	/*		  IPv6 NISP addresses */
# define DNS_RPZ_HAVE_NSDNAME	0x0200	/*		  NS names */
	/*
	 * Best match so far.
	 */
	struct {
		dns_rpz_type_t		type;
		dns_rpz_zone_t		*rpz;
		dns_rpz_cidr_bits_t	prefix;
		dns_rpz_policy_t	policy;
		dns_ttl_t		ttl;
		isc_result_t		result;
		dns_zone_t		*zone;
		dns_db_t		*db;
		dns_dbversion_t		*version;
		dns_dbnode_t		*node;
		dns_rdataset_t		*rdataset;
	} m;
	/*
	 * State for chasing IP addresses and NS names including recursion.
	 */
	struct {
		unsigned int		label;
		dns_db_t		*db;
		dns_rdataset_t		*ns_rdataset;
		dns_rdatatype_t		r_type;
		isc_result_t		r_result;
		dns_rdataset_t		*r_rdataset;
	} r;
	/*
	 * State of real query while recursing for NSIP or NSDNAME.
	 */
	struct {
		isc_result_t		result;
		isc_boolean_t		is_zone;
		isc_boolean_t		authoritative;
		dns_zone_t		*zone;
		dns_db_t		*db;
		dns_dbnode_t		*node;
		dns_rdataset_t		*rdataset;
		dns_rdataset_t		*sigrdataset;
		dns_rdatatype_t		qtype;
	} q;
	dns_name_t		*qname;
	dns_name_t		*r_name;
	dns_name_t		*fname;
	dns_fixedname_t		_qnamef;
	dns_fixedname_t		_r_namef;
	dns_fixedname_t		_fnamef;
} dns_rpz_st_t;

#define DNS_RPZ_TTL_DEFAULT		5

/*
 * So various response policy zone messages can be turned up or down.
 */
#define DNS_RPZ_ERROR_LEVEL	ISC_LOG_WARNING
#define DNS_RPZ_INFO_LEVEL	ISC_LOG_INFO
#define DNS_RPZ_DEBUG_LEVEL1	ISC_LOG_DEBUG(1)
#define DNS_RPZ_DEBUG_LEVEL2	ISC_LOG_DEBUG(2)
#define DNS_RPZ_DEBUG_LEVEL3	ISC_LOG_DEBUG(3)

const char *
dns_rpz_type2str(dns_rpz_type_t type);

dns_rpz_policy_t
dns_rpz_str2policy(const char *str);

const char *
dns_rpz_policy2str(dns_rpz_policy_t policy);

void
dns_rpz_set_need(isc_boolean_t need);

isc_boolean_t
dns_rpz_needed(void);

void
dns_rpz_cidr_free(dns_rpz_cidr_t **cidr);

void
dns_rpz_view_destroy(dns_view_t *view);

isc_result_t
dns_rpz_new_cidr(isc_mem_t *mctx, dns_name_t *origin,
		 dns_rpz_cidr_t **rbtdb_cidr);
void
dns_rpz_enabled(dns_rpz_cidr_t *cidr, dns_rpz_st_t *st);

void
dns_rpz_cidr_deleteip(dns_rpz_cidr_t *cidr, dns_name_t *name);

void
dns_rpz_cidr_addip(dns_rpz_cidr_t *cidr, dns_name_t *name);

isc_result_t
dns_rpz_cidr_find(dns_rpz_cidr_t *cidr, const isc_netaddr_t *netaddr,
		  dns_rpz_type_t type, dns_name_t *canon_name,
		  dns_name_t *search_name, dns_rpz_cidr_bits_t *prefix);

dns_rpz_policy_t
dns_rpz_decode_cname(dns_rdataset_t *, dns_name_t *selfname);

#endif /* DNS_RPZ_H */

Hackfut Security File Manager

Editing: rpz.h

Upload File

Create Folder