[net-dns-users] Tracking intermediate packet status of queries
Wessels, Duane
dwessels at verisign.com
Fri Jun 5 15:02:18 UTC 2015
Robert,
I would be surprised if you can get Net::DNS::Resolver to save and return all the raw messages.
Perhaps you can set Net::DNS::Resolver->igntc(1) and detect the TC bit yourself and then do your
own fallback to TCP?
DW
> On Jun 4, 2015, at 7:32 PM, Robert Kuropkat <robert at kuropkat.com> wrote:
>
>
> All,
>
> I'm new to Net::DNS and DNS as well so may well be missing something obvious. I have some tests I want to do to validate results of RPZ configurations. The problem is, the send() method seems to only return the status of the final packet of a query. Unfortunately, the final status for several tests appear the same, so there is no way to validate the query in fact behaved as expected. When I set the debug flag, I see the traffic I expect, but none of that data (except the last) is retained for programmatic analysis.
>
> Example: Setting RPZ policy action to TCP-ONLY. (sorry, doing this from memory...)
> • $resolver->send() (via UDP)
> • Initial query is truncated (tc=1), status, unknown error
> • query resent, forcing TCP connection
> • query returns answer correctly. status NOERROR
> I'd like to capture intermediate flag settings and resolver status to validate each step executed as expected.
> A quick walk through the Net::DNS code shows it **may** be as simple as changing the $ans (return value) scaler to an array and saving each intermediate packet. It's possible a flag could be set to default to current behaviour and return only the last packet to maintain backwards compatibility. It seems internally, there are only two or three methods that would need to be modified as a result. However, I'm not familiar enough with the framework to be sure that is all, or even be sure what I want is not really there already.
> Help or suggestions much appreciated. Requests for details will have to wait until I am back in the office tomorrow...
> Robert Kuropkat
>
> _______________________________________________
> net-dns-users mailing list
> net-dns-users at nlnetlabs.nl
> https://www.nlnetlabs.nl/mailman/listinfo/net-dns-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4676 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/net-dns-users/attachments/20150605/1f05c33e/attachment.bin>
More information about the net-dns-users
mailing list