EDNS filters

- Add filters for EDNS(0) cookies, NSID, EDE and ECS
DNS-OARC · Jul 7, 2023 · 8259f30 · 8259f30
1 parent 0f22a96
commit 8259f30
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/src/dns_message.c b/src/dns_message.c
@@ -241,6 +241,26 @@ static int edns0_filter(const dns_message* m, const void* ctx)
     return m->edns.found && m->edns.version == 0;
 }
 
+static int edns0_cookie_filter(const dns_message* m, const void* ctx)
+{
+    return m->edns.option.cookie;
+}
+
+static int edns0_nsid_filter(const dns_message* m, const void* ctx)
+{
+    return m->edns.option.nsid;
+}
+
+static int edns0_ede_filter(const dns_message* m, const void* ctx)
+{
+    return m->edns.option.ede;
+}
+
+static int edns0_ecs_filter(const dns_message* m, const void* ctx)
+{
+    return m->edns.option.ecs;
+}
+
 /*
  * Helpers
  */
@@ -507,6 +527,10 @@ void dns_message_filters_init(void)
     fl = md_array_filter_list_append(fl, md_array_create_filter("priming-query", priming_query_filter, 0));
     fl = md_array_filter_list_append(fl, md_array_create_filter("servfail-only", servfail_filter, 0));
     fl = md_array_filter_list_append(fl, md_array_create_filter("edns0-only", edns0_filter, 0));
+    fl = md_array_filter_list_append(fl, md_array_create_filter("edns0-cookie-only", edns0_cookie_filter, 0));
+    fl = md_array_filter_list_append(fl, md_array_create_filter("edns0-nsid-only", edns0_nsid_filter, 0));
+    fl = md_array_filter_list_append(fl, md_array_create_filter("edns0-ede-only", edns0_ede_filter, 0));
+    fl = md_array_filter_list_append(fl, md_array_create_filter("edns0-ecs-only", edns0_ecs_filter, 0));
     (void)md_array_filter_list_append(fl, md_array_create_filter("authentic-data-only", ad_filter, 0));
 }
 

diff --git a/src/dsc.conf.5.in b/src/dsc.conf.5.in
@@ -764,6 +764,18 @@ Count only DNS messages with the AD bit is set.
 .TP
 \fBedns0-only\fR
 Count only DNS messages with EDNS(0) options.
+.TP
+\fBedns0-cookie-only\fR
+Count only DNS messages with EDNS(0) Cookie option.
+.TP
+\fBedns0-nsid-only\fR
+Count only DNS messages with EDNS(0) DNS Name Server Identifier option.
+.TP
+\fBedns0-ede-only\fR
+Count only DNS messages with EDNS(0) Extended DNS Errors option.
+.TP
+\fBedns0-ecs-only\fR
+Count only DNS messages with EDNS(0) Client Subnet option.
 .SH "QNAME FILTERS"
 Defines a custom QNAME-based filter for DNS messages.
 If you refer to this named filter on a dataset line, then only queries