Permalink
Browse files

Log error when remote cannot do AXFR

  • Loading branch information...
1 parent 315cad1 commit 0481021feaf43e8b9011a528365cc34ba44b466e @cmouse cmouse committed Mar 29, 2015
Showing with 8 additions and 1 deletion.
  1. +8 −1 pdns/tcpreceiver.cc
View
@@ -530,8 +530,15 @@ int TCPNameserver::doAXFR(const string &target, shared_ptr<DNSPacket> q, int out
s_P=new PacketHandler;
}
+ if (!canDoAXFR(q)) {
+ L<<Logger::Error<<"AXFR of domain '"<<target<<"' failed: "<<q->getRemote()<<" cannot request AXFR"<<endl;
+ outpacket->setRcode(9); // 'NOTAUTH'
+ sendPacket(outpacket,outsock);
+ return 0;
+ }
+
// canDoAXFR does all the ACL checks, and has the if(disable-axfr) shortcut, call it first.
- if(!canDoAXFR(q) || !s_P->getBackend()->getSOA(target, sd)) {
+ if(!s_P->getBackend()->getSOA(target, sd)) {
L<<Logger::Error<<"AXFR of domain '"<<target<<"' failed: not authoritative"<<endl;
outpacket->setRcode(9); // 'NOTAUTH'
sendPacket(outpacket,outsock);

0 comments on commit 0481021

Please sign in to comment.