Report information
The Basics
Id:
36624
Status:
resolved
Priority:
Medium/Medium
Queue:
bind9-public
People
Owner:
Nobody in particular
Requestors:
Tony Finch <dot@dotat.at>
Cc:
AdminCc:
BugTracker
Version Fixed:
9.11.0
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
9.11.0
Priority:
(no value)
Severity:
S2 Normal
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
(no value)
Area:
feature
Dates
Created:Wed, 23 Jul 2014 11:36:27 -0400
Updated:Mon, 26 Jun 2017 17:05:11 -0400
Closed:Wed, 22 Oct 2014 13:49:07 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Wed, 23 Jul 2014 11:36:27 -0400 Tony Finch <dot@dotat.at> - Ticket created
CC: dot@dotat.at
Subject: [PATCH] Log outgoing query packets
Date: Wed, 23 Jul 2014 16:14:42 +0100
To: bind9-bugs@isc.org
From: Tony Finch <dot@dotat.at>

This is handy for debugging interop problems, so we can see exactly what named is sending without fiddling with tcpdump. I have set the message's debug level to 11 so a debug level of 10 continues to produce only incoming packets in the log. Nothing else is at level 11. --- lib/dns/resolver.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 96cd534..8ef2c5b 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -2228,6 +2228,16 @@ resquery_send(resquery_t *query) { } /* + * Log the outgoing packet. + */ + dns_message_logfmtpacket(fctx->qmessage, "sending packet:\n", + DNS_LOGCATEGORY_RESOLVER, + DNS_LOGMODULE_PACKETS, + &dns_master_style_comment, + ISC_LOG_DEBUG(11), + fctx->res->mctx); + + /* * We're now done with the query message. */ dns_message_reset(fctx->qmessage, DNS_MESSAGE_INTENTRENDER); -- 2.0.1
  Fri, 08 Aug 2014 07:26:03 -0400 Tony Finch <dot@dotat.at> - Correspondence added
CC: dot@dotat.at
Subject: [ISC-Bugs #36624] [PATCH] Improve debug logging of packet contents
Date: Fri, 8 Aug 2014 12:25:59 +0100
To: bind9-bugs@isc.org
From: Tony Finch <dot@dotat.at>

This is an update of my earlier patch to log outgoing query packets as well as incoming packets, which now also logs the address of the remote server. --- lib/dns/include/dns/message.h | 12 +++++++----- lib/dns/message.c | 18 +++++++++++------ lib/dns/resolver.c | 45 ++++++++++++++++++++++--------------------- lib/dns/xfrin.c | 3 ++- 4 files changed, 44 insertions(+), 34 deletions(-) diff --git a/lib/dns/include/dns/message.h b/lib/dns/include/dns/message.h index de121c7..afec880 100644 --- a/lib/dns/include/dns/message.h +++ b/lib/dns/include/dns/message.h @@ -1368,18 +1368,20 @@ dns_message_gettimeadjust(dns_message_t *msg); */ void -dns_message_logpacket(dns_message_t *message, const char *description, +dns_message_logpacket(dns_message_t *message, + const char *description, isc_sockaddr_t *address, isc_logcategory_t *category, isc_logmodule_t *module, int level, isc_mem_t *mctx); void -dns_message_logfmtpacket(dns_message_t *message, const char *description, +dns_message_logfmtpacket(dns_message_t *message, + const char *description, isc_sockaddr_t *address, isc_logcategory_t *category, isc_logmodule_t *module, - const dns_master_style_t *style, int level, + int level, const dns_master_style_t *style, isc_mem_t *mctx); /*%< * Log 'message' at the specified logging parameters. - * 'description' will be emitted at the start of the message and will - * normally end with a newline. + * 'description' will be emitted at the start of the message followed + * by the formatted address and a newline. */ isc_result_t diff --git a/lib/dns/message.c b/lib/dns/message.c index 88c9239..3d763ac 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -3560,20 +3560,24 @@ dns_opcode_totext(dns_opcode_t opcode, isc_buffer_t *target) { } void -dns_message_logpacket(dns_message_t *message, const char *description, +dns_message_logpacket(dns_message_t *message, + const char *description, isc_sockaddr_t *address, isc_logcategory_t *category, isc_logmodule_t *module, int level, isc_mem_t *mctx) { - dns_message_logfmtpacket(message, description, category, module, - &dns_master_style_debug, level, mctx); + dns_message_logfmtpacket(message, description, address, + category, module, level, + &dns_master_style_debug, mctx); } void -dns_message_logfmtpacket(dns_message_t *message, const char *description, +dns_message_logfmtpacket(dns_message_t *message, + const char *description, isc_sockaddr_t *address, isc_logcategory_t *category, isc_logmodule_t *module, - const dns_master_style_t *style, int level, + int level, const dns_master_style_t *style, isc_mem_t *mctx) { + char addrbuf[ISC_SOCKADDR_FORMATSIZE]; isc_buffer_t buffer; char *buf = NULL; int len = 1024; @@ -3587,6 +3591,8 @@ dns_message_logfmtpacket(dns_message_t *message, const char *description, * to appear in the log after each message. */ + isc_sockaddr_format(address, addrbuf, sizeof(addrbuf)); + do { buf = isc_mem_get(mctx, len); if (buf == NULL) @@ -3598,7 +3604,7 @@ dns_message_logfmtpacket(dns_message_t *message, const char *description, len += 1024; } else if (result == ISC_R_SUCCESS) isc_log_write(dns_lctx, category, module, level, - "%s%.*s", description, + "%s %s\n%.*s", description, addrbuf, (int)isc_buffer_usedlength(&buffer), buf); } while (result == ISC_R_NOSPACE); diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 421338f..a50c1f7 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -2229,6 +2229,17 @@ resquery_send(resquery_t *query) { } /* + * Log the outgoing packet. + */ + dns_message_logfmtpacket(fctx->qmessage, "sending packet to", + &query->addrinfo->sockaddr, + DNS_LOGCATEGORY_RESOLVER, + DNS_LOGMODULE_PACKETS, + ISC_LOG_DEBUG(11), + &dns_master_style_comment, + fctx->res->mctx); + + /* * We're now done with the query message. */ dns_message_reset(fctx->qmessage, DNS_MESSAGE_INTENTRENDER); @@ -7321,11 +7332,12 @@ resquery_response(isc_task_t *task, isc_event_t *event) { /* * Log the incoming packet. */ - dns_message_logfmtpacket(message, "received packet:\n", + dns_message_logfmtpacket(message, "received packet from", + &query->addrinfo->sockaddr, DNS_LOGCATEGORY_RESOLVER, DNS_LOGMODULE_PACKETS, - &dns_master_style_comment, ISC_LOG_DEBUG(10), + &dns_master_style_comment, fctx->res->mctx); /* * Process receive opt record. @@ -7379,18 +7391,13 @@ resquery_response(isc_task_t *task, isc_event_t *event) { message->rcode == dns_rcode_refused || message->rcode == dns_rcode_yxdomain) && bad_edns(fctx, &query->addrinfo->sockaddr)) { - if (isc_log_wouldlog(dns_lctx, ISC_LOG_DEBUG(3))) { - char buf[4096], addrbuf[ISC_SOCKADDR_FORMATSIZE]; - isc_sockaddr_format(&query->addrinfo->sockaddr, - addrbuf, sizeof(addrbuf)); - snprintf(buf, sizeof(buf), - "received packet from %s (bad edns):\n", - addrbuf); - dns_message_logpacket(message, buf, + dns_message_logpacket(message, + "received packet (bad edns) from", + &query->addrinfo->sockaddr, DNS_LOGCATEGORY_RESOLVER, DNS_LOGMODULE_RESOLVER, - ISC_LOG_DEBUG(3), fctx->res->mctx); - } + ISC_LOG_DEBUG(3), + fctx->res->mctx); dns_adb_changeflags(fctx->adb, query->addrinfo, DNS_FETCHOPT_NOEDNS0, DNS_FETCHOPT_NOEDNS0); @@ -7410,18 +7417,12 @@ resquery_response(isc_task_t *task, isc_event_t *event) { * should be safe to do for any rcode we limit it to NOERROR * and NXDOMAIN. */ - if (isc_log_wouldlog(dns_lctx, ISC_LOG_DEBUG(3))) { - char buf[4096], addrbuf[ISC_SOCKADDR_FORMATSIZE]; - isc_sockaddr_format(&query->addrinfo->sockaddr, - addrbuf, sizeof(addrbuf)); - snprintf(buf, sizeof(buf), - "received packet from %s (no opt):\n", - addrbuf); - dns_message_logpacket(message, buf, + dns_message_logpacket(message, "received packet (no opt) from", + &query->addrinfo->sockaddr, DNS_LOGCATEGORY_RESOLVER, DNS_LOGMODULE_RESOLVER, - ISC_LOG_DEBUG(3), fctx->res->mctx); - } + ISC_LOG_DEBUG(3), + fctx->res->mctx); dns_adb_changeflags(fctx->adb, query->addrinfo, DNS_FETCHOPT_NOEDNS0, DNS_FETCHOPT_NOEDNS0); diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index 744f878..21ea0a3 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -1234,7 +1234,8 @@ xfrin_recv_done(isc_task_t *task, isc_event_t *ev) { DNS_MESSAGEPARSE_PRESERVEORDER); if (result == ISC_R_SUCCESS) - dns_message_logpacket(msg, "received message:\n", + dns_message_logpacket(msg, "received message from", + &tcpmsg->address, DNS_LOGCATEGORY_XFER_IN, DNS_LOGMODULE_XFER_IN, ISC_LOG_DEBUG(10), xfr->mctx); -- 2.1.0.rc1.8.gb4fa8f0
Wed, 01 Oct 2014 00:04:43 -0400 Mark Andrews <marka@isc.org> - Taken
Wed, 01 Oct 2014 00:04:48 -0400 Mark Andrews <marka@isc.org> - Status changed from 'new' to 'open'
Wed, 01 Oct 2014 01:26:32 -0400 Mark Andrews <marka@isc.org> - Queue changed from #6 to #7
Wed, 01 Oct 2014 01:26:33 -0400 Mark Andrews <marka@isc.org> - Given to Nobody in particular
Wed, 01 Oct 2014 08:37:56 -0400 Francis Dupont <Francis_Dupont@isc.org> - Given to Mark Andrews <marka@isc.org>
Wed, 01 Oct 2014 19:43:01 -0400 Mark Andrews <marka@isc.org> - Versions Planned 9.11.0 added
Wed, 01 Oct 2014 19:43:01 -0400 Mark Andrews <marka@isc.org> - Version Fixed 9.11.0 added
  Wed, 01 Oct 2014 19:43:01 -0400 Mark Andrews <marka@isc.org> - Correspondence added

3965. [func] Log outgoing packets and improve packet logging to support logging the remote address. [RT #36624] I re-did the patch to not break existing third party code.
Wed, 01 Oct 2014 19:43:02 -0400 Mark Andrews <marka@isc.org> - Queue changed from #7 to #30
Wed, 01 Oct 2014 19:43:02 -0400 Mark Andrews <marka@isc.org> - Given to Nobody in particular
Wed, 22 Oct 2014 13:49:07 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'open' to 'resolved'
Tue, 02 Aug 2016 17:34:43 -0400 Vicky Risk <vicky@isc.org> - Severity S2 Normal added
Tue, 02 Aug 2016 17:34:43 -0400 Vicky Risk <vicky@isc.org> - Area feature added
Wed, 21 Jun 2017 14:36:03 -0400 Brian Conry <bconry@isc.org> - Queue changed from #30 to #6
Mon, 26 Jun 2017 17:05:11 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #6 to bind9-public