[dnstap] Adding response policy information in dnstap
Chris Mikkelson
cmikk at fsi.io
Mon Feb 1 20:50:36 UTC 2021
On Mon, Feb 01, 2021 at 09:38:31PM +0100, Pieter Lexis wrote:
> Hi Chris,
>
> I haven't digested this fully, but there's a small error in the .proto:
>
> On 2/1/21 7:59 PM, Chris Mikkelson wrote:
> >
> > // Policy: information about any name server operator policy
> > // applied to the processing of a DNS message.
> > message Policy {
> >
> > // The matched value. Format depends on the matched feature .
> > optional bytes value = 2;
> > }
>
> Should be '5'.
Good catch, and fixed. Thanks!
This was left over from an earlier revision which had 'value' in another
message / compound type alon with the corresponding match type, with the
goal of recording multiple matching elements for the report, as in:
message Policy {
message Match {
enum Type {
.. QNAME, etc.
}
optional Type type = 1;
optional bytes value = 2;
}
...
repeated Match match = 4;
}
This is slightly more complicated than simply storing one match+value pair
but is an option if desired.
Thanks,
--
Chris Mikkelson
Farsight Security, Inc.
cmikk at fsi.io
More information about the dnstap
mailing list