13 years ago · 3ff33cfedc
--- a/src/bin/xfrout/xfrout.py.in
+++ b/src/bin/xfrout/xfrout.py.in
@@ -39,6 +39,7 @@ from isc.log_messages.xfrout_messages import *
 
				 
			
 
				 isc.log.init("b10-xfrout")
			
 
				 logger = isc.log.Logger("xfrout")
			
 
				+DBG_XFROUT_TRACE = logger.DBGLVL_TRACE_BASIC
			
 
				 
			
 
				 try:
			
 
				     from libutil_io_python import *
			
@@ -224,39 +225,44 @@ class XfroutSession():
 
				         # the auth server, but since it's far from our xfrout itself,
			
 
				         # we check it by ourselves.
			
 
				         if msg.get_rr_count(Message.SECTION_QUESTION) != 1:
			
 
				-            # TODO: Log?
			
 
				+            logger.debug(DBG_XFROUT_TRACE, XFROUT_XFR_REQUEST_MISSING_QUESTION,
			
 
				+                         format_addrinfo(self._remote))
			
 
				             return Rcode.FORMERR(), msg
			
 
				 
			
 
				         request_type = msg.get_question()[0].get_type()
			
 
				+        zone_name = msg.get_question()[0].get_name()
			
 
				+        zone_class = msg.get_question()[0].get_class()
			
 
				 
			
 
				         # If it is an IXFR query, there should be a SOA in the authority
			
 
				         # section too
			
 
				         if request_type == RRType.IXFR():
			
 
				             if msg.get_rr_count(Message.SECTION_AUTHORITY) != 1:
			
 
				-                # TODO: Log?
			
 
				+                logger.debug(DBG_XFROUT_TRACE, XFROUT_IXFR_REQUEST_MISSING_SOA,
			
 
				+                             format_addrinfo(self._remote),
			
 
				+                             format_zone_str(zone_name, zone_class))
			
 
				                 return Rcode.FORMERR(), msg
			
 
				             self._request_type = 'IXFR'
			
 
				         elif request_type == RRType.AXFR():
			
 
				             self._request_type = 'AXFR'
			
 
				         else:
			
 
				-            # TODO: Log?
			
 
				+            logger.error(XFROUT_XFR_REQUEST_BAD_TYPE,
			
 
				+                         format_zone_str(zone_name, zone_class),
			
 
				+                         format_addrinfo(self._remote))
			
 
				             return Rcode.FORMERR(), msg
			
 
				 
			
 
				         # ACL checks
			
 
				-        zone_name = msg.get_question()[0].get_name()
			
 
				-        zone_class = msg.get_question()[0].get_class()
			
 
				         acl = self._get_transfer_acl(zone_name, zone_class)
			
 
				         acl_result = acl.execute(
			
 
				             isc.acl.dns.RequestContext(self._remote[2], msg.get_tsig_record()))
			
 
				         if acl_result == DROP:
			
 
				-            logger.info(XFROUT_QUERY_DROPPED, self._request_type,
			
 
				-                        format_addrinfo(self._remote),
			
 
				-                        format_zone_str(zone_name, zone_class))
			
 
				+            logger.debug(DBG_XFROUT_TRACE, XFROUT_QUERY_DROPPED,
			
 
				+                         self._request_type, format_addrinfo(self._remote),
			
 
				+                         format_zone_str(zone_name, zone_class))
			
 
				             return None, None
			
 
				         elif acl_result == REJECT:
			
 
				-            logger.info(XFROUT_QUERY_REJECTED, self._request_type,
			
 
				-                        format_addrinfo(self._remote),
			
 
				-                        format_zone_str(zone_name, zone_class))
			
 
				+            logger.debug(DBG_XFROUT_TRACE, XFROUT_QUERY_REJECTED,
			
 
				+                         self._request_type, format_addrinfo(self._remote),
			
 
				+                         format_zone_str(zone_name, zone_class))
			
 
				             return Rcode.REFUSED(), msg
			
 
				 
			
 
				         return rcode, msg
			
--- a/src/bin/xfrout/xfrout_messages.mes
+++ b/src/bin/xfrout/xfrout_messages.mes
@@ -56,6 +56,10 @@ are missing on the system, or the PYTHONPATH variable is not correct.
 
				 The specific place where this library needs to be depends on your
			
 
				 system and your specific installation.
			
 
				 
			
 
				+% XFROUT_IXFR_REQUEST_MISSING_SOA IXFR client %1: request packet for %2 did not contain SOA RR
			
 
				+An IXFR request arrived, but it did not contain a SOA RR in its authority
			
 
				+section. The xfrout daemon will respond with a FORMERR.
			
 
				+
			
 
				 % XFROUT_IXFR_TRANSFER_STARTED %1 client %2: IXFR transfer of zone %3 has started
			
 
				 An incremental transfer out of the given zone has started.
			
 
				 
			
@@ -150,6 +154,16 @@ on, but the file is in use. The most likely cause is that another
 
				 xfrout daemon process is still running. This xfrout daemon (the one
			
 
				 printing this message) will not start.
			
 
				 
			
 
				+% XFROUT_XFR_REQUEST_BAD_TYPE bad question type in transfer request for %1 from %2
			
 
				+A transfer request for the given zone arrived, but the RR in the question
			
 
				+section was not of type AXFR or IXFR. This request should not even have
			
 
				+reached the xfrout daemon, and there appears to be a problem in the module
			
 
				+that passed it on, please file a bug report if this error is encountered.
			
 
				+
			
 
				+% XFROUT_XFR_REQUEST_MISSING_QUESTION empty question section in transfer request from %1
			
 
				+A transfer request from the given client did not contain a question section.
			
 
				+The xfrout daemon will respond with a FORMERR.
			
 
				+
			
 
				 % XFROUT_XFR_TRANSFER_DONE %1 client %2: transfer of %3 complete
			
 
				 The transfer of the given zone has been completed successfully, or was
			
 
				 aborted due to a shutdown event.