Enable audit-log SOA

etc/smartdns/smartdns.conf

@@ -95,8 +95,9 @@ log-level info
 # log-num 2
 
 # dns audit
-# audit-enable: enable or disable audit [yes|no]
+# audit-enable [yes|no]: enable or disable audit.
 # audit-enable yes
+# audit-SOA [yes|no]: enable or disalbe log soa result.
 # audit-size size of each audit file, support k,m,g
 # audit-file /var/log/smartdns-audit.log
 # audit-size 128k

src/dns_conf.c

@@ -49,6 +49,7 @@ int dns_conf_log_num = 8;
 
 /* auditing */
 int dns_conf_audit_enable = 0;
+int dns_conf_audit_log_SOA;
 char dns_conf_audit_file[DNS_MAX_PATH];
 size_t dns_conf_audit_size = 1024 * 1024;
 int dns_conf_audit_num = 2;
@@ -1216,6 +1217,7 @@ static struct config_item _config_item[] = {
 	CONF_SIZE("log-size", &dns_conf_log_size, 0, 1024 * 1024 * 1024),
 	CONF_INT("log-num", &dns_conf_log_num, 0, 1024),
 	CONF_YESNO("audit-enable", &dns_conf_audit_enable),
+	CONF_YESNO("audit-SOA", &dns_conf_audit_log_SOA),
 	CONF_STRING("audit-file", (char *)&dns_conf_audit_file, DNS_MAX_PATH),
 	CONF_SIZE("audit-size", &dns_conf_audit_size, 0, 1024 * 1024 * 1024),
 	CONF_INT("audit-num", &dns_conf_audit_num, 0, 1024),

src/dns_conf.h

@@ -195,6 +195,7 @@ extern struct dns_server_groups dns_conf_server_groups[DNS_NAX_GROUP_NUMBER];
 extern int dns_conf_server_group_num;
 
 extern int dns_conf_audit_enable;
+extern int dns_conf_audit_log_SOA;
 extern char dns_conf_audit_file[DNS_MAX_PATH];
 extern size_t dns_conf_audit_size;
 extern int dns_conf_audit_num;

src/dns_server.c

@@ -290,7 +290,11 @@ static void _dns_server_audit_log(struct dns_request *request)
 	} else if (request->qtype == DNS_T_A && request->has_ipv4) {
 		snprintf(req_result, sizeof(req_result), "%d.%d.%d.%d", request->ipv4_addr[0], request->ipv4_addr[1], request->ipv4_addr[2], request->ipv4_addr[3]);
 	} else if (request->has_soa) {
-		return;
+		if (!dns_conf_audit_log_SOA) {
+			return;
+		}
+
+		snprintf(req_result, sizeof(req_result), "SOA");
 	} else {
 		return;
 	}
@@ -1747,25 +1751,23 @@ static int _dns_server_pre_process_rule_flags(struct dns_request *request)
 	struct dns_rule_flags *rule_flag = NULL;
 	unsigned int flags = 0;
 	if (request->domain_rule == NULL) {
-		goto errout;
+		goto out;
 	}
 
 	/* get domain rule flag */
 	rule_flag = request->domain_rule->rules[DOMAIN_RULE_FLAGS];
 	if (rule_flag == NULL) {
-		goto errout;
+		goto out;
 	}
 
 	flags = rule_flag->flags;
 	if (flags & DOMAIN_FLAG_ADDR_IGN) {
 		/* ignore this domain */
-		goto errout;
+		goto out;
 	}
 
 	if (_dns_server_is_return_soa(request)) {
-		/* return SOA */
-		_dns_server_reply_SOA(DNS_RC_NOERROR, request);
-		return 0;
+		goto soa;
 	}
 
 	/* return specific type of address */
@@ -1773,34 +1775,38 @@ static int _dns_server_pre_process_rule_flags(struct dns_request *request)
 	case DNS_T_A:
 		if (flags & DOMAIN_FLAG_ADDR_IPV4_IGN) {
 			/* ignore this domain for A reqeust */
-			goto errout;
+			goto out;
 		}
 
 		if (_dns_server_is_return_soa(request)) {
 			/* return SOA for A request */
-			_dns_server_reply_SOA(DNS_RC_NOERROR, request);
-			return 0;
+			goto soa;
 		}
 		break;
 	case DNS_T_AAAA:
 		if (flags & DOMAIN_FLAG_ADDR_IPV6_IGN) {
 			/* ignore this domain for A reqeust */
-			goto errout;
+			goto out;
 		}
 
 		if (_dns_server_is_return_soa(request)) {
 			/* return SOA for A request */
-			_dns_server_reply_SOA(DNS_RC_NOERROR, request);
-			return 0;
+			goto soa;
 		}
 		break;
 	default:
-		goto errout;
+		goto out;
 		break;
 	}
 
-errout:
+out:
 	return -1;
+
+soa:
+	/* return SOA */
+	_dns_server_reply_SOA(DNS_RC_NOERROR, request);
+	_dns_server_audit_log(request);
+	return 0;
 }
 
 static int _dns_server_process_address(struct dns_request *request)