- Print query name with ip_ratelimit exceeded log lines.

git-svn-id: file:///svn/unbound/trunk@5115 be551aaa-1e26-0410-a405-d3ace91eadb9

daemon/worker.c

@@ -1171,7 +1171,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 
 	/* check if this query should be dropped based on source ip rate limiting */
 	if(!infra_ip_ratelimit_inc(worker->env.infra_cache, repinfo,
-			*worker->env.now)) {
+			*worker->env.now, c->buffer)) {
 		/* See if we are passed through with slip factor */
 		if(worker->env.cfg->ip_ratelimit_factor != 0 &&
 			ub_random_max(worker->env.rnd,

doc/Changelog

@@ -1,3 +1,6 @@
+18 February 2019: Wouter
+	- Print query name with ip_ratelimit exceeded log lines.
+
 14 February 2019: Wouter
 	- Fix capsforid canonical sort qsort callback.
 

services/cache/infra.c

@@ -41,6 +41,8 @@
 #include "config.h"
 #include "sldns/rrdef.h"
 #include "sldns/str2wire.h"
+#include "sldns/sbuffer.h"
+#include "sldns/wire2str.h"
 #include "services/cache/infra.h"
 #include "util/storage/slabhash.h"
 #include "util/storage/lookup3.h"
@@ -991,7 +993,7 @@ infra_get_mem(struct infra_cache* infra)
 }
 
 int infra_ip_ratelimit_inc(struct infra_cache* infra,
-  struct comm_reply* repinfo, time_t timenow)
+  struct comm_reply* repinfo, time_t timenow, struct sldns_buffer* buffer)
 {
 	int max;
 	struct lruhash_entry* entry;
@@ -1010,11 +1012,24 @@ int infra_ip_ratelimit_inc(struct infra_cache* infra,
 		lock_rw_unlock(&entry->lock);
 
 		if(premax < infra_ip_ratelimit && max >= infra_ip_ratelimit) {
-			char client_ip[128];
+			char client_ip[128], qnm[LDNS_MAX_DOMAINLEN+1+12+12];
 			addr_to_str((struct sockaddr_storage *)&repinfo->addr,
 				repinfo->addrlen, client_ip, sizeof(client_ip));
-			verbose(VERB_OPS, "ip_ratelimit exceeded %s %d",
+			qnm[0]=0;
-				client_ip, infra_ip_ratelimit);
+			if(sldns_buffer_limit(buffer)>LDNS_HEADER_SIZE &&
+				LDNS_QDCOUNT(sldns_buffer_begin(buffer))!=0) {
+				(void)sldns_wire2str_rrquestion_buf(
+					sldns_buffer_at(buffer, LDNS_HEADER_SIZE),
+					sldns_buffer_limit(buffer)-LDNS_HEADER_SIZE,
+					qnm, sizeof(qnm));
+				if(strlen(qnm)>0 && qnm[strlen(qnm)-1]=='\n')
+					qnm[strlen(qnm)-1] = 0; /*remove newline*/
+				verbose(VERB_OPS, "ip_ratelimit exceeded %s %d %s",
+					client_ip, infra_ip_ratelimit, qnm);
+			} else {
+				verbose(VERB_OPS, "ip_ratelimit exceeded %s %d (no query name)",
+					client_ip, infra_ip_ratelimit);
+			}
 		}
 		return (max <= infra_ip_ratelimit);
 	}

services/cache/infra.h

@@ -410,10 +410,12 @@ int infra_find_ratelimit(struct infra_cache* infra, uint8_t* name,
  *  @param infra: infra cache
  *  @param repinfo: information about client
  *  @param timenow: what time it is now.
+ *  @param buffer: with query for logging.
  *  @return 1 if it could be incremented. 0 if the increment overshot the
  *  ratelimit and the query should be dropped. */
 int infra_ip_ratelimit_inc(struct infra_cache* infra,
-	struct comm_reply* repinfo, time_t timenow);
+	struct comm_reply* repinfo, time_t timenow,
+	struct sldns_buffer* buffer);
 
 /**
  * Get memory used by the infra cache.