modules/daf,renumber: fixed the modules and added tests
This fixes most of the rules in DAF that were broken in 2.0 and adds tests. It also allows policy filter to evaluate policies in the checkout layer, before the subrequest is sent to authoritative. This is used primarily for negotiating features between resolver and authoritatives, or disabling transports.
The policy filter can now match on:
- NS suffix - to apply policies on any zone on given nameservers
- Query type
- REFUSE - block query with an RCODE=REFUSED, fixes #337 (closed)
The DAF can now toggle features between resolver and authoritatives.
fixes #322 (closed)