]>
Commit | Line | Data |
---|---|---|
20d81666 PL |
1 | .. highlight:: lua |
2 | ||
3 | Configuration Reference | |
4 | ======================= | |
5 | ||
6 | This page lists all configuration options for dnsdist. | |
7 | ||
8 | .. note:: | |
9 | ||
10 | When an IPv6 IP:PORT combination is needed, the bracketed syntax from :rfc:`RFC 3986 <3986#section-3.2.2>` should be used. | |
11 | e.g. "[2001:DB8:14::C0FF:FEE]:5300". | |
12 | ||
13 | Functions and Types | |
14 | ------------------- | |
15 | ||
16 | Within dnsdist several core object types exist: | |
17 | ||
18 | * :class:`Server`: generated with :func:`newServer`, represents a downstream server | |
19 | * :class:`ComboAddress`: represents an IP address and port | |
20 | * :class:`DNSName`: represents a domain name | |
21 | * :class:`NetmaskGroup`: represents a group of netmasks | |
22 | * :class:`QPSLimiter`: implements a QPS-based filter | |
23 | * :class:`SuffixMatchNode`: represents a group of domain suffixes for rapid testing of membership | |
24 | * :class:`DNSHeader`: represents the header of a DNS packet | |
25 | ||
26 | The existence of most of these objects can mostly be ignored, unless you plan to write your own hooks and policies, but it helps to understand an expressions like: | |
27 | ||
28 | .. code-block:: lua | |
29 | ||
30 | getServer(0).order=12 -- set order of server 0 to 12 | |
31 | getServer(0):addPool("abuse") -- add this server to the abuse pool | |
32 | ||
33 | The ``.`` means ``order`` is a data member, while the ``:`` means ``addPool`` is a member function. | |
34 | ||
35 | Global configuration | |
36 | -------------------- | |
37 | ||
38 | .. function:: includeDirectory(path) | |
39 | ||
40 | Include configuration files from ``path``. | |
41 | ||
42 | :param str path: The directory to load the configuration from | |
43 | ||
44 | Listen Sockets | |
45 | ~~~~~~~~~~~~~~ | |
46 | ||
47 | .. function:: addLocal(address[, options]) | |
48 | ||
49 | .. versionadded:: 1.2.0 | |
50 | ||
51 | Add to the list of listen addresses. | |
52 | ||
53 | :param str address: The IP Address with an optional port to listen on. | |
54 | The default port is 53. | |
55 | :param table options: A table with key: value pairs with listen options. | |
56 | ||
57 | Options: | |
58 | ||
59 | * ``doTCP=true``: bool - Also bind on TCP on ``address``. | |
60 | * ``reusePort=false``: bool - Set the ``SO_REUSEPORT`` socket option. | |
61 | * ``tcpFastOpenSize=0``: int - Set the TCP Fast Open queue size, enabling TCP Fast Open when available and the value is larger than 0 | |
62 | * ``interface=""``: str - Sets the network interface to use | |
63 | ||
64 | .. code-block:: lua | |
65 | ||
66 | addLocal('0.0.0.0:5300', { doTCP=true, reusePort=true }) | |
67 | ||
68 | This will bind to both UDP and TCP on port 5300 with SO_REUSEPORT enabled. | |
69 | ||
70 | .. function:: addLocal(address[[[,do_tcp], so_reuseport], tcp_fast_open_qsize]) | |
71 | ||
72 | .. deprecated:: 1.2.0 | |
73 | ||
74 | Add to the list of addresses listened on. | |
75 | ||
76 | :param str address: The IP Address with an optional port to listen on. | |
77 | The default port is 53. | |
78 | :param bool do_tcp: Also bind a TCP port on ``address``, defaults to true. | |
79 | :param bool so_reuseport: Use ``SO_REUSEPORT`` if it is available, defaults to false | |
80 | :param int tcp_fast_open_qsize: Set to a number higher than 0 to enable TCP Fast Open | |
81 | when available. Default is 0. | |
82 | ||
83 | .. function:: setLocal(address[, options]) | |
84 | ||
85 | .. versionadded:: 1.2.0 | |
86 | ||
87 | Remove the list of listen addresses and add a new one. | |
88 | ||
89 | :param str address: The IP Address with an optional port to listen on. | |
90 | The default port is 53. | |
91 | :param table options: A table with key: value pairs with listen options. | |
92 | ||
93 | The options that can be set are the same as :func:`addLocal`. | |
94 | ||
95 | .. function:: setLocal(address[[[,do_tcp], so_reuseport], tcp_fast_open_qsize]) | |
96 | ||
97 | .. deprecated:: 1.2.0 | |
98 | ||
99 | Remove the list of listen addresses and add a new one. | |
100 | ||
101 | :param str address: The IP Address with an optional port to listen on. | |
102 | The default port is 53. | |
103 | :param bool do_tcp: Also bind a TCP port on ``address``, defaults to true. | |
104 | :param bool so_reuseport: Use ``SO_REUSEPORT`` if it is available, defaults to false | |
105 | :param int tcp_fast_open_qsize: Set to a number higher than 0 to enable TCP Fast Open | |
106 | when available. Default is 0. | |
107 | ||
108 | Control Socket, Console and Webserver | |
109 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
110 | ||
111 | .. function:: controlSocket(address) | |
112 | ||
113 | Bind to ``addr`` and listen for a connection for the console | |
114 | ||
115 | :param str address: An IP address with optional port. By default, the port is 5199. | |
116 | ||
117 | .. function:: makeKey() | |
118 | ||
119 | Generate and print an encryption key. | |
120 | ||
121 | .. function:: setKey(key) | |
122 | ||
123 | Use ``key`` as shared secret between the client and the server | |
124 | ||
125 | :param str key: An encoded key, as generated by :func:`makeKey` | |
126 | ||
127 | .. function:: testCrypto() | |
128 | ||
129 | Test the crypto code, will report errors when something is not ok. | |
130 | ||
131 | Webserver | |
132 | ~~~~~~~~~ | |
133 | ||
134 | .. function:: webServer(listen_address, password[, apikey[, custom_headers]]) | |
135 | ||
136 | Launch the :doc:`../guides/webserver` with statistics and the API. | |
137 | ||
138 | :param str listen_address: The IP address and Port to listen on | |
139 | :param str password: The password required to access the webserver | |
140 | :param str apikey: The key required to access the API | |
141 | :param {[str]=str,...} custom_headers: Allows setting custom headers and removing the defaults | |
142 | ||
143 | .. function:: setAPIWritable(allow [,dir]) | |
144 | ||
145 | Allow modifications via the API. | |
146 | Optionally saving these changes to disk. | |
147 | Modifications done via the API will not be written to the configuration by default and will not persist after a reload | |
148 | ||
149 | :param bool allow: Set to true to allow modification through the API | |
150 | :param str dir: A valid directory where the configuration files will be written by the API. | |
151 | ||
152 | Access Control Lists | |
153 | ~~~~~~~~~~~~~~~~~~~~ | |
154 | ||
155 | .. function:: addACL(netmask) | |
156 | ||
157 | Add a netmask to the existing ACL | |
158 | ||
159 | :param str netmask: A CIDR netmask, e.g. ``"192.0.2.0/24"``. Without a subnetmask, only the specific address is allowed. | |
160 | ||
161 | .. function:: setACL(netmasks) | |
162 | ||
163 | Remove the existing ACL and add the netmasks from the table. | |
164 | ||
165 | :param {str} netmasks: A table of CIDR netmask, e.g. ``{"192.0.2.0/24", "2001:DB8:14::/56"}``. Without a subnetmask, only the specific address is allowed. | |
166 | ||
167 | EDNS Client Subnet | |
168 | ~~~~~~~~~~~~~~~~~~ | |
169 | ||
170 | .. function:: setECSSourcePrefixV4(prefix) | |
171 | ||
172 | When ``useClientSubnet`` in :func:`newServer` is set and dnsdist adds an EDNS Client Subnet Client option to the query, truncate the requestors IPv4 address to ``prefix`` bits | |
173 | ||
174 | :param int prefix: The prefix length | |
175 | ||
176 | .. function:: setECSSourcePrefixV6(prefix) | |
177 | ||
178 | When ``useClientSubnet`` in :func:`newServer` is set and dnsdist adds an EDNS Client Subnet Client option to the query, truncate the requestor's IPv6 address to bits | |
179 | ||
180 | :param int prefix: The prefix length | |
181 | ||
182 | Ringbuffers | |
183 | ~~~~~~~~~~~ | |
184 | ||
185 | .. function:: setRingBuffersSize(num) | |
186 | ||
187 | Set the capacity of the ringbuffers used for live traffic inspection to ``num`` | |
188 | ||
189 | :param int num: The maximum amount of queries to keep in the ringbuffer. Defaults to 10000 | |
190 | ||
191 | Servers | |
192 | ------- | |
193 | ||
194 | .. function:: newServer(server_string) | |
195 | newServer(server_table) | |
196 | ||
197 | Add a new backend server. Call this function with either a string:: | |
198 | ||
199 | newServer( | |
200 | "IP:PORT" -- IP and PORT of the backend server | |
201 | ) | |
202 | ||
203 | or a table:: | |
204 | ||
205 | newServer({ | |
206 | address="IP:PORT", -- IP and PORT of the backend server (mandatory) | |
207 | qps=NUM, -- Limit the number of queries per second to NUM | |
208 | order=NUM, -- The order of this server | |
209 | weight=NUM, -- The weight of this server | |
210 | pool=STRING, -- The pool this server belongs to (unset or empty string means default pool) | |
211 | retries=NUM, -- | |
212 | tcpConnectTimeout=NUM, -- | |
213 | tcpSendTimeout=NUM, -- | |
214 | tcpRecvTimeout=NUM, -- | |
215 | checkName=STRING, -- Use STRING as QNAME in the health-check query, default: "a.root-servers.net." | |
216 | checkType=STRING, -- Use STRING as QTYPE in the health-check query, default: "A" | |
217 | setCD=BOOL, -- Set the CD (Checking Disabled) flag in the health-check query, default: false | |
218 | maxCheckFailures=NUM, -- Allow NUM check failures before declaring the backend down, default: false | |
219 | mustResolve=BOOL, -- Set to true when the health check MUST return a NOERROR RCODE and an answer | |
220 | useClientSubnet=BOOL, -- Add the client's IP address in the EDNS Client Subnet option when forwarding the query to this backend | |
221 | source=STRING -- The source address or interface to use for queries to this backend, by default this is left to the kernel's address selection | |
222 | -- The following formats are supported: | |
223 | -- "address", e.g. "192.0.2.2" | |
224 | -- "interface name", e.g. "eth0" | |
225 | -- "address@interface", e.g. "192.0.2.2@eth0" | |
226 | }) | |
227 | ||
228 | :param str server_string: A simple IP:PORT string. | |
229 | :param table server_table: A table with at least a 'name' key | |
230 | ||
231 | .. function:: getServer(index) -> Server | |
232 | ||
233 | Get a :class:`Server` | |
234 | ||
235 | :param int index: The number of the server (as seen in :func:`showServers`). | |
236 | :returns: The :class:`Server` object or nil | |
237 | ||
238 | .. function:: getServers() | |
239 | ||
240 | Returns a table with all defined servers. | |
241 | ||
242 | .. function:: rmServer(index) | |
243 | rmServer(server) | |
244 | ||
245 | Remove a backend server. | |
246 | ||
247 | :param int index: The number of the server (as seen in :func:`showServers`). | |
248 | :param Server server: A :class:`Server` object as returned by e.g. :func:`getServer`. | |
249 | ||
250 | Server Functions | |
251 | ~~~~~~~~~~~~~~~~ | |
252 | A server object returned by :func:`getServer` can be manipulated with these functions. | |
253 | ||
254 | .. class:: Server | |
255 | ||
256 | This object represents a backend server. It has several methods. | |
257 | ||
258 | .. classmethod:: Server:addPool(pool) | |
259 | ||
260 | Add this server to a pool. | |
261 | ||
262 | :param str pool: The pool to add the server to | |
263 | ||
264 | .. classmethod:: Server:getName() -> string | |
265 | ||
266 | Get the name of this server. | |
267 | ||
268 | :returns: The name of the server, or an empty string if it does not have one | |
269 | ||
270 | .. classmethod:: Server:getNameWithAddr() -> string | |
271 | ||
272 | Get the name plus IP address and port of the server | |
273 | ||
274 | :returns: A string containing the server name if any plus the server address and port | |
275 | ||
276 | .. classmethod:: Server:getOutstanding() -> int | |
277 | ||
278 | Get the number of outstanding queries for this server. | |
279 | ||
280 | :returns: The number of outstanding queries | |
281 | ||
282 | .. classmethod:: Server:isUp() -> bool | |
283 | ||
284 | Returns the up status of the server | |
285 | ||
286 | :returns: true when the server is up, false otherwise | |
287 | ||
288 | .. classmethod:: Server:rmPool(pool) | |
289 | ||
290 | Removes the server from the named pool | |
291 | ||
292 | :param str pool: The pool to remove the server from | |
293 | ||
294 | .. classmethod:: Server:setAuto() | |
295 | ||
296 | Set the server in the default auto state. | |
297 | This will enable health check queries that will set the server ``up`` and ``down`` appropriatly. | |
298 | ||
299 | .. classmethod:: Server:setQPS(limit) | |
300 | ||
301 | Limit the queries per second for this server. | |
302 | ||
303 | :param int limit: The maximum number of queries per second | |
304 | ||
305 | .. classmethod:: Server:setDown() | |
306 | ||
307 | Set the server in an ``DOWN`` state. | |
308 | The server will not receive queries and the health checks are disabled | |
309 | ||
310 | .. classmethod:: Server:setUp() | |
311 | ||
312 | Set the server in an ``UP`` state. | |
313 | This server will still receive queries and health checks are disabled | |
314 | ||
315 | Attributes | |
316 | ~~~~~~~~~~ | |
317 | ||
318 | .. attribute:: Server.name | |
319 | ||
320 | The name of the server | |
321 | ||
322 | .. attribute:: Server.upStatus | |
323 | ||
324 | Whether or not this server is up or down | |
325 | ||
326 | .. attribute:: Server.order | |
327 | ||
328 | The order of the server | |
329 | ||
330 | .. attribute:: Server.weight | |
331 | ||
332 | The weight of the server | |
333 | ||
334 | Pools | |
335 | ----- | |
336 | ||
337 | :class:`Server`\ s can be part of any number of pools. | |
338 | Pools are automatically created when a server is added to a pool (with :func:`newServer`). | |
339 | ||
340 | .. function:: getPool(name) -> ServerPool | |
341 | ||
342 | Returns a :class:`ServerPool` or nil. | |
343 | ||
344 | :param string name: The name of the pool | |
345 | ||
346 | .. function:: getPoolServers(name) -> [ Server ] | |
347 | ||
348 | Returns a list of :class:`Server`\ s or nil. | |
349 | ||
350 | :param string name: The name of the pool | |
351 | ||
352 | .. class:: ServerPool | |
353 | ||
354 | This represents the pool where zero or more servers are part of. | |
355 | ||
356 | .. classmethod:: ServerPool:getCache() -> PacketCache | |
357 | ||
358 | Returns the :class:`PacketCache` for this pool or nil. | |
359 | ||
360 | .. classmethod:: ServerPool:setCache(cache) | |
361 | ||
362 | Adds ``cache`` as the pool's cache. | |
363 | ||
364 | :param PacketCache cache: The new cache to add to the pool | |
365 | ||
366 | .. classmethod:: ServerPool:unsetCache() | |
367 | ||
368 | Removes the cache from this pool. | |
369 | ||
370 | PacketCache | |
371 | ~~~~~~~~~~~ | |
372 | ||
373 | A Pool can have a packet cache to answer queries directly in stead of going to the backend. | |
374 | See :doc:`../guides/cache` for a how to. | |
375 | ||
376 | .. function:: newPacketCache(maxEntries[, maxTTL=86400[, minTTL=0[, temporaryFailureTTL=60[, staleTTL=60[, dontAge=false]]]]]) -> PacketCache | |
377 | ||
378 | Creates a new :class:`PacketCache` with the settings specified. | |
379 | ||
380 | :param int maxEntries: The maximum number of entries in this cache | |
381 | :param int maxTTL: Cap the TTL for records to his number | |
382 | :param int minTTL: Don't cache entries with a TTL lower than this | |
383 | :param int temporaryFailureTTL: On a SERVFAIL or REFUSED from the backend, cache for this amount of seconds | |
384 | :param int staleTTL: When the backend servers are not reachable, send responses if the cache entry is expired at most this amount of seconds | |
385 | :param bool dontAge: Don't reduce TTLs when serving from the cache. use this when :program:`dnsdist` fronts a cluster of authoritative servers | |
386 | ||
387 | .. class:: PacketCache | |
388 | ||
389 | Represents a cache that can be part of :class:`ServerPool`. | |
390 | ||
391 | .. classmethod:: PacketCache:expunge(n) | |
392 | ||
393 | Remove entries from the cache, leaving at most ``n`` entries | |
394 | ||
395 | :param int n: Number of entries to keep | |
396 | ||
397 | .. classmethod:: PacketCache:expungeByName(name [, qtype=dnsdist.ANY[, suffixMatch=false]]) | |
398 | ||
399 | .. versionchanged:: 1.2.0 | |
400 | ``suffixMatch`` parameter added. | |
401 | ||
402 | Remove entries matching ``name`` and type from the cache. | |
403 | ||
404 | :param DNSName name: The name to expunge | |
405 | :param int qtype: The type to expunge | |
406 | :param bool suffixMatch: When set to true, remove al entries under ``name`` | |
407 | ||
408 | .. classmethod:: PacketCache:isFull() -> bool | |
409 | ||
410 | Return true if the cache has reached the maximum number of entries. | |
411 | ||
412 | .. classmethod:: PacketCache:printStats() | |
413 | ||
414 | Print the cache stats (hits, misses, deferred lookups and deferred inserts). | |
415 | ||
416 | .. classmethod:: PacketCache:purgeExpired(n) | |
417 | ||
418 | Remove expired entries from the cache until there is at most ``n`` entries remaining in the cache. | |
419 | ||
420 | :param int n: Number of entries to keep | |
421 | ||
422 | .. classmethod:: PacketCache:toString() -> string | |
423 | ||
424 | Return the number of entries in the Packet Cache, and the maximum number of entries | |
425 | ||
426 | Status, Statistics and More | |
427 | --------------------------- | |
428 | ||
429 | .. function:: dumpStats() | |
430 | ||
431 | Print all statistics dnsdist gathers | |
432 | ||
433 | .. function:: grepq(selector[, num]) | |
434 | grepq(selectors[, num]) | |
435 | ||
436 | Prints the last ``num`` queries matching ``selector`` or ``selectors``. | |
437 | ||
438 | The selector can be: | |
439 | ||
440 | * a netmask (e.g. '192.0.2.0/24') | |
441 | * a DNS name (e.g. 'dnsdist.org') | |
442 | * a response time (e.g. '100ms') | |
443 | ||
444 | :param str selector: Select queries based on this property. | |
445 | :param {str} selectors: A lua table of selectors. Only queries matching all selectors are shown | |
446 | :param int num: Show a maximum of ``num`` recent queries, default is 10. | |
447 | ||
448 | .. function:: showACL() | |
449 | ||
450 | Print a list of all allowed netmasks. | |
451 | ||
452 | .. function:: showResponseLatency() | |
453 | ||
454 | show a plot of the response time latency distribution | |
455 | ||
456 | .. function:: showServers() | |
457 | ||
458 | This function shows all backend servers currently configured and some statistics. | |
459 | These statics have the following fields: | |
460 | ||
461 | * ``#`` - The number of the server, can be used as the argument for :func:`getServer` | |
462 | * ``Address`` - The IP address and port of the server | |
463 | * ``State`` - The current state of the server | |
464 | * ``Qps`` - Current number of queries per second | |
465 | * ``Qlim`` - Configured maximum number of queries per second | |
466 | * ``Ord`` - The order number of the server | |
467 | * ``Wt`` - The weight of the server | |
468 | * ``Queries`` - Total amount of queries sent to this server | |
469 | * ``Drops`` - Number of queries that were dropped by this server | |
470 | * ``Drate`` - Number of queries dropped per second by this server | |
471 | * ``Lat`` - The latency of this server in milliseconds | |
472 | * ``Pools`` - The pools this server belongs to | |
473 | ||
474 | .. function:: showTCPStats() | |
475 | ||
476 | show some statistics regarding TCP | |
477 | ||
478 | .. function:: showVersion() | |
479 | ||
480 | Print the version of dnsdist | |
481 | ||
482 | .. function:: topBandwidth([num]) | |
483 | ||
484 | Print the top ``num`` clients that consume the most bandwidth. | |
485 | ||
486 | :param int num: Number to show, defaults to 10. | |
487 | ||
488 | .. function:: topClients([num]) | |
489 | ||
490 | Print the top ``num`` clients sending the most queries over length of ringbuffer | |
491 | ||
492 | :param int num: Number to show, defaults to 10. | |
493 | ||
494 | .. function:: topQueries([num[, labels]]) | |
495 | ||
496 | Print the ``num`` most popular QNAMEs from queries. | |
497 | Optionally grouped by the rightmost ``labels`` DNS labels. | |
498 | ||
499 | :param int num: Number to show, defaults to 10 | |
500 | :param int label: Number of labels to cut down to | |
501 | ||
502 | .. function:: topResponses([num[, rcode[, labels]]]) | |
503 | ||
504 | Print the ``num`` most seen responses with an RCODE or ``rcode``. | |
505 | Optionally grouped by the rightmost ``labels`` DNS labels. | |
506 | ||
507 | :param int num: Number to show, defaults to 10 | |
508 | :param int rcode: Response code (e.g. 0=NO Error, 2=ServFail, 3=ServFail), defaults to 0 | |
509 | :param int label: Number of labels to cut down to | |
510 | ||
511 | .. function:: topSlow([num[, limit[, labels]]]) | |
512 | ||
513 | Print the ``num`` slowest queries that are slower than ``limit`` milliseconds. | |
514 | Optionally grouped by the rightmost ``labels`` DNS labels. | |
515 | ||
516 | :param int num: Number to show, defaults to 10 | |
af4b7afb | 517 | :param int limit: Show queries slower than this amount of milliseconds, defaults to 2000 |
20d81666 PL |
518 | :param int label: Number of labels to cut down to |
519 | ||
520 | .. _dynblocksref: | |
521 | ||
522 | Dynamic Blocks | |
523 | -------------- | |
524 | ||
525 | .. function:: addDynBlocks(addresses, message[, seconds=10[, action]]) | |
526 | ||
527 | .. versionchanged:: 1.2.0 | |
528 | ``action`` parameter added. | |
529 | ||
530 | Block a set of addresses with ``message`` for (optionally) a number of seconds. | |
531 | The default number of seconds to block for is 10. | |
532 | ||
533 | :param addresses: set of Addresses as returned by an exceed function | |
534 | :param string message: The message to show next to the blocks | |
535 | :param int seconds: The number of seconds this block to expire | |
536 | :param int action: The action to take when the dynamic block matches, see :ref:`here <DNSAction>`. (default to the one set with :func:`setDynBlocksAction`) | |
537 | ||
538 | .. function:: clearDynBlocks() | |
539 | ||
540 | Remove all current dynamic blocks. | |
541 | ||
542 | .. function:: showDynBlocks() | |
543 | ||
544 | List all dynamic blocks in effect. | |
545 | ||
546 | .. function:: setDynBlocksAction(action) | |
547 | ||
548 | Set which action is performed when a query is blocked. | |
549 | Only DNSAction.Drop (the default) and DNSAction.Refused are supported. | |
550 | ||
551 | .. function:: addBPFFilterDynBlocks(addresses, filter[, seconds]) | |
552 | ||
553 | Block the set of addresses using the supplied BPF Filter, for seconds seconds (10 by default) | |
554 | ||
555 | :param addresses: A set of addresses as returned by the exceed functions. | |
556 | :param filter: and EBPF filter | |
557 | :param int seconds: Number of seconds to block for | |
558 | ||
559 | .. _exceedfuncs: | |
560 | ||
561 | Getting addresses that exceeded parameters | |
562 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
563 | ||
564 | .. function:: exceedServFails(rate, seconds) | |
565 | ||
566 | Get set of addresses that exceed ``rate`` servfails/s over ``seconds`` seconds | |
567 | ||
568 | :param int rate: Number of Servfails per second to exceed | |
569 | :param int seconds: Number of seconds the rate has been exceeded | |
570 | ||
571 | .. function:: exceedNXDOMAINs(rate, seconds) | |
572 | ||
573 | get set of addresses that exceed ``rate`` NXDOMAIN/s over ``seconds`` seconds | |
574 | ||
575 | :param int rate: Number of NXDOMAIN per second to exceed | |
576 | :param int seconds: Number of seconds the rate has been exceeded | |
577 | ||
578 | .. function:: exceedRespByterate(rate, seconds) | |
579 | ||
580 | get set of addresses that exceeded ``rate`` bytes/s answers over ``seconds`` seconds | |
581 | ||
582 | :param int rate: Number of bytes per second to exceed | |
583 | :param int seconds: Number of seconds the rate has been exceeded | |
584 | ||
585 | .. function:: exceedQRate(rate, seconds) | |
586 | ||
587 | Get set of address that exceed ``rate`` queries/s over ``seconds`` seconds | |
588 | ||
589 | :param int rate: Number of queries per second to exceed | |
590 | :param int seconds: Number of seconds the rate has been exceeded | |
591 | ||
592 | .. function:: exceedQTypeRate(type, rate, seconds) | |
593 | ||
594 | Get set of address that exceed ``rate`` queries/s for queries of QType ``type`` over ``seconds`` seconds | |
595 | ||
596 | :param int type: QType | |
597 | :param int rate: Number of QType queries per second to exceed | |
598 | :param int seconds: Number of seconds the rate has been exceeded | |
599 | ||
600 | Other functions | |
601 | --------------- | |
602 | ||
603 | .. function:: maintenance() | |
604 | ||
605 | If this function exists, it is called every second to so regular tasks. | |
606 | This can be used for e.g. :doc:`Dynamic Blocks <../guides/dynblocks>`. |