[thirdparty/pdns.git] / pdns / recursordist / docs / lua-scripting / netmask.rst

.. _scripting-netmasks:

Netmasks and NetMaskGroups
==========================

There are two classes in the PowerDNS Recursor that can be used to match IP addresses against.

Netmask class
-------------
The :class:`Netmask` class represents an IP netmask.

.. code-block:: Lua

    mask = newNetmask("192.0.2.1/24")
    mask:isIPv4() -- true
    mask:match("192.0.2.8") -- true

.. function:: newNetmask(mask) -> Netmask

  Creates a new :class:`Netmask`.

  :param str mask: The mask to convert.

.. class:: Netmask

  Represents a netmask.

  .. method:: Netmask:empty() -> bool

      True if the netmask doesn't contain a valid address.

  .. method:: Netmask:getBits() -> int

      The number of bits in the address.

  .. method:: Netmask:getNetwork() -> ComboAddress

      Returns a :class:`ComboAddress` representing the network (no mask applied).

  .. method:: Netmask:getMaskedNetwork() -> ComboAddress

      Returns a :class:`ComboAddress` representing the network (truncating according to the mask).

  .. method:: Netmask:isIpv4() -> bool

     .. deprecated:: 4.3.0

        Use :func:`isIPv4`.

     True if the netmask is an IPv4 netmask.

  .. method:: Netmask:isIPv4() -> bool

     .. versionadded:: 4.3.0

     True if the netmask is an IPv4 netmask.

  .. method:: Netmask:isIpv6() -> bool

     .. deprecated:: 4.3.0

        Use :func:`isIPv6`.

     True if the netmask is an IPv6 netmask.

  .. method:: Netmask:isIPv6() -> bool

     .. versionadded:: 4.3.0

     True if the netmask is an IPv6 netmask.

  .. method:: Netmask:match(address) -> bool

      True if the address passed in address matches

      :param str address: IP Address to match against.

  .. method:: Netmask:toString() -> str

      Returns a human-friendly representation.

NetMaskGroup class
------------------

NetMaskGroups are more powerful than plain Netmasks.
They can be matched against netmasks objects:

.. code-block:: lua

  nmg = newNMG()
  nmg:addMask("127.0.0.0/8")
  nmg:addMasks({"213.244.168.0/24", "130.161.0.0/16"})
  nmg:addMasks(dofile("bad-ips.lua")) -- a lua script file that contains: return {"ip1","ip2"..}

  if nmg:match(dq.remoteaddr) then
    print("Intercepting query from ", dq.remoteaddr)
  end

Prefixing a mask with ``!`` excludes that mask from matching.

.. function:: newNMG([masks]) -> NetMaskGroup

  .. versionchanged:: 4.6.0
    Added the optional ``masks`` parameter.

  Returns a new :class:`NetMaskGroup`.
  If no masks are passed, the object is empty.

  :param {str} masks: The masks to add.

.. class:: NetMaskGroup

  IP addresses are passed to Lua in native format.

  .. method:: NetMaskGroup:addMask(mask)

      Adds ``mask`` to the NetMaskGroup.

      :param str mask: The mask to add.

  .. method:: NetMaskGroup:addMasks(masks)

      Adds ``masks`` to the NetMaskGroup.

      :param {str} mask: The masks to add.

  .. method:: NetMaskGroup:match(address) -> bool

      Returns true if ``address`` matches any of the masks in the group.

      :param ComboAddress address: The IP address to match the netmasks against.
Commit	Line	Data
223bb49e PL	1	.. _scripting-netmasks:
	2
	3	Netmasks and NetMaskGroups
	4	==========================
	5
	6	There are two classes in the PowerDNS Recursor that can be used to match IP addresses against.
	7
	8	Netmask class
	9	-------------
54c79a88	10	The :class:`Netmask` class represents an IP netmask.
223bb49e	11
54c79a88 PL	12	.. code-block:: Lua
	13
	14	mask = newNetmask("192.0.2.1/24")
	15	mask:isIPv4() -- true
	16	mask:match("192.0.2.8") -- true
	17
	18	.. function:: newNetmask(mask) -> Netmask
223bb49e	19
54c79a88	20	Creates a new :class:`Netmask`.
223bb49e	21
54c79a88 PL	22	:param str mask: The mask to convert.
	23
	24	.. class:: Netmask
223bb49e	25
54c79a88	26	Represents a netmask.
223bb49e	27
54c79a88	28	.. method:: Netmask:empty() -> bool
223bb49e	29
54c79a88	30	True if the netmask doesn't contain a valid address.
223bb49e	31
54c79a88	32	.. method:: Netmask:getBits() -> int
223bb49e	33
54c79a88	34	The number of bits in the address.
223bb49e	35
54c79a88	36	.. method:: Netmask:getNetwork() -> ComboAddress
223bb49e	37
54c79a88	38	Returns a :class:`ComboAddress` representing the network (no mask applied).
223bb49e	39
54c79a88	40	.. method:: Netmask:getMaskedNetwork() -> ComboAddress
223bb49e	41
54c79a88	42	Returns a :class:`ComboAddress` representing the network (truncating according to the mask).
223bb49e	43
54c79a88	44	.. method:: Netmask:isIpv4() -> bool
223bb49e	45
3a741809	46	.. deprecated:: 4.3.0
14075d06	47
3a741809 OM	48	Use :func:`isIPv4`.
	49
	50	True if the netmask is an IPv4 netmask.
14075d06 AT	51
	52	.. method:: Netmask:isIPv4() -> bool
	53
3a741809	54	.. versionadded:: 4.3.0
14075d06	55
3a741809	56	True if the netmask is an IPv4 netmask.
223bb49e	57
54c79a88	58	.. method:: Netmask:isIpv6() -> bool
223bb49e	59
3a741809 OM	60	.. deprecated:: 4.3.0
	61
	62	Use :func:`isIPv6`.
14075d06	63
3a741809	64	True if the netmask is an IPv6 netmask.
14075d06 AT	65
	66	.. method:: Netmask:isIPv6() -> bool
	67
3a741809	68	.. versionadded:: 4.3.0
14075d06	69
3a741809	70	True if the netmask is an IPv6 netmask.
223bb49e	71
54c79a88	72	.. method:: Netmask:match(address) -> bool
223bb49e	73
54c79a88	74	True if the address passed in address matches
223bb49e	75
54c79a88	76	:param str address: IP Address to match against.
223bb49e	77
54c79a88	78	.. method:: Netmask:toString() -> str
223bb49e	79
54c79a88	80	Returns a human-friendly representation.
223bb49e PL	81
	82	NetMaskGroup class
	83	------------------
	84
	85	NetMaskGroups are more powerful than plain Netmasks.
54c79a88	86	They can be matched against netmasks objects:
223bb49e	87
54c79a88 PL	88	.. code-block:: lua
	89
	90	nmg = newNMG()
	91	nmg:addMask("127.0.0.0/8")
	92	nmg:addMasks({"213.244.168.0/24", "130.161.0.0/16"})
49fee95f	93	nmg:addMasks(dofile("bad-ips.lua")) -- a lua script file that contains: return {"ip1","ip2"..}
223bb49e	94
54c79a88 PL	95	if nmg:match(dq.remoteaddr) then
	96	print("Intercepting query from ", dq.remoteaddr)
	97	end
223bb49e	98
54c79a88	99	Prefixing a mask with ``!`` excludes that mask from matching.
223bb49e	100
223bfcad	101	.. function:: newNMG([masks]) -> NetMaskGroup
d7a93297	102
223bfcad PD	103	.. versionchanged:: 4.6.0
223bfcad PD	104	Added the optional ``masks`` parameter.
223bb49e	105
223bfcad PD	106	Returns a new :class:`NetMaskGroup`.
	107	If no masks are passed, the object is empty.
	108
	109	:param {str} masks: The masks to add.
54c79a88 PL	110
54c79a88 PL	111	.. class:: NetMaskGroup
223bb49e	112
54c79a88	113	IP addresses are passed to Lua in native format.
223bb49e	114
54c79a88	115	.. method:: NetMaskGroup:addMask(mask)
223bb49e	116
54c79a88	117	Adds ``mask`` to the NetMaskGroup.
223bb49e	118
54c79a88	119	:param str mask: The mask to add.
223bb49e	120
54c79a88	121	.. method:: NetMaskGroup:addMasks(masks)
223bb49e	122
54c79a88	123	Adds ``masks`` to the NetMaskGroup.
223bb49e	124
54c79a88	125	:param {str} mask: The masks to add.
223bb49e	126
54c79a88	127	.. method:: NetMaskGroup:match(address) -> bool
223bb49e	128
54c79a88	129	Returns true if ``address`` matches any of the masks in the group.
223bb49e	130
ef2ea4bf	131	:param ComboAddress address: The IP address to match the netmasks against.