]>
git.ipfire.org Git - thirdparty/pdns.git/blob - pdns/dnsdist-dynbpf.cc
2 * This file is part of PowerDNS or dnsdist.
3 * Copyright -- PowerDNS.COM B.V. and its contributors
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * In addition, for the avoidance of any doubt, permission is granted to
10 * link this program with OpenSSL and to (re)distribute the binaries
11 * produced as the result of such linking.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 #include "dnsdist-dynbpf.hh"
26 bool DynBPFFilter::block(const ComboAddress
& addr
, const struct timespec
& until
)
28 bool inserted
= false;
29 std::unique_lock
<std::mutex
> lock(d_mutex
);
31 if (d_excludedSubnets
.match(addr
)) {
32 /* do not add a block for excluded subnets */
36 const container_t::iterator it
= d_entries
.find(addr
);
37 if (it
!= d_entries
.end()) {
38 if (it
->d_until
< until
) {
39 d_entries
.replace(it
, BlockEntry(addr
, until
));
44 d_entries
.insert(BlockEntry(addr
, until
));
50 void DynBPFFilter::purgeExpired(const struct timespec
& now
)
52 std::unique_lock
<std::mutex
> lock(d_mutex
);
54 typedef nth_index
<container_t
,1>::type ordered_until
;
55 ordered_until
& ou
= get
<1>(d_entries
);
57 for (ordered_until::iterator it
=ou
.begin(); it
!= ou
.end(); ) {
58 if (it
->d_until
< now
) {
59 ComboAddress addr
= it
->d_addr
;
69 std::vector
<std::tuple
<ComboAddress
, uint64_t, struct timespec
> > DynBPFFilter::getAddrStats()
71 std::vector
<std::tuple
<ComboAddress
, uint64_t, struct timespec
> > result
;
76 const auto& stats
= d_bpf
->getAddrStats();
77 for (const auto& stat
: stats
) {
78 const container_t::iterator it
= d_entries
.find(stat
.first
);
79 if (it
!= d_entries
.end()) {
80 result
.push_back(std::make_tuple(stat
.first
, stat
.second
, it
->d_until
));
86 #endif /* HAVE_EBPF */