1 The DNSQuestion (``dq``) object
2 ===============================
3 Apart from the :func:`ipfilter`-function, all functions work on a ``dq`` (DNSQuestion) object.
4 This object contains details about the current state of the question.
5 This state can be modified from the various hooks.
7 The DNSQuestion object contains at least the following fields:
11 An object that contains everything about the current query.
12 This object has the following attributes:
14 .. attribute:: DNSQuestion.qname
16 :class:`DNSName` of the name this query is for.
18 .. attribute:: DNSQuestion.qtype
20 Type this query is for as an integer, can be compared against ``pdns.A``, ``pdns.AAAA``.
22 .. attribute:: DNSQuestion.rcode
24 current DNS Result Code, which can be overridden, including to several magical values
25 The rcode can be set to pdns.DROP to drop the query.
26 Other statuses are normal DNS return codes, like ``pdns.NOERROR``, ``pdns.NXDOMAIN`` etc.
28 .. attribute:: DNSQuestion.isTcp
30 Whether the query was received over TCP.
32 .. attribute:: DNSQuestion.remoteaddr
34 :class:`ComboAddress` of the requestor.
36 .. attribute:: DNSQuestion.localaddr
38 :class:`ComboAddress` where this query was received on.
40 .. attribute:: DNSQuestion.variable
42 Boolean which, if set, indicates the recursor should not packet cache this answer.
43 Honored even when returning false from a hook!
44 Important when providing answers that vary over time or based on sender details.
46 .. attribute:: DNSQuestion.followupFunction
48 String that signals the nameserver to take one an additional action:
50 - followCNAMERecords: When adding a CNAME to the answer, this tells the recursor to follow that CNAME. See :ref:`CNAME Chain Resolution <cnamechainresolution>`
51 - getFakeAAAARecords: Get a fake AAAA record, see :doc:`DNS64 <../dns64>`
52 - getFakePTRRecords: Get a fake PTR record, see :doc:`DNS64 <../dns64>`
53 - udpQueryResponse: Do a UDP query and call a handler, see :ref:`UDP Query Response <udpqueryresponse>`
55 .. attribute:: DNSQuestion.appliedPolicy
57 The decision that was made by the policy engine, see :ref:`modifyingpolicydecisions`.
59 .. attribute:: DNSQuestion.appliedPolicy.policyName
61 A string with the name of the policy.
62 Set by :ref:`policyName <rpz-policyName>` in the :func:`rpzFile` and :func:`rpzMaster` configuration items.
63 It is advised to overwrite this when modifying the :attr:`DNSQuestion.appliedPolicy.policyKind`
65 .. attribute:: DNSQuestion.appliedPolicy.policyAction
67 The action taken by the engine
69 .. attribute:: DNSQuestion.appliedPolicy.policyCustom
71 The CNAME content for the ``pdns.policyactions.Custom`` response, a string
73 .. attribute:: DNSQuestion.appliedPolicy.policyKind
75 The kind of policy response, there are several policy kinds:
77 - ``pdns.policykinds.Custom`` will return a NoError, CNAME answer with the value specified in :attr:`DNSQuestion.appliedPolicy.policyCustom`
78 - ``pdns.policykinds.Drop`` will simply cause the query to be dropped
79 - ``pdns.policykinds.NoAction`` will continue normal processing of the query
80 - ``pdns.policykinds.NODATA`` will return a NoError response with no value in the answer section
81 - ``pdns.policykinds.NXDOMAIN`` will return a response with a NXDomain rcode
82 - ``pdns.policykinds.Truncate`` will return a NoError, no answer, truncated response over UDP. Normal processing will continue over TCP
84 .. attribute:: DNSQuestion.appliedPolicy.policyTTL
86 The TTL in seconds for the ``pdns.policyactions.Custom`` response
88 .. attribute:: DNSQuestion.wantsRPZ
90 A boolean that indicates the use of the Policy Engine.
91 Can be set to ``false`` in ``prerpz`` to disable RPZ for this query.
93 .. attribute:: DNSQuestion.data
95 A Lua object reference that is persistent throughout the lifetime of the :class:`DNSQuestion` object for a single query.
96 It can be used to store custom data.
97 Most scripts initialise this to an empty table early on so they can store multiple items.
99 .. attribute:: DNSQuestion.requestorId
101 .. versionadded:: 4.1.0
103 A string that will be used to set the ``requestorId`` field in :doc:`protobuf <../lua-config/protobuf>` messages.
105 .. attribute:: DNSQuestion.deviceId
107 .. versionadded:: 4.1.0
109 A string that will be used to set the ``deviceId`` field in :doc:`protobuf <../lua-config/protobuf>` messages.
111 .. attribute:: DNSQuestion.deviceName
113 .. versionadded:: 4.3.0
115 A string that will be used to set the ``deviceName`` field in :doc:`protobuf <../lua-config/protobuf>` messages.
117 .. attribute:: DNSQuestion.udpAnswer
119 Answer to the :attr:`udpQuery <DNSQuestion.udpQuery>` when when using the ``udpQueryResponse`` :attr:`followupFunction <DNSQuestion.followupFunction>`.
120 Only filled when the call-back function is invoked.
122 .. attribute:: DNSQuestion.udpQueryDest
124 Destination IP address to send the UDP packet to when using the ``udpQueryResponse`` :attr:`followupFunction <DNSQuestion.followupFunction>`
126 .. attribute:: DNSQuestion.udpQuery
128 The content of the UDP payload when using the ``udpQueryResponse`` :attr:`followupFunction <DNSQuestion.followupFunction>`
130 .. attribute:: DNSQuestion.udpCallback
132 The name of the callback function that is called when using the ``udpQueryResponse`` :attr:`followupFunction <DNSQuestion.followupFunction>` when an answer is received.
134 .. attribute:: DNSQuestion.validationState
136 .. versionadded:: 4.1.0
138 The result of the DNSSEC validation, accessible from the ``postresolve``, ``nxdomain`` and ``nodata`` hooks.
139 Possible states are ``pdns.validationstates.Indeterminate``, ``pdns.validationstates.Bogus``, ``pdns.validationstates.Insecure`` and ``pdns.validationstates.Secure``.
140 The result will always be ``pdns.validationstates.Indeterminate`` is validation is disabled or was not requested.
142 .. attribute:: DNSQuestion.logResponse
144 .. versionadded:: 4.2.0
146 Whether the response to this query will be exported to a remote protobuf logger, if one has been configured.
148 It also supports the following methods:
150 .. method:: DNSQuestion:addAnswer(type, content, [ttl, name])
152 Add an answer to the record of ``type`` with ``content``.
154 :param int type: The type of record to add, can be ``pdns.AAAA`` etc.
155 :param str content: The content of the record, will be parsed into wireformat based on the ``type``
156 :param int ttl: The TTL in seconds for this record, defaults to 3600
157 :param DNSName name: The name of this record, defaults to :attr:`DNSQuestion.qname`
159 .. method:: DNSQuestion:addRecord(type, content, place, [ttl, name])
161 Add a record of ``type`` with ``content`` in section ``place``.
163 :param int type: The type of record to add, can be ``pdns.AAAA`` etc.
164 :param str content: The content of the record, will be parsed into wireformat based on the ``type``
165 :param int place: The section to place the record, see :attr:`DNSRecord.place`
166 :param int ttl: The TTL in seconds for this record, defaults to 3600
167 :param DNSName name: The name of this record, defaults to :attr:`DNSQuestion.qname`
169 .. method:: DNSQuestion:addPolicyTag(tag)
171 Add policyTag ``tag`` to the list of policyTags.
173 :param str tag: The tag to add
175 .. method:: DNSQuestion:getPolicyTags() -> {str}
177 Get the current policy tags as a table of strings.
179 .. method:: DNSQuestion:setPolicyTags(tags)
181 Set the policy tags to ``tags``, overwriting any existing policy tags.
183 :param {str} tags: The policy tags
185 .. method:: DNSQuestion:discardPolicy(policyname)
187 Skip the filtering policy (for example RPZ) named ``policyname`` for this query.
188 This is mostly useful in the ``prerpz`` hook.
190 :param str policyname: The name of the policy to ignore.
192 .. method:: DNSQuestion:getDH() -> DNSHeader
194 Returns the :class:`DNSHeader` of the query or nil.
196 .. method:: DNSQuestion:getRecords() -> {DNSRecord}
198 Get a table of DNS Records in this DNS Question (or answer by now).
200 .. method:: DNSQuestion:setRecords(records)
202 After your edits, update the answers of this question
204 :param {DNSRecord} records: The records to put in the packet
206 .. method:: DNSQuestion:getEDNSFlag(name) -> bool
208 Returns true if the EDNS flag with ``name`` is set in the query.
210 :param string name: Name of the flag.
212 .. method:: DNSQuestion:getEDNSFlags() -> {str}
214 Returns a list of strings with all the EDNS flag mnemonics in the query.
216 .. method:: DNSQuestion:getEDNSOption(num) -> str
218 Get the EDNS Option with number ``num`` as a bytestring.
220 .. method:: DNSQuestion:getEDNSOptions() -> {str: str}
222 Get a map of all EDNS Options
224 .. method:: DNSQuestion:getEDNSSubnet() -> Netmask
226 Returns the :class:`Netmask` specified in the EDNSSubnet option, or empty if there was none.
231 The DNS header as returned by :meth:`DNSQuestion:getDH()` represents a header of a DNS message.
235 represents a header of a DNS message.
237 .. method:: DNSHeader:getRD() -> bool
239 The value of the Recursion Desired bit.
241 .. method:: DNSHeader:getAA() -> bool
243 The value of the Authoritative Answer bit.
245 .. method:: DNSHeader:getAD() -> bool
247 The value of the Authenticated Data bit.
249 .. method:: DNSHeader:getCD() -> bool
251 The value of the Checking Disabled bit.
253 .. method:: DNSHeader:getTC() -> bool
255 The value of the Truncation bit.
257 .. method:: DNSHeader:getRCODE() -> int
259 The Response Code of the query
261 .. method:: DNSHeader:getOPCODE() -> int
263 The Operation Code of the query
265 .. method:: DNSHeader:getID() -> int
269 The EDNSOptionView Class
270 ========================
272 .. class:: EDNSOptionView
274 An object that represents the values of a single EDNS option
276 .. method:: EDNSOptionView:count()
277 .. versionadded:: 4.2.0
279 The number of values for this EDNS option.
281 .. method:: EDNSOptionView:getValues()
282 .. versionadded:: 4.2.0
284 Return a table of NULL-safe strings values for this EDNS option.
286 .. attribute:: EDNSOptionView.size
288 The size in bytes of the first value of this EDNS option.
290 .. method:: EDNSOptionView:getContent()
292 Returns a NULL-safe string object of the first value of this EDNS option.