:param int rcode: The RCODE to match on
.. function:: HTTPHeaderRule(name, regex)
+
.. versionadded:: 1.4.0
Matches DNS over HTTPS queries with a HTTP header ``name`` whose content matches the regular expression ``regex``.
:param str regex: A regular expression to match the content of the specified header
.. function:: HTTPPathRegexRule(regex)
+
.. versionadded:: 1.4.0
Matches DNS over HTTPS queries with a HTTP path matching the regular expression supplied in ``regex``. For example, if the query has been sent to the https://192.0.2.1:443/PowerDNS?dns=... URL, the path would be '/PowerDNS'.
:param str regex: The regex to match on
.. function:: HTTPPathRule(path)
+
.. versionadded:: 1.4.0
Matches DNS over HTTPS queries with a HTTP path of ``path``. For example, if the query has been sent to the https://192.0.2.1:443/PowerDNS?dns=... URL, the path would be '/PowerDNS'.
:param str path: The exact HTTP path to match on
.. function:: KeyValueStoreLookupRule(kvs, lookupKey)
+
.. versionadded:: 1.4.0
As of 1.4.0, this code is considered experimental.
:param KeyValueLookupKey lookupKey: The key to use for the lookup
.. function:: MaxQPSIPRule(qps[, v4Mask[, v6Mask[, burst[, expiration[, cleanupDelay[, scanFraction]]]]]])
+
.. versionchanged:: 1.3.1
Added the optional parameters ``expiration``, ``cleanupDelay`` and ``scanFraction``.
:param str regex: The regular expression to match the QNAME.
.. function:: SNIRule(name)
+
.. versionadded:: 1.4.0
Matches against the TLS Server Name Indication value sent by the client, if any. Only makes
:param int v6: The IPv6 netmask length
-.. function:: ERCodeAction(rcode)
+.. function:: ERCodeAction(rcode [, options])
.. versionadded:: 1.4.0
+ .. versionchanged:: 1.5.0
+ Added the optional parameter ``options``.
+
Reply immediately by turning the query into a response with the specified EDNS extended ``rcode``.
``rcode`` can be specified as an integer or as one of the built-in :ref:`DNSRCode`.
:param int rcode: The extended RCODE to respond with.
+ :param table options: A table with key: value pairs with options.
+
+ Options:
+
+ * ``aa``: bool - Set the AA bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ad``: bool - Set the AD bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ra``: bool - Set the RA bit to this value (true means the bit is set, false means it's cleared). Default is to copy the value of the RD bit from the incoming query.
+
+.. function:: HTTPStatusAction(status, body, contentType="" [, options])
-.. function:: HTTPStatusAction(status, body, contentType="")
.. versionadded:: 1.4.0
+ .. versionchanged:: 1.5.0
+ Added the optional parameter ``options``.
+
Return an HTTP response with a status code of ''status''. For HTTP redirects, ''body'' should be the redirect URL.
:param int status: The HTTP status code to return.
:param string body: The body of the HTTP response, or a URL if the status code is a redirect (3xx).
:param string contentType: The HTTP Content-Type header to return for a 200 response, ignored otherwise. Default is ''application/dns-message''.
+ :param table options: A table with key: value pairs with options.
+
+ Options:
+
+ * ``aa``: bool - Set the AA bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ad``: bool - Set the AD bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ra``: bool - Set the RA bit to this value (true means the bit is set, false means it's cleared). Default is to copy the value of the RD bit from the incoming query.
.. function:: KeyValueStoreLookupAction(kvs, lookupKey, destinationTag)
:param KeyValueLookupKey lookupKey: The key to use for the lookup
:param string destinationTag: The name of the tag to store the result into
-.. function:: LogAction([filename[, binary[, append[, buffered]]]])
+.. function:: LogAction([filename[, binary[, append[, buffered[, verboseOnly[, includeTimestamp]]]]]])
+
+ .. versionchanged:: 1.4.0
+ Added the optional parameters ``verboseOnly`` and ``includeTimestamp``, made ``filename`` optional.
+
+ Log a line for each query, to the specified ``file`` if any, to the console (require verbose) if the empty string is given as filename.
+
+ If an empty string is supplied in the file name, the logging is done to stdout, and only in verbose mode by default. This can be changed by setting ``verboseOnly`` to false.
+
+ When logging to a file, the ``binary`` optional parameter specifies whether we log in binary form (default) or in textual form. Before 1.4.0 the binary log format only included the qname and qtype. Since 1.4.0 it includes an optional timestamp, the query ID, qname, qtype, remote address and port.
- Log a line for each query, to the specified ``file`` if any, to the console (require verbose) otherwise.
- When logging to a file, the ``binary`` optional parameter specifies whether we log in binary form (default) or in textual form.
The ``append`` optional parameter specifies whether we open the file for appending or truncate each time (default).
The ``buffered`` optional parameter specifies whether writes to the file are buffered (default) or not.
+
Subsequent rules are processed after this action.
:param string filename: File to log to. Set to an empty string to log to the normal stdout log, this only works when ``-v`` is set on the command line.
:param bool binary: Do binary logging. Default true
:param bool append: Append to the log. Default false
- :param bool buffered: Use buffered I/O. default true
+ :param bool buffered: Use buffered I/O. Default true
+ :param bool verboseOnly: Whether to log only in verbose mode when logging to stdout. Default is true
+ :param bool includeTimestamp: Whether to include a timestamp for every entry. Default is false
+
+.. function:: LogResponseAction([filename[, append[, buffered[, verboseOnly[, includeTimestamp]]]]]])
+
+ .. versionadded:: 1.5.0
+
+ Log a line for each response, to the specified ``file`` if any, to the console (require verbose) if the empty string is given as filename.
+
+ If an empty string is supplied in the file name, the logging is done to stdout, and only in verbose mode by default. This can be changed by setting ``verboseOnly`` to false.
+
+ The ``append`` optional parameter specifies whether we open the file for appending or truncate each time (default).
+ The ``buffered`` optional parameter specifies whether writes to the file are buffered (default) or not.
+
+ Subsequent rules are processed after this action.
+
+ :param string filename: File to log to. Set to an empty string to log to the normal stdout log, this only works when ``-v`` is set on the command line.
+ :param bool append: Append to the log. Default false
+ :param bool buffered: Use buffered I/O. Default true
+ :param bool verboseOnly: Whether to log only in verbose mode when logging to stdout. Default is true
+ :param bool includeTimestamp: Whether to include a timestamp for every entry. Default is false
.. function:: LuaAction(function)
:param int maxqps: The QPS limit for that pool
:param string poolname: The name of the pool
-.. function:: RCodeAction(rcode)
+.. function:: RCodeAction(rcode [, options])
+
+ .. versionchanged:: 1.5.0
+ Added the optional parameter ``options``.
Reply immediately by turning the query into a response with the specified ``rcode``.
``rcode`` can be specified as an integer or as one of the built-in :ref:`DNSRCode`.
:param int rcode: The RCODE to respond with.
+ :param table options: A table with key: value pairs with options.
+
+ Options:
+
+ * ``aa``: bool - Set the AA bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ad``: bool - Set the AD bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ra``: bool - Set the RA bit to this value (true means the bit is set, false means it's cleared). Default is to copy the value of the RD bit from the incoming query.
.. function:: RemoteLogAction(remoteLogger[, alterFunction [, options]])
:param string v4: The IPv4 netmask, for example "192.0.2.1/32"
:param string v6: The IPv6 netmask, if any
+.. function:: SetNegativeAndSOAAction(nxd, zone, ttl, mname, rname, serial, refresh, retry, expire, minimum)
+
+ .. versionadded:: 1.5.0
+
+ Turn a question into a response, either a NXDOMAIN or a NODATA one based on ''nxd'', setting the QR bit to 1 and adding a SOA record in the additional section.
+
+ :param bool nxd: Whether the answer is a NXDOMAIN (true) or a NODATA (false)
+ :param string zone: The owner name for the SOA record
+ :param int ttl: The TTL of the SOA record
+ :param string mname: The mname of the SOA record
+ :param string rname: The rname of the SOA record
+ :param int serial: The value of the serial field in the SOA record
+ :param int refresh: The value of the refresh field in the SOA record
+ :param int retry: The value of the retry field in the SOA record
+ :param int expire: The value of the expire field in the SOA record
+ :param int minimum: The value of the minimum field in the SOA record
+
.. function:: SkipCacheAction()
Don't lookup the cache for this query, don't store the answer.
:param string message: The message to include
-.. function:: SpoofAction(ip[, ip[...]])
- SpoofAction(ips)
+.. function:: SpoofAction(ip [, options])
+ SpoofAction(ips [, options])
+
+ .. versionchanged:: 1.5.0
+ Added the optional parameter ``options``.
Forge a response with the specified IPv4 (for an A query) or IPv6 (for an AAAA) addresses.
If you specify multiple addresses, all that match the query type (A, AAAA or ANY) will get spoofed in.
:param string ip: An IPv4 and/or IPv6 address to spoof
:param {string} ips: A table of IPv4 and/or IPv6 addresses to spoof
+ :param table options: A table with key: value pairs with options.
-.. function:: SpoofCNAMEAction(cname)
+ Options:
+
+ * ``aa``: bool - Set the AA bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ad``: bool - Set the AD bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ra``: bool - Set the RA bit to this value (true means the bit is set, false means it's cleared). Default is to copy the value of the RD bit from the incoming query.
+ * ``ttl``: int - The TTL of the record.
+
+.. function:: SpoofCNAMEAction(cname [, options])
+
+ .. versionchanged:: 1.5.0
+ Added the optional parameter ``options``.
Forge a response with the specified CNAME value.
:param string cname: The name to respond with
+ :param table options: A table with key: value pairs with options.
+
+ Options:
+
+ * ``aa``: bool - Set the AA bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ad``: bool - Set the AD bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ra``: bool - Set the RA bit to this value (true means the bit is set, false means it's cleared). Default is to copy the value of the RD bit from the incoming query.
+ * ``ttl``: int - The TTL of the record.
+
+.. function:: SpoofRawAction(rawAnswer [, options])
+
+ .. versionadded:: 1.5.0
+
+ Forge a response with the specified raw bytes as record data.
+ For example, for a TXT record of "aaa" "bbbb": SpoofRawAction("\003aaa\004bbbb")
+
+ :param string rawAnswer: The raw record data
+ :param table options: A table with key: value pairs with options.
+
+ Options:
+
+ * ``aa``: bool - Set the AA bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ad``: bool - Set the AD bit to this value (true means the bit is set, false means it's cleared). Default is to clear it.
+ * ``ra``: bool - Set the RA bit to this value (true means the bit is set, false means it's cleared). Default is to copy the value of the RD bit from the incoming query.
+ * ``ttl``: int - The TTL of the record.
.. function:: TagAction(name, value)
projects / thirdparty / pdns.git / blobdiff