return boost::none;
}
+namespace
+{
+std::shared_ptr<DNSRule> qnameSuffixRule(const boost::variant<const SuffixMatchNode&, std::string, const LuaArray<std::string>> names, boost::optional<bool> quiet)
+{
+ if (names.type() == typeid(string)) {
+ SuffixMatchNode smn;
+ smn.add(DNSName(*boost::get<std::string>(&names)));
+ return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false));
+ }
+
+ if (names.type() == typeid(LuaArray<std::string>)) {
+ SuffixMatchNode smn;
+ for (const auto& str : *boost::get<const LuaArray<std::string>>(&names)) {
+ smn.add(DNSName(str.second));
+ }
+ return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false));
+ }
+
+ const auto& smn = *boost::get<const SuffixMatchNode&>(&names);
+ return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false));
+}
+}
+
// NOLINTNEXTLINE(readability-function-cognitive-complexity): this function declares Lua bindings, even with a good refactoring it will likely blow up the threshold
void setupLuaRules(LuaContext& luaCtx)
{
return std::shared_ptr<DNSRule>(new SNIRule(name));
});
- luaCtx.writeFunction("SuffixMatchNodeRule", [](const boost::variant<const SuffixMatchNode&, std::string, const LuaArray<std::string>> names, boost::optional<bool> quiet) {
- if (names.type() == typeid(string)) {
- SuffixMatchNode smn;
- smn.add(DNSName(*boost::get<std::string>(&names)));
- return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false));
- }
-
- if (names.type() == typeid(LuaArray<std::string>)) {
- SuffixMatchNode smn;
- for (const auto& str : *boost::get<const LuaArray<std::string>>(&names)) {
- smn.add(DNSName(str.second));
- }
- return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false));
- }
-
- const auto& smn = *boost::get<const SuffixMatchNode&>(&names);
- return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false));
- });
+ luaCtx.writeFunction("SuffixMatchNodeRule", qnameSuffixRule);
luaCtx.writeFunction("NetmaskGroupRule", [](const boost::variant<const NetmaskGroup&, std::string, const LuaArray<std::string>> netmasks, boost::optional<bool> src, boost::optional<bool> quiet) {
if (netmasks.type() == typeid(string)) {
return std::shared_ptr<DNSRule>(new QNameRule(DNSName(qname)));
});
+ luaCtx.writeFunction("QNameSuffixRule", qnameSuffixRule);
+
luaCtx.writeFunction("QTypeRule", [](boost::variant<unsigned int, std::string> str) {
uint16_t qtype;
if (auto dir = boost::get<unsigned int>(&str)) {
Alternatively, if compiled in, :func:`RE2Rule` provides similar functionality, but against libre2.
-Note that to check if a name is in a list of domains, :func:`SuffixMatchNodeRule` is preferred over complex regular expressions or multiple instances of :func:`RegexRule`.
+Note that to check if a name is in a list of domains, :func:`QNameSuffixRule` is preferred over complex regular expressions or multiple instances of :func:`RegexRule`.
Rule Generators
---------------
Added ``name`` to the ``options``.
.. versionchanged:: 1.9.0
- Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule` instead
+ Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`QNameSuffixRule` instead
Add a Rule and Action to the existing rules.
If a string (or list of) is passed as the first parameter instead of a :class:`DNSRule`, it behaves as if the string or list of strings was passed to :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule`.
Added ``name`` to the ``options``.
.. versionchanged:: 1.9.0
- Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule` instead
+ Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`QNameSuffixRule` instead
Add a Rule and Action for responses to the existing rules.
If a string (or list of) is passed as the first parameter instead of a :class:`DNSRule`, it behaves as if the string or list of strings was passed to :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule`.
Added ``name`` to the ``options``.
.. versionchanged:: 1.9.0
- Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule` instead
+ Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`QNameSuffixRule` instead
Add a Rule and ResponseAction for Cache Hits to the existing rules.
If a string (or list of) is passed as the first parameter instead of a :class:`DNSRule`, it behaves as if the string or list of strings was passed to :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule`.
.. versionadded:: 1.8.0
.. versionchanged:: 1.9.0
- Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule` instead
+ Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`QNameSuffixRule` instead
Add a Rule and ResponseAction that is executed after a cache entry has been inserted to the existing rules.
If a string (or list of) is passed as the first parameter instead of a :class:`DNSRule`, it behaves as if the string or list of strings was passed to :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule`.
Added ``name`` to the ``options``.
.. versionchanged:: 1.9.0
- Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule` instead
+ Passing a string or list of strings instead of a :class:`DNSRule` is deprecated, use :func:`NetmaskGroupRule` or :func:`QNameSuffixRule` instead
Add a Rule and Action for Self-Answered queries to the existing rules.
If a string (or list of) is passed as the first parameter instead of a :class:`DNSRule`, it behaves as if the string or list of strings was passed to :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule`.
Matches if the set contains exact qname.
- To match subdomain names, see :func:`SuffixMatchNodeRule`.
+ To match subdomain names, see :func:`QNameSuffixRule`.
:param DNSNameSet set: Set with qnames.
+.. function:: QNameSuffixRule(suffixes [, quiet@)
+
+ .. versionadded:: 1.9.0
+
+ Matches based on a group of domain suffixes for rapid testing of membership.
+ The first parameter, ``suffixes``, can be a string, list of strings or a class:`SuffixMatchNode` object created with :func:`newSuffixMatchNode`.
+ Pass true as second parameter to prevent listing of all domains matched.
+
+ To match domain names exactly, see :func:`QNameSetRule`.
+
+ This rule existed before 1.9.0 but was called :func:`SuffixMatchNodeRule`, only accepting a :class:`SuffixMatchNode` parameter.
+
+ :param suffixes: A string, list of strings, or a :class:`SuffixMatchNode` to match on
+ :param bool quiet: Do not display the list of matched domains in Rules. Default is false.
+
+ Matches queries with the specified qname exactly.
+
+ :param string qname: Qname to match
+
.. function:: QNameLabelsCountRule(min, max)
Matches if the qname has less than ``min`` or more than ``max`` labels.
To match domain names exactly, see :func:`QNameSetRule`.
+ Since 1.9.0, this rule can also be used via the alias :func:`QNameSuffixRule`.
+
:param SuffixMatchNode smn: A string, list of strings, or a :class:`SuffixMatchNode` to match on
:param bool quiet: Do not display the list of matched domains in Rules. Default is false.
.. function:: makeRule(rule)
.. versionchanged:: 1.9.0
- This function is deprecated, please use :func:`NetmaskGroupRule` or :func:`SuffixMatchNodeRule` instead
+ This function is deprecated, please use :func:`NetmaskGroupRule` or :func:`QnameSuffixRule` instead
Make a :func:`NetmaskGroupRule` or a :func:`SuffixMatchNodeRule`, depending on how it is called.
The `rule` parameter can be a string, or a list of strings, that should contain either:
projects / thirdparty / pdns.git / commitdiff
