From: Vladimír Čunát <vladimir.cunat@nic.cz>
Date: Wed, 30 Dec 2020 10:25:16 +0000 (+0100)
Subject: daf: Add clear method
X-Git-Tag: v5.3.0~28^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e89daf7885b93925899afcb15ecdb5e9d559adbe;p=thirdparty%2Fknot-resolver.git

daf: Add clear method

Make it easier to delete all rules specified in daf.
---

diff --git a/NEWS b/NEWS
index b956c95fc..91e736175 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,7 @@ Improvements
 ------------
 - more consistency in using parent-side records for NS addresses (!1097)
 - better algorithm for choosing nameservers (!1030)
+- daf module: add daf.clear() (!1114)
 
 Bugfixes
 --------
diff --git a/modules/daf/README.rst b/modules/daf/README.rst
index a988028a5..a5e025e92 100644
--- a/modules/daf/README.rst
+++ b/modules/daf/README.rst
@@ -55,6 +55,9 @@ Firewall rules are declarative and consist of filters and actions. Filters have
     -- Delete a rule
     daf.del(2)
 
+    -- Delete all rules and start from scratch
+    daf.clear()
+
 .. warning:: Only the first matching rule's action is executed.  Defining
    additional actions for the same matching rule, e.g.  ``src = 127.0.0.1/8``,
    will have no effect.
diff --git a/modules/daf/daf.lua b/modules/daf/daf.lua
index a658fb401..94c2f164e 100644
--- a/modules/daf/daf.lua
+++ b/modules/daf/daf.lua
@@ -194,6 +194,15 @@ function M.del(id)
 	return nil
 end
 
+-- @function Remove all rules
+function M.clear()
+	for _, r in ipairs(M.rules) do
+		policy.del(r.rule.id)
+	end
+	M.rules = {}
+	return true
+end
+
 -- @function Find a rule
 function M.get(id)
 	for _, r in ipairs(M.rules) do