]>
Commit | Line | Data |
---|---|---|
20d81666 PL |
1 | .. _DNSQuestion: |
2 | ||
3 | The DNSQuestion (``dq``) object | |
4 | =============================== | |
5 | ||
6 | A DNSQuestion or ``dq`` object is available in several hooks and Lua actions. | |
7 | This object contains details about the current state of the question. | |
8 | This state can be modified from the various hooks. | |
9 | ||
20d81666 PL |
10 | .. class:: DNSQuestion |
11 | ||
d9018741 PL |
12 | The DNSQuestion object has several attributes, many of them read-only: |
13 | ||
14 | .. attribute:: DNSQuestion.dh | |
20d81666 | 15 | |
d9018741 | 16 | The :ref:`DNSHeader` of this query. |
20d81666 | 17 | |
d9018741 | 18 | .. attribute:: DNSQuestion.ecsOverride |
20d81666 | 19 | |
d9018741 | 20 | Whether an existing ECS value should be overridden, settable. |
20d81666 | 21 | |
d9018741 | 22 | .. attribute:: DNSQuestion.ecsPrefixLength |
20d81666 | 23 | |
d9018741 | 24 | The ECS prefix length to use, settable. |
20d81666 | 25 | |
d9018741 | 26 | .. attribute:: DNSQuestion.len |
20d81666 | 27 | |
f048c235 | 28 | The length of the data starting at :attr:`DNSQuestion.dh`, including any trailing bytes following the DNS message. |
20d81666 | 29 | |
d9018741 | 30 | .. attribute:: DNSQuestion.localaddr |
20d81666 | 31 | |
d9018741 | 32 | :ref:`ComboAddress` of the local bind this question was received on. |
20d81666 | 33 | |
d9018741 | 34 | .. attribute:: DNSQuestion.opcode |
20d81666 | 35 | |
d9018741 | 36 | Integer describing the OPCODE of the packet. Can be matched against :ref:`DNSOpcode`. |
20d81666 | 37 | |
d9018741 | 38 | .. attribute:: DNSQuestion.qclass |
20d81666 | 39 | |
d9018741 | 40 | QClass (as an unsigned integer) of this question. |
4c73e4af | 41 | Can be compared against :ref:`DNSClass`. |
20d81666 | 42 | |
d9018741 | 43 | .. attribute:: DNSQuestion.qname |
20d81666 | 44 | |
d9018741 | 45 | :class:`DNSName` of this question. |
20d81666 | 46 | |
d9018741 | 47 | .. attribute:: DNSQuestion.qtype |
20d81666 | 48 | |
d9018741 | 49 | QType (as an unsigned integer) of this question. |
09b45aa8 | 50 | Can be compared against the pre-defined :ref:`constants <DNSQType>` like ``DNSQType.A``, DNSQType.AAAA``. |
20d81666 | 51 | |
d9018741 | 52 | .. attribute:: DNSQuestion.remoteaddr |
20d81666 | 53 | |
d9018741 | 54 | :ref:`ComboAddress` of the remote client. |
20d81666 | 55 | |
d9018741 | 56 | .. attribute:: DNSQuestion.rcode |
20d81666 | 57 | |
d9018741 PL |
58 | RCode (as an unsigned integer) of this question. |
59 | Can be compared against :ref:`DNSRCode` | |
20d81666 | 60 | |
d9018741 | 61 | .. attribute:: DNSQuestion.size |
20d81666 | 62 | |
d9018741 | 63 | The total size of the buffer starting at :attr:`DNSQuestion.dh`. |
20d81666 | 64 | |
d9018741 | 65 | .. attribute:: DNSQuestion.skipCache |
20d81666 | 66 | |
d9018741 | 67 | Whether to skip cache lookup / storing the answer for this question, settable. |
20d81666 | 68 | |
d9018741 | 69 | .. attribute:: DNSQuestion.tcp |
20d81666 | 70 | |
c7349b0e | 71 | Whether the query was received over TCP. |
20d81666 | 72 | |
d9018741 | 73 | .. attribute:: DNSQuestion.useECS |
20d81666 | 74 | |
d9018741 | 75 | Whether to send ECS to the backend, settable. |
20d81666 | 76 | |
d9018741 | 77 | It also supports the following methods: |
20d81666 | 78 | |
d9018741 | 79 | .. method:: DNSQuestion:getDO() -> bool |
20d81666 | 80 | |
d9018741 | 81 | .. versionadded:: 1.2.0 |
20d81666 | 82 | |
d9018741 | 83 | Get the value of the DNSSEC OK bit. |
20d81666 | 84 | |
d9018741 | 85 | :returns: true if the DO bit was set, false otherwise |
20d81666 | 86 | |
cbf4e13a RG |
87 | .. method:: DNSQuestion:getEDNSOptions() -> table |
88 | ||
01ee2be0 | 89 | .. versionadded:: 1.3.3 |
cbf4e13a RG |
90 | |
91 | Return the list of EDNS Options, if any. | |
92 | ||
93 | :returns: A table of EDNSOptionView objects, indexed on the ECS Option code | |
94 | ||
9676d2a9 RG |
95 | .. method:: DNSQuestion:getHTTPHeaders() -> table |
96 | ||
97 | .. versionadded:: 1.4.0 | |
98 | ||
99 | Return the HTTP headers for a DoH query, as a table whose keys are the header names and values the header values. | |
100 | ||
101 | :returns: A table of HTTP headers | |
102 | ||
103 | .. method:: DNSQuestion:getHTTPHost() -> string | |
104 | ||
105 | .. versionadded:: 1.4.0 | |
106 | ||
107 | Return the HTTP Host for a DoH query, which may or may not contain the port. | |
108 | ||
109 | :returns: The host of the DoH query | |
110 | ||
111 | .. method:: DNSQuestion:getHTTPPath() -> string | |
112 | ||
113 | .. versionadded:: 1.4.0 | |
114 | ||
115 | Return the HTTP path for a DoH query. | |
116 | ||
117 | :returns: The path part of the DoH query URI | |
118 | ||
119 | .. method:: DNSQuestion:getHTTPQueryString() -> string | |
120 | ||
121 | .. versionadded:: 1.4.0 | |
122 | ||
123 | Return the HTTP query string for a DoH query. | |
124 | ||
125 | :returns: The query string part of the DoH query URI | |
126 | ||
127 | .. method:: DNSQuestion:getHTTPScheme() -> string | |
128 | ||
129 | .. versionadded:: 1.4.0 | |
130 | ||
131 | Return the HTTP scheme for a DoH query. | |
132 | ||
133 | :returns: The scheme of the DoH query, for example ''http'' or ''https'' | |
134 | ||
15e21d84 RG |
135 | .. method:: DNSQuestion:getServerNameIndication() -> string |
136 | ||
137 | .. versionadded:: 1.4.0 | |
138 | ||
ba45a22c RG |
139 | Return the TLS Server Name Indication (SNI) value sent by the client over DoT or DoH, if any. See :func:`SNIRule` |
140 | for more information, especially about the availability of SNI over DoH. | |
15e21d84 RG |
141 | |
142 | :returns: A string containing the TLS SNI value, if any | |
143 | ||
d9018741 | 144 | .. method:: DNSQuestion:getTag(key) -> string |
ab6f6acf | 145 | |
d9018741 | 146 | .. versionadded:: 1.2.0 |
ab6f6acf | 147 | |
d9018741 | 148 | Get the value of a tag stored into the DNSQuestion object. |
ab6f6acf | 149 | |
d9018741 | 150 | :param string key: The tag's key |
10e05c8b | 151 | :returns: The tag's value if it was set, an empty string otherwise |
ab6f6acf | 152 | |
d9018741 | 153 | .. method:: DNSQuestion:getTagArray() -> table |
ab6f6acf | 154 | |
d9018741 | 155 | .. versionadded:: 1.2.0 |
ab6f6acf | 156 | |
d9018741 | 157 | Get all the tags stored into the DNSQuestion object. |
ab6f6acf | 158 | |
10e05c8b | 159 | :returns: A table of tags, using strings as keys and values |
ab6f6acf | 160 | |
7d243a5e | 161 | .. method:: DNSQuestion:getTrailingData() -> string |
f6410085 | 162 | |
d2c336c7 | 163 | .. versionadded:: 1.4.0 |
f6410085 RG |
164 | |
165 | Get all data following the DNS message. | |
166 | ||
7d243a5e | 167 | :returns: The trailing data as a null-safe string |
f6410085 | 168 | |
d9018741 | 169 | .. method:: DNSQuestion:sendTrap(reason) |
ab6f6acf | 170 | |
d9018741 | 171 | .. versionadded:: 1.2.0 |
ab6f6acf | 172 | |
d9018741 | 173 | Send an SNMP trap. |
ab6f6acf | 174 | |
d9018741 | 175 | :param string reason: An optional string describing the reason why this trap was sent |
ab6f6acf | 176 | |
9676d2a9 RG |
177 | .. method:: DNSQuestion:setHTTPResponse(status, body, contentType="") |
178 | ||
179 | .. versionadded:: 1.4.0 | |
180 | ||
181 | Set the HTTP status code and content to immediately send back to the client. | |
182 | For HTTP redirects (3xx), the string supplied in ''body'' should be the URL to redirect to. | |
183 | For 200 responses, the value of the content type header can be specified via the ''contentType'' parameter. | |
1a6ff33a | 184 | In order for the response to be sent, the QR bit should be set before returning and the function should return Action.HeaderModify. |
9676d2a9 RG |
185 | |
186 | :param int status: The HTTP status code to return | |
187 | :param string body: The body of the HTTP response, or a URL if the status code is a redirect (3xx) | |
188 | :param string contentType: The HTTP Content-Type header to return for a 200 response, ignored otherwise. Default is ''application/dns-message''. | |
189 | ||
af9f750c RG |
190 | .. method:: DNSQuestion:setNegativeAndAdditionalSOA(nxd, zone, ttl, mname, rname, serial, refresh, retry, expire, minimum) |
191 | ||
192 | .. versionadded:: 1.5.0 | |
193 | ||
194 | Turn a question into a response, either a NXDOMAIN or a NODATA one based on ''nxd'', setting the QR bit to 1 and adding a SOA record in the additional section. | |
195 | ||
196 | :param bool nxd: Whether the answer is a NXDOMAIN (true) or a NODATA (false) | |
197 | :param string zone: The owner name for the SOA record | |
198 | :param int ttl: The TTL of the SOA record | |
199 | :param string mname: The mname of the SOA record | |
200 | :param string rname: The rname of the SOA record | |
201 | :param int serial: The value of the serial field in the SOA record | |
202 | :param int refresh: The value of the refresh field in the SOA record | |
203 | :param int retry: The value of the retry field in the SOA record | |
204 | :param int expire: The value of the expire field in the SOA record | |
205 | :param int minimum: The value of the minimum field in the SOA record | |
206 | ||
d9018741 | 207 | .. method:: DNSQuestion:setTag(key, value) |
ab6f6acf | 208 | |
d9018741 | 209 | .. versionadded:: 1.2.0 |
ab6f6acf | 210 | |
d9018741 | 211 | Set a tag into the DNSQuestion object. |
ab6f6acf | 212 | |
d9018741 PL |
213 | :param string key: The tag's key |
214 | :param string value: The tag's value | |
ab6f6acf | 215 | |
d9018741 | 216 | .. method:: DNSQuestion:setTagArray(tags) |
ab6f6acf | 217 | |
d9018741 | 218 | .. versionadded:: 1.2.0 |
ab6f6acf | 219 | |
d9018741 | 220 | Set an array of tags into the DNSQuestion object. |
ab6f6acf | 221 | |
d9018741 | 222 | :param table tags: A table of tags, using strings as keys and values |
ab6f6acf | 223 | |
7d243a5e | 224 | .. method:: DNSQuestion:setTrailingData(tail) -> bool |
f6410085 | 225 | |
d2c336c7 | 226 | .. versionadded:: 1.4.0 |
f6410085 RG |
227 | |
228 | Set the data following the DNS message, overwriting anything already present. | |
229 | ||
7d243a5e | 230 | :param string tail: The new data |
f6410085 RG |
231 | :returns: true if the operation succeeded, false otherwise |
232 | ||
20d81666 PL |
233 | .. _DNSResponse: |
234 | ||
235 | DNSResponse object | |
236 | ================== | |
237 | ||
238 | .. class:: DNSResponse | |
239 | ||
240 | This object has all the functions and members of a :ref:`DNSQuestion <DNSQuestion>` and some more | |
241 | ||
d9018741 | 242 | .. method:: DNSResponse:editTTLs(func) |
20d81666 | 243 | |
d9018741 | 244 | The function ``func`` is invoked for every entry in the answer, authority and additional section. |
20d81666 | 245 | |
d9018741 | 246 | ``func`` points to a function with the following prototype: ``myFunc(section, qclass, qtype, ttl)`` |
20d81666 | 247 | |
d9018741 | 248 | All parameters to ``func`` are integers: |
20d81666 | 249 | |
d9018741 | 250 | - ``section`` is the section in the packet and can be compared to :ref:`DNSSection` |
4c73e4af | 251 | - ``qclass`` is the QClass of the record. Can be compared to :ref:`DNSClass` |
09b45aa8 | 252 | - ``qtype`` is the QType of the record. Can be e.g. compared to ``DNSQType.A``, ``DNSQType.AAAA`` :ref:`constants <DNSQType>` and the like. |
d9018741 | 253 | - ``ttl`` is the current TTL |
20d81666 | 254 | |
d9018741 PL |
255 | This function must return an integer with the new TTL. |
256 | Setting this TTL to 0 to leaves it unchanged | |
20d81666 | 257 | |
d9018741 | 258 | :param string func: The function to call to edit TTLs. |
20d81666 PL |
259 | |
260 | .. _DNSHeader: | |
261 | ||
262 | DNSHeader (``dh``) object | |
263 | ========================= | |
264 | ||
265 | .. class:: DNSHeader | |
266 | ||
267 | This object holds a representation of a DNS packet's header. | |
268 | ||
d9018741 | 269 | .. method:: DNSHeader:getRD() -> bool |
20d81666 | 270 | |
d9018741 | 271 | Get recursion desired flag. |
20d81666 | 272 | |
d9018741 | 273 | .. method:: DNSHeader:setRD(rd) |
20d81666 | 274 | |
d9018741 | 275 | Set recursion desired flag. |
20d81666 | 276 | |
d9018741 | 277 | :param bool rd: State of the RD flag |
20d81666 | 278 | |
d9018741 | 279 | .. method:: DNSHeader:setTC(tc) |
20d81666 | 280 | |
d9018741 | 281 | Set truncation flag (TC). |
20d81666 | 282 | |
d9018741 | 283 | :param bool tc: State of the TC flag |
20d81666 | 284 | |
d9018741 | 285 | .. method:: DNSHeader:setQR(qr) |
20d81666 | 286 | |
d9018741 PL |
287 | Set Query/Response flag. |
288 | Setting QR to true means "This is an answer packet". | |
20d81666 | 289 | |
d9018741 | 290 | :param bool qr: State of the QR flag |
20d81666 | 291 | |
d9018741 | 292 | .. method:: DNSHeader:getCD() -> bool |
20d81666 | 293 | |
d9018741 | 294 | Get checking disabled flag. |
20d81666 | 295 | |
d9018741 | 296 | .. method:: DNSHeader:setCD(cd) |
20d81666 | 297 | |
d9018741 | 298 | Set checking disabled flag. |
20d81666 | 299 | |
d9018741 | 300 | :param bool cd: State of the CD flag |
cbf4e13a RG |
301 | |
302 | .. _EDNSOptionView: | |
303 | ||
304 | EDNSOptionView object | |
305 | ===================== | |
306 | ||
307 | .. class:: EDNSOptionView | |
308 | ||
01ee2be0 | 309 | .. versionadded:: 1.3.3 |
cbf4e13a RG |
310 | |
311 | An object that represents the values of a single EDNS option received in a query. | |
312 | ||
28d5806e | 313 | .. method:: EDNSOptionView:count() |
cbf4e13a RG |
314 | |
315 | The number of values for this EDNS option. | |
316 | ||
317 | .. method:: EDNSOptionView:getValues() | |
318 | ||
319 | Return a table of NULL-safe strings values for this EDNS option. |