[thirdparty/pdns.git] / pdns / dnsdistdist / docs / reference / dq.rst

.. _DNSQuestion:

The DNSQuestion (``dq``) object
===============================

A DNSQuestion or ``dq`` object is available in several hooks and Lua actions.
This object contains details about the current state of the question.
This state can be modified from the various hooks.

.. class:: DNSQuestion

  The DNSQuestion object has several attributes, many of them read-only:

  .. attribute:: DNSQuestion.dh

    The :ref:`DNSHeader` of this query.

  .. attribute:: DNSQuestion.ecsOverride

    Whether an existing ECS value should be overridden, settable.

  .. attribute:: DNSQuestion.ecsPrefixLength

     The ECS prefix length to use, settable.

  .. attribute:: DNSQuestion.len

    The length of the data starting at :attr:`DNSQuestion.dh`, including any trailing bytes following the DNS message.

  .. attribute:: DNSQuestion.localaddr

    :ref:`ComboAddress` of the local bind this question was received on.

  .. attribute:: DNSQuestion.opcode

    Integer describing the OPCODE of the packet. Can be matched against :ref:`DNSOpcode`.

  .. attribute:: DNSQuestion.qclass

    QClass (as an unsigned integer) of this question.
    Can be compared against :ref:`DNSClass`.

  .. attribute:: DNSQuestion.qname

    :class:`DNSName` of this question.

  .. attribute:: DNSQuestion.qtype

    QType (as an unsigned integer) of this question.
    Can be compared against the pre-defined :ref:`constants <DNSQType>` like ``DNSQType.A``, DNSQType.AAAA``.

  .. attribute:: DNSQuestion.remoteaddr

    :ref:`ComboAddress` of the remote client.

  .. attribute:: DNSQuestion.rcode

    RCode (as an unsigned integer) of this question.
    Can be compared against :ref:`DNSRCode`

  .. attribute:: DNSQuestion.size

    The total size of the buffer starting at :attr:`DNSQuestion.dh`.

  .. attribute:: DNSQuestion.skipCache

    Whether to skip cache lookup / storing the answer for this question, settable.

  .. attribute:: DNSQuestion.tcp

    Whether the query was received over TCP.

  .. attribute:: DNSQuestion.useECS

    Whether to send ECS to the backend, settable.

  It also supports the following methods:

  .. method:: DNSQuestion:getDO() -> bool

    .. versionadded:: 1.2.0

    Get the value of the DNSSEC OK bit.

    :returns: true if the DO bit was set, false otherwise

  .. method:: DNSQuestion:getEDNSOptions() -> table

    .. versionadded:: 1.3.3

    Return the list of EDNS Options, if any.

    :returns: A table of EDNSOptionView objects, indexed on the ECS Option code

  .. method:: DNSQuestion:getHTTPHeaders() -> table

    .. versionadded:: 1.4.0

    Return the HTTP headers for a DoH query, as a table whose keys are the header names and values the header values.

    :returns: A table of HTTP headers

  .. method:: DNSQuestion:getHTTPHost() -> string

    .. versionadded:: 1.4.0

    Return the HTTP Host for a DoH query, which may or may not contain the port.

    :returns: The host of the DoH query

  .. method:: DNSQuestion:getHTTPPath() -> string

    .. versionadded:: 1.4.0

    Return the HTTP path for a DoH query.

    :returns: The path part of the DoH query URI

  .. method:: DNSQuestion:getHTTPQueryString() -> string

    .. versionadded:: 1.4.0

    Return the HTTP query string for a DoH query.

    :returns: The query string part of the DoH query URI

  .. method:: DNSQuestion:getHTTPScheme() -> string

    .. versionadded:: 1.4.0

    Return the HTTP scheme for a DoH query.

    :returns: The scheme of the DoH query, for example ''http'' or ''https''

  .. method:: DNSQuestion:getServerNameIndication() -> string

    .. versionadded:: 1.4.0

    Return the TLS Server Name Indication (SNI) value sent by the client over DoT or DoH, if any. See :func:`SNIRule`
    for more information, especially about the availability of SNI over DoH.

    :returns: A string containing the TLS SNI value, if any

  .. method:: DNSQuestion:getTag(key) -> string

    .. versionadded:: 1.2.0

    Get the value of a tag stored into the DNSQuestion object.

    :param string key: The tag's key
    :returns: The tag's value if it was set, an empty string otherwise

  .. method:: DNSQuestion:getTagArray() -> table

    .. versionadded:: 1.2.0

    Get all the tags stored into the DNSQuestion object.

    :returns: A table of tags, using strings as keys and values

  .. method:: DNSQuestion:getTrailingData() -> string

    .. versionadded:: 1.4.0

    Get all data following the DNS message.

    :returns: The trailing data as a null-safe string

  .. method:: DNSQuestion:sendTrap(reason)

    .. versionadded:: 1.2.0

    Send an SNMP trap.

    :param string reason: An optional string describing the reason why this trap was sent

  .. method:: DNSQuestion:setHTTPResponse(status, body, contentType="")

    .. versionadded:: 1.4.0

    Set the HTTP status code and content to immediately send back to the client.
    For HTTP redirects (3xx), the string supplied in ''body'' should be the URL to redirect to.
    For 200 responses, the value of the content type header can be specified via the ''contentType'' parameter.
    In order for the response to be sent, the QR bit should be set before returning and the function should return Action.HeaderModify.

    :param int status: The HTTP status code to return
    :param string body: The body of the HTTP response, or a URL if the status code is a redirect (3xx)
    :param string contentType: The HTTP Content-Type header to return for a 200 response, ignored otherwise. Default is ''application/dns-message''.

  .. method:: DNSQuestion:setNegativeAndAdditionalSOA(nxd, zone, ttl, mname, rname, serial, refresh, retry, expire, minimum)

    .. versionadded:: 1.5.0

    Turn a question into a response, either a NXDOMAIN or a NODATA one based on ''nxd'', setting the QR bit to 1 and adding a SOA record in the additional section.

    :param bool nxd: Whether the answer is a NXDOMAIN (true) or a NODATA (false)
    :param string zone: The owner name for the SOA record
    :param int ttl: The TTL of the SOA record
    :param string mname: The mname of the SOA record
    :param string rname: The rname of the SOA record
    :param int serial: The value of the serial field in the SOA record
    :param int refresh: The value of the refresh field in the SOA record
    :param int retry: The value of the retry field in the SOA record
    :param int expire: The value of the expire field in the SOA record
    :param int minimum: The value of the minimum field in the SOA record

  .. method:: DNSQuestion:setTag(key, value)

    .. versionadded:: 1.2.0

    Set a tag into the DNSQuestion object.

    :param string key: The tag's key
    :param string value: The tag's value

  .. method:: DNSQuestion:setTagArray(tags)

    .. versionadded:: 1.2.0

    Set an array of tags into the DNSQuestion object.

    :param table tags: A table of tags, using strings as keys and values

  .. method:: DNSQuestion:setTrailingData(tail) -> bool

    .. versionadded:: 1.4.0

    Set the data following the DNS message, overwriting anything already present.

    :param string tail: The new data
    :returns: true if the operation succeeded, false otherwise

.. _DNSResponse:

DNSResponse object
==================

.. class:: DNSResponse

  This object has all the functions and members of a :ref:`DNSQuestion <DNSQuestion>` and some more

  .. method:: DNSResponse:editTTLs(func)

    The function ``func`` is invoked for every entry in the answer, authority and additional section.

    ``func`` points to a function with the following prototype: ``myFunc(section, qclass, qtype, ttl)``

    All parameters to ``func`` are integers:

    - ``section`` is the section in the packet and can be compared to :ref:`DNSSection`
    - ``qclass`` is the QClass of the record. Can be compared to :ref:`DNSClass`
    - ``qtype`` is the QType of the record. Can be e.g. compared to ``DNSQType.A``, ``DNSQType.AAAA`` :ref:`constants <DNSQType>` and the like.
    - ``ttl`` is the current TTL

    This function must return an integer with the new TTL.
    Setting this TTL to 0 to leaves it unchanged

    :param string func: The function to call to edit TTLs.

.. _DNSHeader:

DNSHeader (``dh``) object
=========================

.. class:: DNSHeader

  This object holds a representation of a DNS packet's header.

  .. method:: DNSHeader:getRD() -> bool

    Get recursion desired flag.

  .. method:: DNSHeader:setRD(rd)

    Set recursion desired flag.

    :param bool rd: State of the RD flag

  .. method:: DNSHeader:setTC(tc)

    Set truncation flag (TC).

    :param bool tc: State of the TC flag

  .. method:: DNSHeader:setQR(qr)

    Set Query/Response flag.
    Setting QR to true means "This is an answer packet".

    :param bool qr: State of the QR flag

  .. method:: DNSHeader:getCD() -> bool

    Get checking disabled flag.

  .. method:: DNSHeader:setCD(cd)

    Set checking disabled flag.

    :param bool cd: State of the CD flag

.. _EDNSOptionView:

EDNSOptionView object
=====================

.. class:: EDNSOptionView

  .. versionadded:: 1.3.3

  An object that represents the values of a single EDNS option received in a query.

  .. method:: EDNSOptionView:count()

    The number of values for this EDNS option.

  .. method:: EDNSOptionView:getValues()

    Return a table of NULL-safe strings values for this EDNS option.
Commit	Line	Data
20d81666 PL	1	.. _DNSQuestion:
	2
	3	The DNSQuestion (``dq``) object
	4	===============================
	5
	6	A DNSQuestion or ``dq`` object is available in several hooks and Lua actions.
	7	This object contains details about the current state of the question.
	8	This state can be modified from the various hooks.
	9
20d81666 PL	10	.. class:: DNSQuestion
20d81666 PL	11
d9018741 PL	12	The DNSQuestion object has several attributes, many of them read-only:
	13
	14	.. attribute:: DNSQuestion.dh
20d81666	15
d9018741	16	The :ref:`DNSHeader` of this query.
20d81666	17
d9018741	18	.. attribute:: DNSQuestion.ecsOverride
20d81666	19
d9018741	20	Whether an existing ECS value should be overridden, settable.
20d81666	21
d9018741	22	.. attribute:: DNSQuestion.ecsPrefixLength
20d81666	23
d9018741	24	The ECS prefix length to use, settable.
20d81666	25
d9018741	26	.. attribute:: DNSQuestion.len
20d81666	27
f048c235	28	The length of the data starting at :attr:`DNSQuestion.dh`, including any trailing bytes following the DNS message.
20d81666	29
d9018741	30	.. attribute:: DNSQuestion.localaddr
20d81666	31
d9018741	32	:ref:`ComboAddress` of the local bind this question was received on.
20d81666	33
d9018741	34	.. attribute:: DNSQuestion.opcode
20d81666	35
d9018741	36	Integer describing the OPCODE of the packet. Can be matched against :ref:`DNSOpcode`.
20d81666	37
d9018741	38	.. attribute:: DNSQuestion.qclass
20d81666	39
d9018741	40	QClass (as an unsigned integer) of this question.
4c73e4af	41	Can be compared against :ref:`DNSClass`.
20d81666	42
d9018741	43	.. attribute:: DNSQuestion.qname
20d81666	44
d9018741	45	:class:`DNSName` of this question.
20d81666	46
d9018741	47	.. attribute:: DNSQuestion.qtype
20d81666	48
d9018741	49	QType (as an unsigned integer) of this question.
09b45aa8	50	Can be compared against the pre-defined :ref:`constants <DNSQType>` like ``DNSQType.A``, DNSQType.AAAA``.
20d81666	51
d9018741	52	.. attribute:: DNSQuestion.remoteaddr
20d81666	53
d9018741	54	:ref:`ComboAddress` of the remote client.
20d81666	55
d9018741	56	.. attribute:: DNSQuestion.rcode
20d81666	57
d9018741 PL	58	RCode (as an unsigned integer) of this question.
d9018741 PL	59	Can be compared against :ref:`DNSRCode`
20d81666	60
d9018741	61	.. attribute:: DNSQuestion.size
20d81666	62
d9018741	63	The total size of the buffer starting at :attr:`DNSQuestion.dh`.
20d81666	64
d9018741	65	.. attribute:: DNSQuestion.skipCache
20d81666	66
d9018741	67	Whether to skip cache lookup / storing the answer for this question, settable.
20d81666	68
d9018741	69	.. attribute:: DNSQuestion.tcp
20d81666	70
c7349b0e	71	Whether the query was received over TCP.
20d81666	72
d9018741	73	.. attribute:: DNSQuestion.useECS
20d81666	74
d9018741	75	Whether to send ECS to the backend, settable.
20d81666	76
d9018741	77	It also supports the following methods:
20d81666	78
d9018741	79	.. method:: DNSQuestion:getDO() -> bool
20d81666	80
d9018741	81	.. versionadded:: 1.2.0
20d81666	82
d9018741	83	Get the value of the DNSSEC OK bit.
20d81666	84
d9018741	85	:returns: true if the DO bit was set, false otherwise
20d81666	86
cbf4e13a RG	87	.. method:: DNSQuestion:getEDNSOptions() -> table
cbf4e13a RG	88
01ee2be0	89	.. versionadded:: 1.3.3
cbf4e13a RG	90
	91	Return the list of EDNS Options, if any.
	92
	93	:returns: A table of EDNSOptionView objects, indexed on the ECS Option code
	94
9676d2a9 RG	95	.. method:: DNSQuestion:getHTTPHeaders() -> table
	96
	97	.. versionadded:: 1.4.0
	98
	99	Return the HTTP headers for a DoH query, as a table whose keys are the header names and values the header values.
	100
	101	:returns: A table of HTTP headers
	102
	103	.. method:: DNSQuestion:getHTTPHost() -> string
	104
	105	.. versionadded:: 1.4.0
	106
	107	Return the HTTP Host for a DoH query, which may or may not contain the port.
	108
	109	:returns: The host of the DoH query
	110
	111	.. method:: DNSQuestion:getHTTPPath() -> string
	112
	113	.. versionadded:: 1.4.0
	114
	115	Return the HTTP path for a DoH query.
	116
	117	:returns: The path part of the DoH query URI
	118
	119	.. method:: DNSQuestion:getHTTPQueryString() -> string
	120
	121	.. versionadded:: 1.4.0
	122
	123	Return the HTTP query string for a DoH query.
	124
	125	:returns: The query string part of the DoH query URI
	126
	127	.. method:: DNSQuestion:getHTTPScheme() -> string
	128
	129	.. versionadded:: 1.4.0
	130
	131	Return the HTTP scheme for a DoH query.
	132
	133	:returns: The scheme of the DoH query, for example ''http'' or ''https''
	134
15e21d84 RG	135	.. method:: DNSQuestion:getServerNameIndication() -> string
	136
	137	.. versionadded:: 1.4.0
	138
ba45a22c RG	139	Return the TLS Server Name Indication (SNI) value sent by the client over DoT or DoH, if any. See :func:`SNIRule`
ba45a22c RG	140	for more information, especially about the availability of SNI over DoH.
15e21d84 RG	141
	142	:returns: A string containing the TLS SNI value, if any
	143
d9018741	144	.. method:: DNSQuestion:getTag(key) -> string
ab6f6acf	145
d9018741	146	.. versionadded:: 1.2.0
ab6f6acf	147
d9018741	148	Get the value of a tag stored into the DNSQuestion object.
ab6f6acf	149
d9018741	150	:param string key: The tag's key
10e05c8b	151	:returns: The tag's value if it was set, an empty string otherwise
ab6f6acf	152
d9018741	153	.. method:: DNSQuestion:getTagArray() -> table
ab6f6acf	154
d9018741	155	.. versionadded:: 1.2.0
ab6f6acf	156
d9018741	157	Get all the tags stored into the DNSQuestion object.
ab6f6acf	158
10e05c8b	159	:returns: A table of tags, using strings as keys and values
ab6f6acf	160
7d243a5e	161	.. method:: DNSQuestion:getTrailingData() -> string
f6410085	162
d2c336c7	163	.. versionadded:: 1.4.0
f6410085 RG	164
	165	Get all data following the DNS message.
	166
7d243a5e	167	:returns: The trailing data as a null-safe string
f6410085	168
d9018741	169	.. method:: DNSQuestion:sendTrap(reason)
ab6f6acf	170
d9018741	171	.. versionadded:: 1.2.0
ab6f6acf	172
d9018741	173	Send an SNMP trap.
ab6f6acf	174
d9018741	175	:param string reason: An optional string describing the reason why this trap was sent
ab6f6acf	176
9676d2a9 RG	177	.. method:: DNSQuestion:setHTTPResponse(status, body, contentType="")
	178
	179	.. versionadded:: 1.4.0
	180
	181	Set the HTTP status code and content to immediately send back to the client.
	182	For HTTP redirects (3xx), the string supplied in ''body'' should be the URL to redirect to.
	183	For 200 responses, the value of the content type header can be specified via the ''contentType'' parameter.
1a6ff33a	184	In order for the response to be sent, the QR bit should be set before returning and the function should return Action.HeaderModify.
9676d2a9 RG	185
	186	:param int status: The HTTP status code to return
	187	:param string body: The body of the HTTP response, or a URL if the status code is a redirect (3xx)
	188	:param string contentType: The HTTP Content-Type header to return for a 200 response, ignored otherwise. Default is ''application/dns-message''.
	189
af9f750c RG	190	.. method:: DNSQuestion:setNegativeAndAdditionalSOA(nxd, zone, ttl, mname, rname, serial, refresh, retry, expire, minimum)
	191
	192	.. versionadded:: 1.5.0
	193
	194	Turn a question into a response, either a NXDOMAIN or a NODATA one based on ''nxd'', setting the QR bit to 1 and adding a SOA record in the additional section.
	195
	196	:param bool nxd: Whether the answer is a NXDOMAIN (true) or a NODATA (false)
	197	:param string zone: The owner name for the SOA record
	198	:param int ttl: The TTL of the SOA record
	199	:param string mname: The mname of the SOA record
	200	:param string rname: The rname of the SOA record
	201	:param int serial: The value of the serial field in the SOA record
	202	:param int refresh: The value of the refresh field in the SOA record
	203	:param int retry: The value of the retry field in the SOA record
	204	:param int expire: The value of the expire field in the SOA record
	205	:param int minimum: The value of the minimum field in the SOA record
	206
d9018741	207	.. method:: DNSQuestion:setTag(key, value)
ab6f6acf	208
d9018741	209	.. versionadded:: 1.2.0
ab6f6acf	210
d9018741	211	Set a tag into the DNSQuestion object.
ab6f6acf	212
d9018741 PL	213	:param string key: The tag's key
d9018741 PL	214	:param string value: The tag's value
ab6f6acf	215
d9018741	216	.. method:: DNSQuestion:setTagArray(tags)
ab6f6acf	217
d9018741	218	.. versionadded:: 1.2.0
ab6f6acf	219
d9018741	220	Set an array of tags into the DNSQuestion object.
ab6f6acf	221
d9018741	222	:param table tags: A table of tags, using strings as keys and values
ab6f6acf	223
7d243a5e	224	.. method:: DNSQuestion:setTrailingData(tail) -> bool
f6410085	225
d2c336c7	226	.. versionadded:: 1.4.0
f6410085 RG	227
	228	Set the data following the DNS message, overwriting anything already present.
	229
7d243a5e	230	:param string tail: The new data
f6410085 RG	231	:returns: true if the operation succeeded, false otherwise
f6410085 RG	232
20d81666 PL	233	.. _DNSResponse:
	234
	235	DNSResponse object
	236	==================
	237
	238	.. class:: DNSResponse
	239
	240	This object has all the functions and members of a :ref:`DNSQuestion <DNSQuestion>` and some more
	241
d9018741	242	.. method:: DNSResponse:editTTLs(func)
20d81666	243
d9018741	244	The function ``func`` is invoked for every entry in the answer, authority and additional section.
20d81666	245
d9018741	246	``func`` points to a function with the following prototype: ``myFunc(section, qclass, qtype, ttl)``
20d81666	247
d9018741	248	All parameters to ``func`` are integers:
20d81666	249
d9018741	250	- ``section`` is the section in the packet and can be compared to :ref:`DNSSection`
4c73e4af	251	- ``qclass`` is the QClass of the record. Can be compared to :ref:`DNSClass`
09b45aa8	252	- ``qtype`` is the QType of the record. Can be e.g. compared to ``DNSQType.A``, ``DNSQType.AAAA`` :ref:`constants <DNSQType>` and the like.
d9018741	253	- ``ttl`` is the current TTL
20d81666	254
d9018741 PL	255	This function must return an integer with the new TTL.
d9018741 PL	256	Setting this TTL to 0 to leaves it unchanged
20d81666	257
d9018741	258	:param string func: The function to call to edit TTLs.
20d81666 PL	259
	260	.. _DNSHeader:
	261
	262	DNSHeader (``dh``) object
	263	=========================
	264
	265	.. class:: DNSHeader
	266
	267	This object holds a representation of a DNS packet's header.
	268
d9018741	269	.. method:: DNSHeader:getRD() -> bool
20d81666	270
d9018741	271	Get recursion desired flag.
20d81666	272
d9018741	273	.. method:: DNSHeader:setRD(rd)
20d81666	274
d9018741	275	Set recursion desired flag.
20d81666	276
d9018741	277	:param bool rd: State of the RD flag
20d81666	278
d9018741	279	.. method:: DNSHeader:setTC(tc)
20d81666	280
d9018741	281	Set truncation flag (TC).
20d81666	282
d9018741	283	:param bool tc: State of the TC flag
20d81666	284
d9018741	285	.. method:: DNSHeader:setQR(qr)
20d81666	286
d9018741 PL	287	Set Query/Response flag.
d9018741 PL	288	Setting QR to true means "This is an answer packet".
20d81666	289
d9018741	290	:param bool qr: State of the QR flag
20d81666	291
d9018741	292	.. method:: DNSHeader:getCD() -> bool
20d81666	293
d9018741	294	Get checking disabled flag.
20d81666	295
d9018741	296	.. method:: DNSHeader:setCD(cd)
20d81666	297
d9018741	298	Set checking disabled flag.
20d81666	299
d9018741	300	:param bool cd: State of the CD flag
cbf4e13a RG	301
	302	.. _EDNSOptionView:
	303
	304	EDNSOptionView object
	305	=====================
	306
	307	.. class:: EDNSOptionView
	308
01ee2be0	309	.. versionadded:: 1.3.3
cbf4e13a RG	310
	311	An object that represents the values of a single EDNS option received in a query.
	312
28d5806e	313	.. method:: EDNSOptionView:count()
cbf4e13a RG	314
	315	The number of values for this EDNS option.
	316
	317	.. method:: EDNSOptionView:getValues()
	318
	319	Return a table of NULL-safe strings values for this EDNS option.