{"Pool", (int)DNSAction::Action::Pool},
{"None",(int)DNSAction::Action::None},
{"Delay", (int)DNSAction::Action::Delay},
- {"Truncate", (int)DNSAction::Action::Truncate}
+ {"Truncate", (int)DNSAction::Action::Truncate},
+ {"ServFail", (int)DNSAction::Action::ServFail}
});
g_lua.writeVariable("DNSResponseAction", std::unordered_map<string,int>{
{"Allow", (int)DNSResponseAction::Action::Allow },
{"Delay", (int)DNSResponseAction::Action::Delay },
{"HeaderModify", (int)DNSResponseAction::Action::HeaderModify },
+ {"ServFail", (int)DNSResponseAction::Action::ServFail },
{"None", (int)DNSResponseAction::Action::None }
});
*/
#pragma once
+#include "dolog.hh"
+
class LuaAction : public DNSAction
{
public:
Action operator()(DNSQuestion* dq, string* ruleresult) const override
{
std::lock_guard<std::mutex> lock(g_luamutex);
- auto ret = d_func(dq);
- if(ruleresult)
- *ruleresult=std::get<1>(ret);
- return (Action)std::get<0>(ret);
+ try {
+ auto ret = d_func(dq);
+ if(ruleresult)
+ *ruleresult=std::get<1>(ret);
+ return (Action)std::get<0>(ret);
+ } catch (std::exception &e) {
+ warnlog("LuaAction failed inside lua, returning ServFail: %s", e.what());
+ } catch (...) {
+ warnlog("LuaAction failed inside lua, returning ServFail: [unknown exception]");
+ }
+ return DNSAction::Action::ServFail;
}
string toString() const override
Action operator()(DNSResponse* dr, string* ruleresult) const override
{
std::lock_guard<std::mutex> lock(g_luamutex);
- auto ret = d_func(dr);
- if(ruleresult)
- *ruleresult=std::get<1>(ret);
- return (Action)std::get<0>(ret);
+ try {
+ auto ret = d_func(dr);
+ if(ruleresult)
+ *ruleresult=std::get<1>(ret);
+ return (Action)std::get<0>(ret);
+ } catch (std::exception &e) {
+ warnlog("LuaResponseAction failed inside lua, returning ServFail: %s", e.what());
+ } catch (...) {
+ warnlog("LuaResponseAction failed inside lua, returning ServFail: [unknown exception]");
+ }
+ return DNSResponseAction::Action::ServFail;
}
string toString() const override
static const oid fdUsageOID[] = { DNSDIST_STATS_OID, 34 };
static const oid dynBlockedOID[] = { DNSDIST_STATS_OID, 35 };
static const oid dynBlockedNMGSizeOID[] = { DNSDIST_STATS_OID, 36 };
+static const oid ruleServFailOID[] = { DNSDIST_STATS_OID, 37 };
static std::unordered_map<oid, DNSDistStats::entry_t> s_statsMap;
registerCounter64Stat("ruleDrop", ruleDropOID, OID_LENGTH(ruleDropOID), &g_stats.ruleDrop);
registerCounter64Stat("ruleNXDomain", ruleNXDomainOID, OID_LENGTH(ruleNXDomainOID), &g_stats.ruleNXDomain);
registerCounter64Stat("ruleRefused", ruleRefusedOID, OID_LENGTH(ruleRefusedOID), &g_stats.ruleRefused);
+ registerCounter64Stat("ruleServFail", ruleServFailOID, OID_LENGTH(ruleServFailOID), &g_stats.ruleServFail);
registerCounter64Stat("selfAnswered", selfAnsweredOID, OID_LENGTH(selfAnsweredOID), &g_stats.selfAnswered);
registerCounter64Stat("downstreamTimeouts", downstreamTimeoutsOID, OID_LENGTH(downstreamTimeoutsOID), &g_stats.downstreamTimeouts);
registerCounter64Stat("downstreamSendErrors", downstreamSendErrorsOID, OID_LENGTH(downstreamSendErrorsOID), &g_stats.downstreamSendErrors);
g_stats.ruleRefused++;
return true;
break;
+ case DNSAction::Action::ServFail:
+ dq.dh->rcode = RCode::ServFail;
+ dq.dh->qr=true;
+ g_stats.ruleServFail++;
+ return true;
+ break;
case DNSAction::Action::Spoof:
spoofResponseFromString(dq, ruleresult);
return true;
case DNSResponseAction::Action::HeaderModify:
return true;
break;
+ case DNSResponseAction::Action::ServFail:
+ dr.dh->rcode = RCode::ServFail;
+ return true;
+ break;
/* non-terminal actions follow */
case DNSResponseAction::Action::Delay:
*delayMsec = static_cast<int>(pdns_stou(ruleresult)); // sorry
class DNSAction
{
public:
- enum class Action { Drop, Nxdomain, Refused, Spoof, Allow, HeaderModify, Pool, Delay, Truncate, None};
+ enum class Action { Drop, Nxdomain, Refused, Spoof, Allow, HeaderModify, Pool, Delay, Truncate, ServFail, None};
virtual Action operator()(DNSQuestion*, string* ruleresult) const =0;
virtual ~DNSAction()
{
class DNSResponseAction
{
public:
- enum class Action { Allow, Delay, Drop, HeaderModify, None };
+ enum class Action { Allow, Delay, Drop, HeaderModify, ServFail, None };
virtual Action operator()(DNSResponse*, string* ruleresult) const =0;
virtual ~DNSResponseAction()
{
stat_t ruleDrop{0};
stat_t ruleNXDomain{0};
stat_t ruleRefused{0};
+ stat_t ruleServFail{0};
stat_t selfAnswered{0};
stat_t downstreamTimeouts{0};
stat_t downstreamSendErrors{0};
{"rule-drop", &ruleDrop},
{"rule-nxdomain", &ruleNXDomain},
{"rule-refused", &ruleRefused},
+ {"rule-servfail", &ruleServFail},
{"self-answered", &selfAnswered},
{"downstream-timeouts", &downstreamTimeouts},
{"downstream-send-errors", &downstreamSendErrors},
"Dynamic blocks (NMG) size"
::= { stats 36 }
+ruleServFail OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Number of ServFail responses returned because of a rule"
+ ::= { stats 37 }
+
backendStatTable OBJECT-TYPE
SYNTAX SEQUENCE OF BackendStatEntry
MAX-ACCESS not-accessible
Invoke a Lua function that accepts a :class:`DNSQuestion`.
This function works similar to using :func:`LuaAction`.
- The ``function`` should return a :ref:`DNSAction`.
+ The ``function`` should return a :ref:`DNSAction`. If the Lua code fails, ServFail is returned.
:param DNSRule: match queries based on this rule
:param string function: the name of a Lua function
.. versionchanged:: 1.3.0
Added the optional parameter ``options``.
- Invoke a Lua function that accepts a :class:`DNSQuestion` on the response.
- This function works similar to using :func:`LuaAction`.
-
- The ``function`` should return a :ref:`DNSAction`.
+ Invoke a Lua function that accepts a :class:`DNSResponse`.
+ This function works similar to using :func:`LuaResponseAction`.
+ The ``function`` should return a :ref:`DNSResponseAction`. If the Lua code fails, ServFail is returned.
:param DNSRule: match queries based on this rule
:param string function: the name of a Lua function
Invoke a Lua function that accepts a :class:`DNSQuestion`.
- The ``function`` should return a :ref:`DNSAction`.
+ The ``function`` should return a :ref:`DNSAction`. If the Lua code fails, ServFail is returned.
:param string function: the name of a Lua function
Invoke a Lua function that accepts a :class:`DNSResponse`.
- The ``function`` should return a :ref:`DNSResponseAction`.
+ The ``function`` should return a :ref:`DNSResponseAction`. If the Lua code fails, ServFail is returned.
:param string function: the name of a Lua function
------------
Number of Refused answers returned because of a rule.
+rule-servfail
+-------------
+Number of ServFail answers returned because of a rule.
+
self-answered
-------------
Number of self-answered responses.
projects / thirdparty / pdns.git / commitdiff
