* `DNSSECRule()`: matches queries with the DO flag set
* `MaxQPSIPRule(qps, v4Mask=32, v6Mask=64)`: matches traffic exceeding the qps limit per subnet
* `MaxQPSRule(qps)`: matches traffic **not** exceeding this qps limit
- * `NetmaskGroupRule()`: matches traffic from the specified network range
+ * `NetmaskGroupRule(nmg, [src-bool])`: matches traffic from the specified network range. Pass `false` as second parameter to match NetmaskGroup against destination address instead of source address
* `NotRule()`: matches if the sub-rule does not match
* `OrRule()`: matches if at least one of the sub-rules matches
* `OpcodeRule()`: matches queries with the specified opcode
return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false));
});
- g_lua.writeFunction("NetmaskGroupRule", [](const NetmaskGroup& nmg) {
- return std::shared_ptr<DNSRule>(new NetmaskGroupRule(nmg));
+ g_lua.writeFunction("NetmaskGroupRule", [](const NetmaskGroup& nmg, bool src = true) {
+ return std::shared_ptr<DNSRule>(new NetmaskGroupRule(nmg, src));
});
g_lua.writeFunction("benchRule", [](std::shared_ptr<DNSRule> rule, boost::optional<int> times_, boost::optional<string> suffix_) {
class NetmaskGroupRule : public NMGRule
{
public:
- NetmaskGroupRule(const NetmaskGroup& nmg) : NMGRule(nmg) {}
+ NetmaskGroupRule(const NetmaskGroup& nmg, bool src) : NMGRule(nmg)
+ {
+ d_src = src;
+ }
bool matches(const DNSQuestion* dq) const override
{
+ if(!d_src) {
+ return d_nmg.match(*dq->local);
+ }
return d_nmg.match(*dq->remote);
}
string toString() const override
{
+ if(!d_src) {
+ return "Dst: "+d_nmg.toString();
+ }
return "Src: "+d_nmg.toString();
}
+private:
+ bool d_src;
};
class AllRule : public DNSRule
projects / thirdparty / pdns.git / commitdiff
