default: ""
- name: "export_tags"
type: "Vec<String>"
- default: true
+ default: ""
- name: "metas"
type: "Vec<ProtoBufMetaConfiguration>"
default: true
if rust_type == 'String':
return value == ''
if rust_type == 'Vec<String>':
- # FIXME
- return True
+ return value == ''
return False
def get_rust_field_name(name):
password: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
api_key: String,
- #[serde(default, skip_serializing_if = "crate::is_default")]
+ #[serde(default = "crate::default_value_webserver_acl", skip_serializing_if = "crate::default_value_equal_webserver_acl")]
acl: Vec<String>,
#[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
api_requires_authentication: bool,
listen_address: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
key: String,
- #[serde(default, skip_serializing_if = "crate::is_default")]
+ #[serde(default = "crate::default_value_console_acl", skip_serializing_if = "crate::default_value_equal_console_acl")]
acl: Vec<String>,
#[serde(default = "crate::U32::<10000000>::value", skip_serializing_if = "crate::U32::<10000000>::is_equal")]
maximum_output_size: u32,
struct IncomingDohConfiguration {
#[serde(default = "crate::default_value_incoming_doh_provider", skip_serializing_if = "crate::default_value_equal_incoming_doh_provider")]
provider: String,
- #[serde(default, skip_serializing_if = "crate::is_default")]
+ #[serde(default = "crate::default_value_incoming_doh_paths", skip_serializing_if = "crate::default_value_equal_incoming_doh_paths")]
paths: Vec<String>,
#[serde(default = "crate::U64::<30>::value", skip_serializing_if = "crate::U64::<30>::is_equal")]
idle_timeout: u64,
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct GlobalConfigurationSerde {
- #[serde(default, skip_serializing_if = "crate::is_default")]
+ #[serde(default = "crate::default_value_global_acl", skip_serializing_if = "crate::default_value_equal_global_acl")]
acl: Vec<String>,
#[serde(default, skip_serializing_if = "crate::is_default")]
backends: Vec<dnsdistsettings::BackendConfiguration>,
}
+// DEFAULT HANDLING for webserver_acl
+fn default_value_webserver_acl() -> Vec<String> {
+ vec![
+ String::from("127.0.0.1"),
+ String::from("::1"),
+ ]
+}
+fn default_value_equal_webserver_acl(value: &Vec<String>) -> bool {
+ let def = default_value_webserver_acl();
+ &def == value
+}
+
+
impl Default for dnsdistsettings::WebserverConfiguration {
fn default() -> Self {
let deserialized: dnsdistsettings::WebserverConfiguration = serde_yaml::from_str("").unwrap();
}
+// DEFAULT HANDLING for console_acl
+fn default_value_console_acl() -> Vec<String> {
+ vec![
+ String::from("127.0.0.1"),
+ String::from("::1"),
+ ]
+}
+fn default_value_equal_console_acl(value: &Vec<String>) -> bool {
+ let def = default_value_console_acl();
+ &def == value
+}
+
+
impl Default for dnsdistsettings::ConsoleConfiguration {
fn default() -> Self {
let deserialized: dnsdistsettings::ConsoleConfiguration = serde_yaml::from_str("").unwrap();
}
+// DEFAULT HANDLING for incoming_doh_paths
+fn default_value_incoming_doh_paths() -> Vec<String> {
+ vec![
+ String::from("/dns-query"),
+ ]
+}
+fn default_value_equal_incoming_doh_paths(value: &Vec<String>) -> bool {
+ let def = default_value_incoming_doh_paths();
+ &def == value
+}
+
+
impl Default for dnsdistsettings::IncomingDohConfiguration {
fn default() -> Self {
let deserialized: dnsdistsettings::IncomingDohConfiguration = serde_yaml::from_str("").unwrap();
}
+// DEFAULT HANDLING for global_acl
+fn default_value_global_acl() -> Vec<String> {
+ vec![
+ String::from("127.0.0.0/8"),
+ String::from("10.0.0.0/8"),
+ String::from("100.64.0.0/10"),
+ String::from("169.254.0.0/16"),
+ String::from("192.168.0.0/16"),
+ String::from("172.16.0.0/12"),
+ String::from("::1/128"),
+ String::from("fc00::/7"),
+ String::from("fe80::/10"),
+ ]
+}
+fn default_value_equal_global_acl(value: &Vec<String>) -> bool {
+ let def = default_value_global_acl();
+ &def == value
+}
+
+
impl Default for GlobalConfigurationSerde {
fn default() -> Self {
let deserialized: GlobalConfigurationSerde = serde_yaml::from_str("").unwrap();
default: ""
- name: "netmasks"
type: "Vec<String>"
- default: true
+ default: ""
- name: "source"
type: "bool"
default: "true"
description: "Number of bits of port to consider over IPv4, for CGNAT deployments. Default is 0 meaning that the port is not taken into account. For example passing ``2`` here, which only makes sense if the IPv4 parameter is set to ``32``, will split a given IPv4 address into four port ranges: ``0-16383``, ``16384-32767``, ``32768-49151`` and ``49152-65535``"
- name: "exclude_ranges"
type: "Vec<String>"
- default: true
+ default: ""
description: "Exclude this list of ranges, meaning that no dynamic block will ever be inserted for clients in that range. Default to empty, meaning rules are applied to all ranges. When used in combination with ``include_ranges`` the more specific entry wins"
- name: "include_ranges"
type: "Vec<String>"
- default: true
+ default: ""
description: "Include this list of ranges, meaning that dynamic rules will be inserted for clients in that range. When used in combination with ``exclude_ranges`` the more specific entry wins"
- name: "exclude_domains"
type: "Vec<String>"
- default: true
+ default: ""
description: "Exclude this list of domains, meaning that no dynamic rules will ever be inserted for this domain via ``suffix-match`` or ``suffix-match-ffi`` rules. Default to empty, meaning rules are applied to all domains"
- name: "rules"
type: "Vec<DynamicRuleConfiguration>"
description: "The maximum number of sessions kept in memory at the same time. Default is 20480. Setting this value to 0 disables stored session entirely"
- name: "ocsp_response_files"
type: "Vec<String>"
- default: true
+ default: ""
description: "List of files containing OCSP responses, in the same order than the certificates and keys, that will be used to provide OCSP stapling responses"
- name: "key_log_file"
type: "String"
description: "DNSCrypt-specific settings"
- name: "additional_addresses"
type: "Vec<String>"
- default: true
+ default: ""
description: "List of additional addresses (with port) to listen on. Using this option instead of creating a new frontend for each address avoids the creation of new thread and Frontend objects, reducing the memory usage. The drawback is that there will be a single set of metrics for all addresses"
- name: "xsk"
type: "String"
description: "The weight of this server, used by the `wrandom`, `whashed` and `chashed` policies, default: 1. Supported values are a minimum of 1, and a maximum of 2147483647"
- name: "pools"
type: "Vec<String>"
- default: true
- description: "List of pools to place this backend into. By default a server is place in the default (\"\") pool"
+ default: ""
+ description: "List of pools to place this backend into. By default a server is placed in the default (\"\") pool"
- name: "tcp"
type: "OutgoingTcpConfiguration"
default: true
runtime-configurable: true
- name: "capabilities_to_retain"
type: "Vec<String>"
- default: true
+ default: ""
lua-name: "addCapabilitiesToRetain"
runtime-configurable: false
default: "0"
- name: "options_to_skip"
type: "Vec<String>"
- default: true
+ default: ""
proxy_protocol:
parameters:
- **alter_function_file**: String ``("")``
- **server_id**: String ``("")``
- **ip_encrypt_key**: String ``("")``
-- **export_tags**: Sequence of String
+- **export_tags**: Sequence of String ``("")``
- **metas**: Sequence of :ref:`ProtoBufMetaConfiguration <yaml-settings-ProtoBufMetaConfiguration>`
Parameters:
- **netmask_group_name**: String ``("")``
-- **netmasks**: Sequence of String
+- **netmasks**: Sequence of String ``("")``
- **source**: Boolean ``(true)``
- **quiet**: Boolean ``(false)``
- **queries_per_second**: Unsigned integer ``(0)`` - Limit the number of queries per second to ``number``, when using the ``firstAvailable`` policy
- **order**: Unsigned integer ``(1)`` - The order of this server, used by the `leastOutstanding` and `firstAvailable` policies
- **weight**: Unsigned integer ``(1)`` - The weight of this server, used by the `wrandom`, `whashed` and `chashed` policies, default: 1. Supported values are a minimum of 1, and a maximum of 2147483647
-- **pools**: Sequence of String - List of pools to place this backend into. By default a server is place in the default ("") pool
+- **pools**: Sequence of String ``("")`` - List of pools to place this backend into. By default a server is placed in the default ("") pool
- **tcp**: :ref:`OutgoingTcpConfiguration <yaml-settings-OutgoingTcpConfiguration>` - TCP-related settings for a backend
- **ip_bind_addr_no_port**: Boolean ``(true)`` - Whether to enable ``IP_BIND_ADDRESS_NO_PORT`` if available
- **health_checks**: :ref:`HealthCheckConfiguration <yaml-settings-HealthCheckConfiguration>` - Health-check settings
- **doq**: :ref:`IncomingDoqConfiguration <yaml-settings-IncomingDoqConfiguration>` - DNS over QUIC-specific settings
- **quic**: :ref:`IncomingQuicConfiguration <yaml-settings-IncomingQuicConfiguration>` - QUIC-specific settings
- **dnscrypt**: :ref:`IncomingDnscryptConfiguration <yaml-settings-IncomingDnscryptConfiguration>` - DNSCrypt-specific settings
-- **additional_addresses**: Sequence of String - List of additional addresses (with port) to listen on. Using this option instead of creating a new frontend for each address avoids the creation of new thread and Frontend objects, reducing the memory usage. The drawback is that there will be a single set of metrics for all addresses
+- **additional_addresses**: Sequence of String ``("")`` - List of additional addresses (with port) to listen on. Using this option instead of creating a new frontend for each address avoids the creation of new thread and Frontend objects, reducing the memory usage. The drawback is that there will be a single set of metrics for all addresses
- **xsk**: String ``("")`` - The name of an XSK sockets map to attach to this frontend, if any
- **mask_ipv4**: Unsigned integer ``(32)`` - Number of bits to keep for IPv4 addresses
- **mask_ipv6**: Unsigned integer ``(64)`` - Number of bits to keep for IPv6 addresses. In some scenarios it might make sense to block a whole /64 IPv6 range instead of a single address, for example
- **mask_port**: Unsigned integer ``(0)`` - Number of bits of port to consider over IPv4, for CGNAT deployments. Default is 0 meaning that the port is not taken into account. For example passing ``2`` here, which only makes sense if the IPv4 parameter is set to ``32``, will split a given IPv4 address into four port ranges: ``0-16383``, ``16384-32767``, ``32768-49151`` and ``49152-65535``
-- **exclude_ranges**: Sequence of String - Exclude this list of ranges, meaning that no dynamic block will ever be inserted for clients in that range. Default to empty, meaning rules are applied to all ranges. When used in combination with ``include_ranges`` the more specific entry wins
-- **include_ranges**: Sequence of String - Include this list of ranges, meaning that dynamic rules will be inserted for clients in that range. When used in combination with ``exclude_ranges`` the more specific entry wins
-- **exclude_domains**: Sequence of String - Exclude this list of domains, meaning that no dynamic rules will ever be inserted for this domain via ``suffix-match`` or ``suffix-match-ffi`` rules. Default to empty, meaning rules are applied to all domains
+- **exclude_ranges**: Sequence of String ``("")`` - Exclude this list of ranges, meaning that no dynamic block will ever be inserted for clients in that range. Default to empty, meaning rules are applied to all ranges. When used in combination with ``include_ranges`` the more specific entry wins
+- **include_ranges**: Sequence of String ``("")`` - Include this list of ranges, meaning that dynamic rules will be inserted for clients in that range. When used in combination with ``exclude_ranges`` the more specific entry wins
+- **exclude_domains**: Sequence of String ``("")`` - Exclude this list of domains, meaning that no dynamic rules will ever be inserted for this domain via ``suffix-match`` or ``suffix-match-ffi`` rules. Default to empty, meaning rules are applied to all domains
- **rules**: Sequence of :ref:`DynamicRuleConfiguration <yaml-settings-DynamicRuleConfiguration>` - List of dynamic rules in this group
- **verbose_health_checks**: Boolean ``(false)``
- **allow_empty_responses**: Boolean ``(false)``
- **drop_empty_queries**: Boolean ``(false)``
-- **capabilities_to_retain**: Sequence of String
+- **capabilities_to_retain**: Sequence of String ``("")``
.. _yaml-settings-HealthCheckConfiguration:
- **session_timeout**: Unsigned integer ``(0)`` - Set the TLS session lifetime in seconds, this is used both for TLS ticket lifetime and for sessions kept in memory
- **session_tickets**: Boolean ``(true)`` - Whether session resumption via session tickets is enabled. Default is true, meaning tickets are enabled
- **number_of_stored_sessions**: Unsigned integer ``(20480)`` - The maximum number of sessions kept in memory at the same time. Default is 20480. Setting this value to 0 disables stored session entirely
-- **ocsp_response_files**: Sequence of String - List of files containing OCSP responses, in the same order than the certificates and keys, that will be used to provide OCSP stapling responses
+- **ocsp_response_files**: Sequence of String ``("")`` - List of files containing OCSP responses, in the same order than the certificates and keys, that will be used to provide OCSP stapling responses
- **key_log_file**: String ``("")`` - Write the TLS keys in the specified file so that an external program can decrypt TLS exchanges, in the format described in https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format. Note that this feature requires OpenSSL >= 1.1.1
- **release_buffers**: Boolean ``(true)`` - Whether OpenSSL should release its I/O buffers when a connection goes idle, saving roughly 35 kB of memory per connection
- **enable_renegotiation**: Boolean ``(false)`` - Whether secure TLS renegotiation should be enabled. Disabled by default since it increases the attack surface and is seldom used for DNS
- **temporary_failure_ttl**: Unsigned integer ``(60)``
- **cookie_hashing**: Boolean ``(false)``
- **maximum_entry_size**: Unsigned integer ``(0)``
-- **options_to_skip**: Sequence of String
+- **options_to_skip**: Sequence of String ``("")``
.. _yaml-settings-PoolConfiguration:
projects / thirdparty / pdns.git / commitdiff
