To be consistent with what the recursor is already doing.
- name: "DnstapLog"
skip-cpp: true
skip-rust: true
- description: "Send the current query to a remote logger as a dnstap message. ``alter-function`` is a callback, receiving a :class:`DNSQuestion` and a :class:`DnstapMessage`, that can be used to modify the message. Subsequent rules are processed after this action"
+ description: "Send the current query to a remote logger as a dnstap message. ``alter_function`` is a callback, receiving a :class:`DNSQuestion` and a :class:`DnstapMessage`, that can be used to modify the message. Subsequent rules are processed after this action"
parameters:
- name: "identity"
type: "String"
- - name: "logger-name"
+ - name: "logger_name"
type: "String"
- - name: "alter-function-name"
+ - name: "alter_function_name"
type: "String"
default: ""
- - name: "alter-function-code"
+ - name: "alter_function_code"
type: "String"
default: ""
- - name: "alter-function-file"
+ - name: "alter_function_file"
type: "String"
default: ""
- name: "drop"
- name: "body"
rust-type: "String"
type: "PacketBuffer"
- - name: "content-type"
+ - name: "content_type"
type: "String"
default: ""
- name: "vars"
type: "ResponseConfig"
default: true
- name: "KeyValueStoreLookup"
- description: "Does a lookup into the key value store using the key returned by ``lookup-key-name``, and storing the result if any into the tag named ``destination-tag``. The store can be a ``CDB`` or a ``LMDB`` database. The key can be based on the qname, source IP or the value of an existing tag. Subsequent rules are processed after this action. Note that the tag is always created, even if there was no match, but in that case the content is empty"
+ description: "Does a lookup into the key value store using the key returned by ``lookup_key_name``, and storing the result if any into the tag named ``destination_tag``. The store can be a ``CDB`` or a ``LMDB`` database. The key can be based on the qname, source IP or the value of an existing tag. Subsequent rules are processed after this action. Note that the tag is always created, even if there was no match, but in that case the content is empty"
skip-cpp: true
skip-rust: true
parameters:
- - name: "kvs-name"
+ - name: "kvs_name"
type: "String"
- - name: "lookup-key-name"
+ - name: "lookup_key_name"
type: "String"
- - name: "destination-tag"
+ - name: "destination_tag"
type: "String"
- name: "KeyValueStoreRangeLookup"
- description: "Does a range-based lookup into the key value store using the key returned by ``lookup-key-name``, and storing the result if any into the tag named ``destination-tag``. This assumes that there is a key in network byte order for the last element of the range (for example ``2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff`` for ``2001:db8::/32``) which contains the first element of the range (``2001:0db8:0000:0000:0000:0000:0000:0000``) (optionally followed by any data) as value, also in network byte order, and that there is no overlapping ranges in the database. This requires that the underlying store supports ordered keys, which is true for LMDB but not for CDB"
+ description: "Does a range-based lookup into the key value store using the key returned by ``lookup_key_name``, and storing the result if any into the tag named ``destination_tag``. This assumes that there is a key in network byte order for the last element of the range (for example ``2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff`` for ``2001:db8::/32``) which contains the first element of the range (``2001:0db8:0000:0000:0000:0000:0000:0000``) (optionally followed by any data) as value, also in network byte order, and that there is no overlapping ranges in the database. This requires that the underlying store supports ordered keys, which is true for LMDB but not for CDB"
skip-cpp: true
skip-rust: true
parameters:
- - name: "kvs-name"
+ - name: "kvs_name"
type: "String"
- - name: "lookup-key-name"
+ - name: "lookup_key_name"
type: "String"
- - name: "destination-tag"
+ - name: "destination_tag"
type: "String"
- name: "log"
description: "Log a line for each query, to the specified file if any, to the console (require verbose) if the empty string is given as filename.
-If an empty string is supplied in the file name, the logging is done to stdout, and only in verbose mode by default. This can be changed by setting ``verbose-only`` to ``false``.
+If an empty string is supplied in the file name, the logging is done to stdout, and only in verbose mode by default. This can be changed by setting ``verbose_only`` to ``false``.
When logging to a file, the ``binary`` parameter specifies whether we log in binary form (default) or in textual form. The ``append`` parameter specifies whether we open the file for appending or truncate each time (default). The ``buffered`` parameter specifies whether writes to the file are buffered (default) or not.
Subsequent rules are processed after this action"
parameters:
- - name: "file-name"
+ - name: "file_name"
type: "String"
default: ""
cpp-optional: false
type: "bool"
default: "false"
cpp-optional: false
- - name: "verbose-only"
+ - name: "verbose_only"
type: "bool"
default: "true"
cpp-optional: false
- - name: "include-timestamp"
+ - name: "include_timestamp"
type: "bool"
default: "false"
cpp-optional: false
skip-cpp: true
skip-rust: true
parameters:
- - name: "function-name"
+ - name: "function_name"
type: "String"
default: ""
- - name: "function-code"
+ - name: "function_code"
type: "String"
default: ""
- - name: "function-file"
+ - name: "function_file"
type: "String"
default: ""
- name: "LuaFFI"
skip-cpp: true
skip-rust: true
parameters:
- - name: "function-name"
+ - name: "function_name"
type: "String"
default: ""
- - name: "function-code"
+ - name: "function_code"
type: "String"
default: ""
- - name: "function-file"
+ - name: "function_file"
type: "String"
default: ""
- name: "LuaFFIPerThread"
- name: "rname"
type: "DNSName"
rust-type: "String"
- - name: "soa-parameters"
+ - name: "soa_parameters"
type: "SOAParams"
- - name: "soa-in-authority"
+ - name: "soa_in_authority"
type: "bool"
default: "false"
- name: "vars"
- name: "none"
description: "Does nothing. Subsequent rules are processed after this action"
- name: "pool"
- description: "Send the packet into the specified pool. If ``stop-processing`` is set to ``false``, subsequent rules will be processed after this action"
+ description: "Send the packet into the specified pool. If ``stop_processing`` is set to ``false``, subsequent rules will be processed after this action"
parameters:
- - name: "pool-name"
+ - name: "pool_name"
type: "String"
- - name: "stop-processing"
+ - name: "stop_processing"
type: "bool"
default: "true"
cpp-optional: false
parameters:
- name: "limit"
type: "u32"
- - name: "pool-name"
+ - name: "pool_name"
type: "String"
- - name: "stop-processing"
+ - name: "stop_processing"
type: "bool"
default: "true"
cpp-optional: false
- name: "RemoteLog"
skip-cpp: true
skip-rust: true
- description: "Send the current query to a remote logger as a Protocol Buffer message. ``alter-function`` is a callback, receiving a :class:`DNSQuestion` and a :class:`DNSDistProtoBufMessage`, that can be used to modify the message, for example for anonymization purposes. Subsequent rules are processed after this action"
+ description: "Send the current query to a remote logger as a Protocol Buffer message. ``alter_function`` is a callback, receiving a :class:`DNSQuestion` and a :class:`DNSDistProtoBufMessage`, that can be used to modify the message, for example for anonymization purposes. Subsequent rules are processed after this action"
parameters:
- - name: "logger-name"
+ - name: "logger_name"
type: "String"
- - name: "alter-function-name"
+ - name: "alter_function_name"
type: "String"
default: ""
- - name: "alter-function-code"
+ - name: "alter_function_code"
type: "String"
default: ""
- - name: "alter-function-file"
+ - name: "alter_function_file"
type: "String"
default: ""
- - name: "server-id"
+ - name: "server_id"
type: "String"
default: ""
- - name: "ip-encrypt-key"
+ - name: "ip_encrypt_key"
type: "String"
default: ""
- - name: "export-tags"
+ - name: "export_tags"
type: "Vec<String>"
default: true
- name: "metas"
description: "Add a Proxy-Protocol Type-Length value to be sent to the server along with this query. It does not replace any existing value with the same type but adds a new value. Be careful that Proxy Protocol values are sent once at the beginning of the TCP connection for TCP and DoT queries. That means that values received on an incoming TCP connection will be inherited by subsequent queries received over the same incoming TCP connection, if any, but values set to a query will not be inherited by subsequent queries. Subsequent rules
are processed after this action"
parameters:
- - name: "proxy-type"
+ - name: "proxy_type"
type: "u8"
- name: "value"
type: "String"
- name: "SetECSOverride"
description: "Whether an existing EDNS Client Subnet value should be overridden (true) or not (false). Subsequent rules are processed after this action"
parameters:
- - name: "override-existing"
+ - name: "override_existing"
type: "bool"
- name: "SetECSPrefixLength"
description: "Set the ECS prefix length. Subsequent rules are processed after this action"
- name: "SetExtendedDNSError"
description: "Set an Extended DNS Error status that will be added to the response corresponding to the current query. Subsequent rules are processed after this action"
parameters:
- - name: "info-code"
+ - name: "info_code"
type: "u16"
- - name: "extra-text"
+ - name: "extra_text"
type: "String"
default: ""
cpp-optional: false
parameters:
- name: "answers"
type: "Vec<String>"
- - name: "qtype-for-any"
+ - name: "qtype_for_any"
type: "String"
default: ""
- name: "vars"
- name: "TC"
description: "Create answer to query with the ``TC`` bit set, and the ``RA`` bit set to the value of ``RD`` in the query, to force the client to TCP"
- name: "tee"
- description: "Send copy of query to remote, keep stats on responses. If ``add-ecs`` is set to true, EDNS Client Subnet information will be added to the query. If ``add-proxy-protocol`` is set to true, a Proxy Protocol v2 payload will be prepended in front of the query. The payload will contain the protocol the initial query was received over (UDP or TCP), as well as the initial source and destination addresses and ports. If ``lca`` has provided a value like “192.0.2.53”, dnsdist will try binding that address as local address when sending the queries. Subsequent rules are processed after this action"
+ description: "Send copy of query to remote, keep stats on responses. If ``add_ecs`` is set to true, EDNS Client Subnet information will be added to the query. If ``add_proxy_protocol`` is set to true, a Proxy Protocol v2 payload will be prepended in front of the query. The payload will contain the protocol the initial query was received over (UDP or TCP), as well as the initial source and destination addresses and ports. If ``lca`` has provided a value like “192.0.2.53”, dnsdist will try binding that address as local address when sending the queries. Subsequent rules are processed after this action"
skip-cpp: true
parameters:
- name: "rca"
type: "ComboAddress"
rust-type: "String"
default: ""
- - name: "add-ecs"
+ - name: "add_ecs"
type: "bool"
default: "false"
- - name: "add-proxy-protocol"
+ - name: "add_proxy_protocol"
type: "bool"
default: "false"
{
return std::shared_ptr<DNSAction>(new SetEDNSOptionAction(code, data));
}
-std::shared_ptr<DNSAction> getLogAction(const std::string& fileName, bool binary, bool append, bool buffered, bool verboseOnly, bool includeTimestamp)
+std::shared_ptr<DNSAction> getLogAction(const std::string& file_name, bool binary, bool append, bool buffered, bool verbose_only, bool include_timestamp)
{
- return std::shared_ptr<DNSAction>(new LogAction(fileName, binary, append, buffered, verboseOnly, includeTimestamp));
+ return std::shared_ptr<DNSAction>(new LogAction(file_name, binary, append, buffered, verbose_only, include_timestamp));
}
std::shared_ptr<DNSAction> getLuaFFIPerThreadAction(const std::string& code)
{
{
return std::shared_ptr<DNSAction>(new NoneAction());
}
-std::shared_ptr<DNSAction> getPoolAction(const std::string& poolName, bool stopProcessing)
+std::shared_ptr<DNSAction> getPoolAction(const std::string& pool_name, bool stop_processing)
{
- return std::shared_ptr<DNSAction>(new PoolAction(poolName, stopProcessing));
+ return std::shared_ptr<DNSAction>(new PoolAction(pool_name, stop_processing));
}
std::shared_ptr<DNSAction> getQPSAction(uint32_t limit)
{
return std::shared_ptr<DNSAction>(new QPSAction(limit));
}
-std::shared_ptr<DNSAction> getQPSPoolAction(uint32_t limit, const std::string& poolName, bool stopProcessing)
+std::shared_ptr<DNSAction> getQPSPoolAction(uint32_t limit, const std::string& pool_name, bool stop_processing)
{
- return std::shared_ptr<DNSAction>(new QPSPoolAction(limit, poolName, stopProcessing));
+ return std::shared_ptr<DNSAction>(new QPSPoolAction(limit, pool_name, stop_processing));
}
-std::shared_ptr<DNSAction> getSetAdditionalProxyProtocolValueAction(uint8_t proxyType, const std::string& value)
+std::shared_ptr<DNSAction> getSetAdditionalProxyProtocolValueAction(uint8_t proxy_type, const std::string& value)
{
- return std::shared_ptr<DNSAction>(new SetAdditionalProxyProtocolValueAction(proxyType, value));
+ return std::shared_ptr<DNSAction>(new SetAdditionalProxyProtocolValueAction(proxy_type, value));
}
std::shared_ptr<DNSAction> getSetDisableECSAction()
{
{
return std::shared_ptr<DNSAction>(new SetDisableValidationAction());
}
-std::shared_ptr<DNSAction> getSetECSOverrideAction(bool overrideExisting)
+std::shared_ptr<DNSAction> getSetECSOverrideAction(bool override_existing)
{
- return std::shared_ptr<DNSAction>(new SetECSOverrideAction(overrideExisting));
+ return std::shared_ptr<DNSAction>(new SetECSOverrideAction(override_existing));
}
std::shared_ptr<DNSAction> getSetECSPrefixLengthAction(uint16_t ipv4, uint16_t ipv6)
{
return std::shared_ptr<DNSAction>(new SetECSPrefixLengthAction(ipv4, ipv6));
}
-std::shared_ptr<DNSAction> getSetExtendedDNSErrorAction(uint16_t infoCode, const std::string& extraText)
+std::shared_ptr<DNSAction> getSetExtendedDNSErrorAction(uint16_t info_code, const std::string& extra_text)
{
- return std::shared_ptr<DNSAction>(new SetExtendedDNSErrorAction(infoCode, extraText));
+ return std::shared_ptr<DNSAction>(new SetExtendedDNSErrorAction(info_code, extra_text));
}
std::shared_ptr<DNSAction> getSetMacAddrAction(uint32_t code)
{
std::shared_ptr<DNSAction> getDelayAction(uint32_t msec);
std::shared_ptr<DNSAction> getDropAction();
std::shared_ptr<DNSAction> getSetEDNSOptionAction(uint32_t code, const std::string& data);
-std::shared_ptr<DNSAction> getLogAction(const std::string& fileName, bool binary, bool append, bool buffered, bool verboseOnly, bool includeTimestamp);
+std::shared_ptr<DNSAction> getLogAction(const std::string& file_name, bool binary, bool append, bool buffered, bool verbose_only, bool include_timestamp);
std::shared_ptr<DNSAction> getLuaFFIPerThreadAction(const std::string& code);
std::shared_ptr<DNSAction> getNoneAction();
-std::shared_ptr<DNSAction> getPoolAction(const std::string& poolName, bool stopProcessing);
+std::shared_ptr<DNSAction> getPoolAction(const std::string& pool_name, bool stop_processing);
std::shared_ptr<DNSAction> getQPSAction(uint32_t limit);
-std::shared_ptr<DNSAction> getQPSPoolAction(uint32_t limit, const std::string& poolName, bool stopProcessing);
-std::shared_ptr<DNSAction> getSetAdditionalProxyProtocolValueAction(uint8_t proxyType, const std::string& value);
+std::shared_ptr<DNSAction> getQPSPoolAction(uint32_t limit, const std::string& pool_name, bool stop_processing);
+std::shared_ptr<DNSAction> getSetAdditionalProxyProtocolValueAction(uint8_t proxy_type, const std::string& value);
std::shared_ptr<DNSAction> getSetDisableECSAction();
std::shared_ptr<DNSAction> getSetDisableValidationAction();
-std::shared_ptr<DNSAction> getSetECSOverrideAction(bool overrideExisting);
+std::shared_ptr<DNSAction> getSetECSOverrideAction(bool override_existing);
std::shared_ptr<DNSAction> getSetECSPrefixLengthAction(uint16_t ipv4, uint16_t ipv6);
-std::shared_ptr<DNSAction> getSetExtendedDNSErrorAction(uint16_t infoCode, const std::string& extraText);
+std::shared_ptr<DNSAction> getSetExtendedDNSErrorAction(uint16_t info_code, const std::string& extra_text);
std::shared_ptr<DNSAction> getSetMacAddrAction(uint32_t code);
std::shared_ptr<DNSAction> getSetNoRecurseAction();
std::shared_ptr<DNSAction> getSetSkipCacheAction();
luaCtx.writeFunction("SetEDNSOptionAction", [](uint32_t code, std::string data) {
return dnsdist::actions::getSetEDNSOptionAction(code, data);
});
-luaCtx.writeFunction("LogAction", [](boost::optional<std::string> fileName, boost::optional<bool> binary, boost::optional<bool> append, boost::optional<bool> buffered, boost::optional<bool> verboseOnly, boost::optional<bool> includeTimestamp) {
- return dnsdist::actions::getLogAction(fileName ? *fileName : "", binary ? *binary : true, append ? *append : false, buffered ? *buffered : false, verboseOnly ? *verboseOnly : true, includeTimestamp ? *includeTimestamp : false);
+luaCtx.writeFunction("LogAction", [](boost::optional<std::string> file_name, boost::optional<bool> binary, boost::optional<bool> append, boost::optional<bool> buffered, boost::optional<bool> verbose_only, boost::optional<bool> include_timestamp) {
+ return dnsdist::actions::getLogAction(file_name ? *file_name : "", binary ? *binary : true, append ? *append : false, buffered ? *buffered : false, verbose_only ? *verbose_only : true, include_timestamp ? *include_timestamp : false);
});
luaCtx.writeFunction("LuaFFIPerThreadAction", [](std::string code) {
return dnsdist::actions::getLuaFFIPerThreadAction(code);
luaCtx.writeFunction("NoneAction", []() {
return dnsdist::actions::getNoneAction();
});
-luaCtx.writeFunction("PoolAction", [](std::string poolName, boost::optional<bool> stopProcessing) {
- return dnsdist::actions::getPoolAction(poolName, stopProcessing ? *stopProcessing : true);
+luaCtx.writeFunction("PoolAction", [](std::string pool_name, boost::optional<bool> stop_processing) {
+ return dnsdist::actions::getPoolAction(pool_name, stop_processing ? *stop_processing : true);
});
luaCtx.writeFunction("QPSAction", [](uint32_t limit) {
return dnsdist::actions::getQPSAction(limit);
});
-luaCtx.writeFunction("QPSPoolAction", [](uint32_t limit, std::string poolName, boost::optional<bool> stopProcessing) {
- return dnsdist::actions::getQPSPoolAction(limit, poolName, stopProcessing ? *stopProcessing : true);
+luaCtx.writeFunction("QPSPoolAction", [](uint32_t limit, std::string pool_name, boost::optional<bool> stop_processing) {
+ return dnsdist::actions::getQPSPoolAction(limit, pool_name, stop_processing ? *stop_processing : true);
});
-luaCtx.writeFunction("SetAdditionalProxyProtocolValueAction", [](uint8_t proxyType, std::string value) {
- return dnsdist::actions::getSetAdditionalProxyProtocolValueAction(proxyType, value);
+luaCtx.writeFunction("SetAdditionalProxyProtocolValueAction", [](uint8_t proxy_type, std::string value) {
+ return dnsdist::actions::getSetAdditionalProxyProtocolValueAction(proxy_type, value);
});
luaCtx.writeFunction("SetDisableECSAction", []() {
return dnsdist::actions::getSetDisableECSAction();
luaCtx.writeFunction("SetDisableValidationAction", []() {
return dnsdist::actions::getSetDisableValidationAction();
});
-luaCtx.writeFunction("SetECSOverrideAction", [](bool overrideExisting) {
- return dnsdist::actions::getSetECSOverrideAction(overrideExisting);
+luaCtx.writeFunction("SetECSOverrideAction", [](bool override_existing) {
+ return dnsdist::actions::getSetECSOverrideAction(override_existing);
});
luaCtx.writeFunction("SetECSPrefixLengthAction", [](uint16_t ipv4, uint16_t ipv6) {
return dnsdist::actions::getSetECSPrefixLengthAction(ipv4, ipv6);
});
-luaCtx.writeFunction("SetExtendedDNSErrorAction", [](uint16_t infoCode, boost::optional<std::string> extraText) {
- return dnsdist::actions::getSetExtendedDNSErrorAction(infoCode, extraText ? *extraText : "");
+luaCtx.writeFunction("SetExtendedDNSErrorAction", [](uint16_t info_code, boost::optional<std::string> extra_text) {
+ return dnsdist::actions::getSetExtendedDNSErrorAction(info_code, extra_text ? *extra_text : "");
});
luaCtx.writeFunction("SetMacAddrAction", [](uint32_t code) {
return dnsdist::actions::getSetMacAddrAction(code);
luaCtx.writeFunction("DSTPortRule", [](uint16_t port) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getDSTPortSelector(port));
});
-luaCtx.writeFunction("EDNSOptionRule", [](uint16_t optionCode) {
- return std::shared_ptr<DNSRule>(dnsdist::selectors::getEDNSOptionSelector(optionCode));
+luaCtx.writeFunction("EDNSOptionRule", [](uint16_t option_code) {
+ return std::shared_ptr<DNSRule>(dnsdist::selectors::getEDNSOptionSelector(option_code));
});
luaCtx.writeFunction("EDNSVersionRule", [](uint8_t version) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getEDNSVersionSelector(version));
luaCtx.writeFunction("MaxQPSRule", [](uint32_t qps, boost::optional<uint32_t> burst) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getMaxQPSSelector(qps, boostToStandardOptional(burst)));
});
-luaCtx.writeFunction("MaxQPSIPRule", [](uint32_t qps, boost::optional<uint8_t> ipv4Mask, boost::optional<uint8_t> ipv6Mask, boost::optional<uint32_t> burst, boost::optional<uint32_t> expiration, boost::optional<uint32_t> cleanupDelay, boost::optional<uint32_t> scanFraction, boost::optional<uint32_t> shards) {
- return std::shared_ptr<DNSRule>(dnsdist::selectors::getMaxQPSIPSelector(qps, boostToStandardOptional(ipv4Mask), boostToStandardOptional(ipv6Mask), boostToStandardOptional(burst), boostToStandardOptional(expiration), boostToStandardOptional(cleanupDelay), boostToStandardOptional(scanFraction), boostToStandardOptional(shards)));
+luaCtx.writeFunction("MaxQPSIPRule", [](uint32_t qps, boost::optional<uint8_t> ipv4_mask, boost::optional<uint8_t> ipv6_mask, boost::optional<uint32_t> burst, boost::optional<uint32_t> expiration, boost::optional<uint32_t> cleanup_delay, boost::optional<uint32_t> scan_fraction, boost::optional<uint32_t> shards) {
+ return std::shared_ptr<DNSRule>(dnsdist::selectors::getMaxQPSIPSelector(qps, boostToStandardOptional(ipv4_mask), boostToStandardOptional(ipv6_mask), boostToStandardOptional(burst), boostToStandardOptional(expiration), boostToStandardOptional(cleanup_delay), boostToStandardOptional(scan_fraction), boostToStandardOptional(shards)));
});
luaCtx.writeFunction("OpcodeRule", [](uint8_t code) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getOpcodeSelector(code));
luaCtx.writeFunction("PoolAvailableRule", [](std::string pool) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getPoolAvailableSelector(pool));
});
-luaCtx.writeFunction("PoolOutstandingRule", [](std::string pool, uint64_t maxOutstanding) {
- return std::shared_ptr<DNSRule>(dnsdist::selectors::getPoolOutstandingSelector(pool, maxOutstanding));
+luaCtx.writeFunction("PoolOutstandingRule", [](std::string pool, uint64_t max_outstanding) {
+ return std::shared_ptr<DNSRule>(dnsdist::selectors::getPoolOutstandingSelector(pool, max_outstanding));
});
luaCtx.writeFunction("ProbaRule", [](double probability) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getProbaSelector(probability));
});
-luaCtx.writeFunction("ProxyProtocolValueRule", [](uint8_t optionType, boost::optional<std::string> optionValue) {
- return std::shared_ptr<DNSRule>(dnsdist::selectors::getProxyProtocolValueSelector(optionType, boostToStandardOptional(optionValue)));
+luaCtx.writeFunction("ProxyProtocolValueRule", [](uint8_t option_type, boost::optional<std::string> option_value) {
+ return std::shared_ptr<DNSRule>(dnsdist::selectors::getProxyProtocolValueSelector(option_type, boostToStandardOptional(option_value)));
});
-luaCtx.writeFunction("QNameLabelsCountRule", [](uint16_t minLabelsCount, uint16_t maxLabelsCount) {
- return std::shared_ptr<DNSRule>(dnsdist::selectors::getQNameLabelsCountSelector(minLabelsCount, maxLabelsCount));
+luaCtx.writeFunction("QNameLabelsCountRule", [](uint16_t min_labels_count, uint16_t max_labels_count) {
+ return std::shared_ptr<DNSRule>(dnsdist::selectors::getQNameLabelsCountSelector(min_labels_count, max_labels_count));
});
luaCtx.writeFunction("QNameWireLengthRule", [](uint16_t min, uint16_t max) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getQNameWireLengthSelector(min, max));
luaCtx.writeFunction("RecordsCountRule", [](uint8_t section, uint16_t minimum, uint16_t maximum) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getRecordsCountSelector(section, minimum, maximum));
});
-luaCtx.writeFunction("RecordsTypeCountRule", [](uint8_t section, uint16_t recordType, uint16_t minimum, uint16_t maximum) {
- return std::shared_ptr<DNSRule>(dnsdist::selectors::getRecordsTypeCountSelector(section, recordType, minimum, maximum));
+luaCtx.writeFunction("RecordsTypeCountRule", [](uint8_t section, uint16_t record_type, uint16_t minimum, uint16_t maximum) {
+ return std::shared_ptr<DNSRule>(dnsdist::selectors::getRecordsTypeCountSelector(section, record_type, minimum, maximum));
});
luaCtx.writeFunction("RegexRule", [](std::string expression) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getRegexSelector(expression));
});
-luaCtx.writeFunction("SNIRule", [](std::string serverName) {
- return std::shared_ptr<DNSRule>(dnsdist::selectors::getSNISelector(serverName));
+luaCtx.writeFunction("SNIRule", [](std::string server_name) {
+ return std::shared_ptr<DNSRule>(dnsdist::selectors::getSNISelector(server_name));
});
luaCtx.writeFunction("TagRule", [](std::string tag, boost::optional<std::string> value) {
return std::shared_ptr<DNSRule>(dnsdist::selectors::getTagSelector(tag, boostToStandardOptional(value)));
object_name = ''
capitalize = True
for char in name:
- if char == '-':
+ if char in ['-', '_']:
capitalize = True
continue
if capitalize:
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
identity: String,
- #[serde(rename = "logger-name", )]
logger_name: String,
- #[serde(rename = "alter-function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
alter_function_name: String,
- #[serde(rename = "alter-function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
alter_function_code: String,
- #[serde(rename = "alter-function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
alter_function_file: String,
}
name: String,
status: u16,
body: String,
- #[serde(rename = "content-type", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
content_type: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
vars: ResponseConfig,
struct KeyValueStoreLookupActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "kvs-name", )]
kvs_name: String,
- #[serde(rename = "lookup-key-name", )]
lookup_key_name: String,
- #[serde(rename = "destination-tag", )]
destination_tag: String,
}
struct KeyValueStoreRangeLookupActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "kvs-name", )]
kvs_name: String,
- #[serde(rename = "lookup-key-name", )]
lookup_key_name: String,
- #[serde(rename = "destination-tag", )]
destination_tag: String,
}
struct LogActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "file-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
file_name: String,
#[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
binary: bool,
append: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
buffered: bool,
- #[serde(rename = "verbose-only", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
verbose_only: bool,
- #[serde(rename = "include-timestamp", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
include_timestamp: bool,
}
struct LuaActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_name: String,
- #[serde(rename = "function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_code: String,
- #[serde(rename = "function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_file: String,
}
struct LuaFFIActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_name: String,
- #[serde(rename = "function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_code: String,
- #[serde(rename = "function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_file: String,
}
ttl: u32,
mname: String,
rname: String,
- #[serde(rename = "soa-parameters", )]
soa_parameters: SOAParams,
- #[serde(rename = "soa-in-authority", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
soa_in_authority: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
vars: ResponseConfig,
struct PoolActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "pool-name", )]
pool_name: String,
- #[serde(rename = "stop-processing", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
stop_processing: bool,
}
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
limit: u32,
- #[serde(rename = "pool-name", )]
pool_name: String,
- #[serde(rename = "stop-processing", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
stop_processing: bool,
}
struct RemoteLogActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "logger-name", )]
logger_name: String,
- #[serde(rename = "alter-function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
alter_function_name: String,
- #[serde(rename = "alter-function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
alter_function_code: String,
- #[serde(rename = "alter-function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
alter_function_file: String,
- #[serde(rename = "server-id", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
server_id: String,
- #[serde(rename = "ip-encrypt-key", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ip_encrypt_key: String,
- #[serde(rename = "export-tags", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
export_tags: Vec<String>,
#[serde(default, skip_serializing_if = "crate::is_default")]
metas: Vec<ProtoBufMetaConfiguration>,
struct SetAdditionalProxyProtocolValueActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "proxy-type", )]
proxy_type: u8,
value: String,
}
struct SetECSOverrideActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "override-existing", )]
override_existing: bool,
}
struct SetExtendedDNSErrorActionConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "info-code", )]
info_code: u16,
- #[serde(rename = "extra-text", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
extra_text: String,
}
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
answers: Vec<String>,
- #[serde(rename = "qtype-for-any", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
qtype_for_any: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
vars: ResponseConfig,
rca: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
lca: String,
- #[serde(rename = "add-ecs", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
add_ecs: bool,
- #[serde(rename = "add-proxy-protocol", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
add_proxy_protocol: bool,
}
struct ByNameSelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "selector-name", )]
selector_name: String,
}
struct EDNSOptionSelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "option-code", )]
option_code: u16,
}
struct KeyValueStoreLookupSelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "kvs-name", )]
kvs_name: String,
- #[serde(rename = "lookup-key-name", )]
lookup_key_name: String,
}
struct KeyValueStoreRangeLookupSelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "kvs-name", )]
kvs_name: String,
- #[serde(rename = "lookup-key-name", )]
lookup_key_name: String,
}
struct LuaSelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_name: String,
- #[serde(rename = "function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_code: String,
- #[serde(rename = "function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_file: String,
}
struct LuaFFISelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_name: String,
- #[serde(rename = "function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_code: String,
- #[serde(rename = "function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_file: String,
}
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
qps: u32,
- #[serde(rename = "ipv4-mask", default = "crate::U8::<32>::value", skip_serializing_if = "crate::U8::<32>::is_equal")]
+ #[serde(default = "crate::U8::<32>::value", skip_serializing_if = "crate::U8::<32>::is_equal")]
ipv4_mask: u8,
- #[serde(rename = "ipv6-mask", default = "crate::U8::<64>::value", skip_serializing_if = "crate::U8::<64>::is_equal")]
+ #[serde(default = "crate::U8::<64>::value", skip_serializing_if = "crate::U8::<64>::is_equal")]
ipv6_mask: u8,
#[serde(default, skip_serializing_if = "crate::is_default")]
burst: u32,
#[serde(default = "crate::U32::<300>::value", skip_serializing_if = "crate::U32::<300>::is_equal")]
expiration: u32,
- #[serde(rename = "cleanup-delay", default = "crate::U32::<60>::value", skip_serializing_if = "crate::U32::<60>::is_equal")]
+ #[serde(default = "crate::U32::<60>::value", skip_serializing_if = "crate::U32::<60>::is_equal")]
cleanup_delay: u32,
- #[serde(rename = "scan-fraction", default = "crate::U32::<10>::value", skip_serializing_if = "crate::U32::<10>::is_equal")]
+ #[serde(default = "crate::U32::<10>::value", skip_serializing_if = "crate::U32::<10>::is_equal")]
scan_fraction: u32,
#[serde(default = "crate::U32::<10>::value", skip_serializing_if = "crate::U32::<10>::is_equal")]
shards: u32,
struct NetmaskGroupSelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "netmask-group-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
netmask_group_name: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
netmasks: Vec<String>,
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
pool: String,
- #[serde(rename = "max-outstanding", )]
max_outstanding: u64,
}
struct ProxyProtocolValueSelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "option-type", )]
option_type: u8,
- #[serde(rename = "option-value", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
option_value: String,
}
name: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
qclass: String,
- #[serde(rename = "numeric-value", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
numeric_value: u16,
}
struct QNameLabelsCountSelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "min-labels-count", )]
min_labels_count: u16,
- #[serde(rename = "max-labels-count", )]
max_labels_count: u16,
}
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
qtype: String,
- #[serde(rename = "numeric-value", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
numeric_value: u16,
}
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
section: u8,
- #[serde(rename = "record-type", )]
record_type: u16,
minimum: u16,
maximum: u16,
struct SNISelectorConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
name: String,
- #[serde(rename = "server-name", )]
server_name: String,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct RemoteLoggingConfiguration {
- #[serde(rename = "protobuf-loggers", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
protobuf_loggers: Vec<ProtobufLoggerConfiguration>,
- #[serde(rename = "dnstap-loggers", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
dnstap_loggers: Vec<DnstapLoggerConfiguration>,
}
address: String,
#[serde(default = "crate::U16::<2>::value", skip_serializing_if = "crate::U16::<2>::is_equal")]
timeout: u16,
- #[serde(rename = "max-queued-entries", default = "crate::U64::<100>::value", skip_serializing_if = "crate::U64::<100>::is_equal")]
+ #[serde(default = "crate::U64::<100>::value", skip_serializing_if = "crate::U64::<100>::is_equal")]
max_queued_entries: u64,
- #[serde(rename = "reconnect-wait-time", default = "crate::U8::<1>::value", skip_serializing_if = "crate::U8::<1>::is_equal")]
+ #[serde(default = "crate::U8::<1>::value", skip_serializing_if = "crate::U8::<1>::is_equal")]
reconnect_wait_time: u8,
}
name: String,
transport: String,
address: String,
- #[serde(rename = "buffer-hint", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
buffer_hint: u64,
- #[serde(rename = "flush-timeout", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
flush_timeout: u64,
- #[serde(rename = "input-queue-size", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
input_queue_size: u64,
- #[serde(rename = "output-queue-size", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
output_queue_size: u64,
- #[serde(rename = "queue-notify-threshold", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
queue_notify_threshold: u64,
- #[serde(rename = "reopen-interval", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
reopen_interval: u64,
}
#[serde(deny_unknown_fields)]
struct LMDBKVStoreConfiguration {
name: String,
- #[serde(rename = "file-name", )]
file_name: String,
- #[serde(rename = "database-name", )]
database_name: String,
- #[serde(rename = "no-lock", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
no_lock: bool,
}
#[serde(deny_unknown_fields)]
struct CDBKVStoreConfiguration {
name: String,
- #[serde(rename = "file-name", )]
file_name: String,
- #[serde(rename = "refresh-delay", )]
refresh_delay: u32,
}
#[serde(deny_unknown_fields)]
struct KVSLookupKeySourceIPConfiguration {
name: String,
- #[serde(rename = "v4-mask", default = "crate::U8::<32>::value", skip_serializing_if = "crate::U8::<32>::is_equal")]
+ #[serde(default = "crate::U8::<32>::value", skip_serializing_if = "crate::U8::<32>::is_equal")]
v4_mask: u8,
- #[serde(rename = "v6-mask", default = "crate::U8::<128>::value", skip_serializing_if = "crate::U8::<128>::is_equal")]
+ #[serde(default = "crate::U8::<128>::value", skip_serializing_if = "crate::U8::<128>::is_equal")]
v6_mask: u8,
- #[serde(rename = "include-port", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
include_port: bool,
}
#[serde(deny_unknown_fields)]
struct KVSLookupKeyQNameConfiguration {
name: String,
- #[serde(rename = "wire-format", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
wire_format: bool,
}
#[serde(deny_unknown_fields)]
struct KVSLookupKeySuffixConfiguration {
name: String,
- #[serde(rename = "minimum-labels", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
minimum_labels: u16,
- #[serde(rename = "wire-format", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
wire_format: bool,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct KVSLookupKeysConfiguration {
- #[serde(rename = "source-ip-keys", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
source_ip_keys: Vec<KVSLookupKeySourceIPConfiguration>,
- #[serde(rename = "qname-keys", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
qname_keys: Vec<KVSLookupKeyQNameConfiguration>,
- #[serde(rename = "suffix-keys", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
suffix_keys: Vec<KVSLookupKeySuffixConfiguration>,
- #[serde(rename = "tag-keys", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
tag_keys: Vec<KVSLookupKeyTagConfiguration>,
}
lmdb: Vec<LMDBKVStoreConfiguration>,
#[serde(default, skip_serializing_if = "crate::is_default")]
cdb: Vec<CDBKVStoreConfiguration>,
- #[serde(rename = "lookup-keys", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
lookup_keys: KVSLookupKeysConfiguration,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct WebserverConfiguration {
- #[serde(rename = "listen-address", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
listen_address: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
password: String,
- #[serde(rename = "api-key", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
api_key: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
acl: Vec<String>,
- #[serde(rename = "api-requires-authentication", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
api_requires_authentication: bool,
- #[serde(rename = "stats-require-authentication", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
stats_require_authentication: bool,
- #[serde(rename = "dashboard-requires-authentication", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
dashboard_requires_authentication: bool,
- #[serde(rename = "max-concurrent-connections", default = "crate::U32::<100>::value", skip_serializing_if = "crate::U32::<100>::is_equal")]
+ #[serde(default = "crate::U32::<100>::value", skip_serializing_if = "crate::U32::<100>::is_equal")]
max_concurrent_connections: u32,
- #[serde(rename = "hash-plaintext-credentials", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
hash_plaintext_credentials: bool,
- #[serde(rename = "custom-headers", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
custom_headers: Vec<HttpCustomResponseHeaderConfiguration>,
- #[serde(rename = "api-configuration-directory", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
api_configuration_directory: String,
- #[serde(rename = "api-read-write", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
api_read_write: bool,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct ConsoleConfiguration {
- #[serde(rename = "listen-address", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
listen_address: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
key: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
acl: Vec<String>,
- #[serde(rename = "maximum-output-size", default = "crate::U32::<10000000>::value", skip_serializing_if = "crate::U32::<10000000>::is_equal")]
+ #[serde(default = "crate::U32::<10000000>::value", skip_serializing_if = "crate::U32::<10000000>::is_equal")]
maximum_output_size: u32,
- #[serde(rename = "log-connections", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
log_connections: bool,
- #[serde(rename = "max-concurrent-connections", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
max_concurrent_connections: u64,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct EbpfMapConfiguration {
- #[serde(rename = "max-entries", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
max_entries: u32,
- #[serde(rename = "pinned-path", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
pinned_path: String,
}
ipv4: EbpfMapConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
ipv6: EbpfMapConfiguration,
- #[serde(rename = "cidr-ipv4", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
cidr_ipv4: EbpfMapConfiguration,
- #[serde(rename = "cidr-ipv6", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
cidr_ipv6: EbpfMapConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
qnames: EbpfMapConfiguration,
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct EdnsClientSubnetConfiguration {
- #[serde(rename = "override-existing", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
override_existing: bool,
- #[serde(rename = "source-prefix-v4", default = "crate::U8::<32>::value", skip_serializing_if = "crate::U8::<32>::is_equal")]
+ #[serde(default = "crate::U8::<32>::value", skip_serializing_if = "crate::U8::<32>::is_equal")]
source_prefix_v4: u8,
- #[serde(rename = "source-prefix-v6", default = "crate::U8::<56>::value", skip_serializing_if = "crate::U8::<56>::is_equal")]
+ #[serde(default = "crate::U8::<56>::value", skip_serializing_if = "crate::U8::<56>::is_equal")]
source_prefix_v6: u8,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct DynamicRulesSettingsConfiguration {
- #[serde(rename = "purge-interval", default = "crate::U64::<60>::value", skip_serializing_if = "crate::U64::<60>::is_equal")]
+ #[serde(default = "crate::U64::<60>::value", skip_serializing_if = "crate::U64::<60>::is_equal")]
purge_interval: u64,
- #[serde(rename = "default-action", default = "crate::default_value_dynamic_rules_settings_default_action", skip_serializing_if = "crate::default_value_equal_dynamic_rules_settings_default_action")]
+ #[serde(default = "crate::default_value_dynamic_rules_settings_default_action", skip_serializing_if = "crate::default_value_equal_dynamic_rules_settings_default_action")]
default_action: String,
}
#[serde(rename = "type", )]
rule_type: String,
seconds: u32,
- #[serde(rename = "action-duration", )]
action_duration: u32,
comment: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
ratio: f64,
#[serde(default = "crate::default_value_dynamic_rule_action", skip_serializing_if = "crate::default_value_equal_dynamic_rule_action")]
action: String,
- #[serde(rename = "warning-rate", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
warning_rate: u32,
- #[serde(rename = "warning-ratio", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
warning_ratio: f64,
- #[serde(rename = "tag-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
tag_name: String,
- #[serde(rename = "tag-value", default = "crate::default_value_dynamic_rule_tag_value", skip_serializing_if = "crate::default_value_equal_dynamic_rule_tag_value")]
+ #[serde(default = "crate::default_value_dynamic_rule_tag_value", skip_serializing_if = "crate::default_value_equal_dynamic_rule_tag_value")]
tag_value: String,
- #[serde(rename = "visitor-function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
visitor_function_name: String,
- #[serde(rename = "visitor-function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
visitor_function_code: String,
- #[serde(rename = "visitor-function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
visitor_function_file: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
rcode: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
qtype: String,
- #[serde(rename = "minimum-number-of-responses", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
minimum_number_of_responses: u32,
- #[serde(rename = "minimum-global-cache-hit-ratio", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
minimum_global_cache_hit_ratio: f64,
}
#[serde(deny_unknown_fields)]
struct DynamicRulesConfiguration {
name: String,
- #[serde(rename = "mask-ipv4", default = "crate::U8::<32>::value", skip_serializing_if = "crate::U8::<32>::is_equal")]
+ #[serde(default = "crate::U8::<32>::value", skip_serializing_if = "crate::U8::<32>::is_equal")]
mask_ipv4: u8,
- #[serde(rename = "mask-ipv6", default = "crate::U8::<64>::value", skip_serializing_if = "crate::U8::<64>::is_equal")]
+ #[serde(default = "crate::U8::<64>::value", skip_serializing_if = "crate::U8::<64>::is_equal")]
mask_ipv6: u8,
- #[serde(rename = "mask-port", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
mask_port: u8,
- #[serde(rename = "exclude-ranges", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
exclude_ranges: Vec<String>,
- #[serde(rename = "include-ranges", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
include_ranges: Vec<String>,
- #[serde(rename = "exclude-domains", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
exclude_domains: Vec<String>,
rules: Vec<DynamicRuleConfiguration>,
}
size: u64,
#[serde(default = "crate::U64::<10>::value", skip_serializing_if = "crate::U64::<10>::is_equal")]
shards: u64,
- #[serde(rename = "lock-retries", default = "crate::U64::<5>::value", skip_serializing_if = "crate::U64::<5>::is_equal")]
+ #[serde(default = "crate::U64::<5>::value", skip_serializing_if = "crate::U64::<5>::is_equal")]
lock_retries: u64,
- #[serde(rename = "record-queries", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
record_queries: bool,
- #[serde(rename = "record-responses", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
record_responses: bool,
}
provider: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
certificates: Vec<IncomingTlsCertificateKeyPairConfiguration>,
- #[serde(rename = "ignore-errors", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ignore_errors: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
ciphers: String,
- #[serde(rename = "ciphers-tls-13", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ciphers_tls_13: String,
- #[serde(rename = "minimum-version", default = "crate::default_value_incoming_tls_minimum_version", skip_serializing_if = "crate::default_value_equal_incoming_tls_minimum_version")]
+ #[serde(default = "crate::default_value_incoming_tls_minimum_version", skip_serializing_if = "crate::default_value_equal_incoming_tls_minimum_version")]
minimum_version: String,
- #[serde(rename = "ticket-key-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ticket_key_file: String,
- #[serde(rename = "tickets-keys-rotation-delay", default = "crate::U32::<43200>::value", skip_serializing_if = "crate::U32::<43200>::is_equal")]
+ #[serde(default = "crate::U32::<43200>::value", skip_serializing_if = "crate::U32::<43200>::is_equal")]
tickets_keys_rotation_delay: u32,
- #[serde(rename = "number-of-tickets-keys", default = "crate::U32::<5>::value", skip_serializing_if = "crate::U32::<5>::is_equal")]
+ #[serde(default = "crate::U32::<5>::value", skip_serializing_if = "crate::U32::<5>::is_equal")]
number_of_tickets_keys: u32,
- #[serde(rename = "prefer-server-ciphers", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
prefer_server_ciphers: bool,
- #[serde(rename = "session-timeout", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
session_timeout: u32,
- #[serde(rename = "session-tickets", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
session_tickets: bool,
- #[serde(rename = "number-of-stored-sessions", default = "crate::U32::<20480>::value", skip_serializing_if = "crate::U32::<20480>::is_equal")]
+ #[serde(default = "crate::U32::<20480>::value", skip_serializing_if = "crate::U32::<20480>::is_equal")]
number_of_stored_sessions: u32,
- #[serde(rename = "ocsp-response-files", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ocsp_response_files: Vec<String>,
- #[serde(rename = "key-log-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
key_log_file: String,
- #[serde(rename = "release-buffers", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
release_buffers: bool,
- #[serde(rename = "enable-renegotiation", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
enable_renegotiation: bool,
- #[serde(rename = "async-mode", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
async_mode: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
ktls: bool,
- #[serde(rename = "read-ahead", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
read_ahead: bool,
- #[serde(rename = "proxy-protocol-outside-tls", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
proxy_protocol_outside_tls: bool,
- #[serde(rename = "ignore-configuration-errors", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ignore_configuration_errors: bool,
}
struct OutgoingTlsConfiguration {
#[serde(default = "crate::default_value_outgoing_tls_provider", skip_serializing_if = "crate::default_value_equal_outgoing_tls_provider")]
provider: String,
- #[serde(rename = "subject-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
subject_name: String,
- #[serde(rename = "subject-address", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
subject_address: String,
- #[serde(rename = "validate-certificate", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
validate_certificate: bool,
- #[serde(rename = "ca-store", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ca_store: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
ciphers: String,
- #[serde(rename = "ciphers-tls-13", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ciphers_tls_13: String,
- #[serde(rename = "key-log-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
key_log_file: String,
- #[serde(rename = "release-buffers", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
release_buffers: bool,
- #[serde(rename = "enable-renegotiation", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
enable_renegotiation: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
ktls: bool,
provider: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
paths: Vec<String>,
- #[serde(rename = "idle-timeout", default = "crate::U64::<30>::value", skip_serializing_if = "crate::U64::<30>::is_equal")]
+ #[serde(default = "crate::U64::<30>::value", skip_serializing_if = "crate::U64::<30>::is_equal")]
idle_timeout: u64,
- #[serde(rename = "server-tokens", default = "crate::default_value_incoming_doh_server_tokens", skip_serializing_if = "crate::default_value_equal_incoming_doh_server_tokens")]
+ #[serde(default = "crate::default_value_incoming_doh_server_tokens", skip_serializing_if = "crate::default_value_equal_incoming_doh_server_tokens")]
server_tokens: String,
- #[serde(rename = "send-cache-control-headers", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
send_cache_control_headers: bool,
- #[serde(rename = "keep-incoming-headers", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
keep_incoming_headers: bool,
- #[serde(rename = "trust-forwarded-for-header", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
trust_forwarded_for_header: bool,
- #[serde(rename = "early-acl-drop", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
early_acl_drop: bool,
- #[serde(rename = "exact-path-matching", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
exact_path_matching: bool,
- #[serde(rename = "internal-pipe-buffer-size", default = "crate::U32::<1048576>::value", skip_serializing_if = "crate::U32::<1048576>::is_equal")]
+ #[serde(default = "crate::U32::<1048576>::value", skip_serializing_if = "crate::U32::<1048576>::is_equal")]
internal_pipe_buffer_size: u32,
- #[serde(rename = "custom-response-headers", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
custom_response_headers: Vec<HttpCustomResponseHeaderConfiguration>,
- #[serde(rename = "responses-map", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
responses_map: Vec<HttpResponsesMapConfiguration>,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct IncomingQuicConfiguration {
- #[serde(rename = "idle-timeout", default = "crate::U64::<5>::value", skip_serializing_if = "crate::U64::<5>::is_equal")]
+ #[serde(default = "crate::U64::<5>::value", skip_serializing_if = "crate::U64::<5>::is_equal")]
idle_timeout: u64,
- #[serde(rename = "congestion-control-algorithm", default = "crate::default_value_incoming_quic_congestion_control_algorithm", skip_serializing_if = "crate::default_value_equal_incoming_quic_congestion_control_algorithm")]
+ #[serde(default = "crate::default_value_incoming_quic_congestion_control_algorithm", skip_serializing_if = "crate::default_value_equal_incoming_quic_congestion_control_algorithm")]
congestion_control_algorithm: String,
- #[serde(rename = "internal-pipe-buffer-size", default = "crate::U32::<1048576>::value", skip_serializing_if = "crate::U32::<1048576>::is_equal")]
+ #[serde(default = "crate::U32::<1048576>::value", skip_serializing_if = "crate::U32::<1048576>::is_equal")]
internal_pipe_buffer_size: u32,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct IncomingDnscryptConfiguration {
- #[serde(rename = "provider-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
provider_name: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
certificates: Vec<IncomingDnscryptCertificateKeyPairConfiguration>,
struct OutgoingDohConfiguration {
#[serde(default = "crate::default_value_outgoing_doh_path", skip_serializing_if = "crate::default_value_equal_outgoing_doh_path")]
path: String,
- #[serde(rename = "add-x-forwarded-headers", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
add_x_forwarded_headers: bool,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct IncomingTcpConfiguration {
- #[serde(rename = "max-in-flight-queries", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
max_in_flight_queries: u32,
- #[serde(rename = "listen-queue-size", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
listen_queue_size: u32,
- #[serde(rename = "fast-open-queue-size", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
fast_open_queue_size: u32,
- #[serde(rename = "max-concurrent-connections", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
max_concurrent_connections: u32,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct BindConfiguration {
- #[serde(rename = "listen-address", )]
listen_address: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
reuseport: bool,
interface: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
cpus: String,
- #[serde(rename = "enable-proxy-protocol", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
enable_proxy_protocol: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
tcp: IncomingTcpConfiguration,
quic: IncomingQuicConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
dnscrypt: IncomingDnscryptConfiguration,
- #[serde(rename = "additional-addresses", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
additional_addresses: Vec<String>,
#[serde(default, skip_serializing_if = "crate::is_default")]
xsk: String,
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct OutgoingTcpConfiguration {
- #[serde(rename = "connect-timeout", default = "crate::U16::<5>::value", skip_serializing_if = "crate::U16::<5>::is_equal")]
+ #[serde(default = "crate::U16::<5>::value", skip_serializing_if = "crate::U16::<5>::is_equal")]
connect_timeout: u16,
- #[serde(rename = "send-timeout", default = "crate::U16::<30>::value", skip_serializing_if = "crate::U16::<30>::is_equal")]
+ #[serde(default = "crate::U16::<30>::value", skip_serializing_if = "crate::U16::<30>::is_equal")]
send_timeout: u16,
- #[serde(rename = "receive-timeout", default = "crate::U16::<30>::value", skip_serializing_if = "crate::U16::<30>::is_equal")]
+ #[serde(default = "crate::U16::<30>::value", skip_serializing_if = "crate::U16::<30>::is_equal")]
receive_timeout: u16,
- #[serde(rename = "fast-open", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
fast_open: bool,
}
struct LazyHealthCheckConfiguration {
#[serde(default = "crate::U16::<30>::value", skip_serializing_if = "crate::U16::<30>::is_equal")]
interval: u16,
- #[serde(rename = "min-sample-count", default = "crate::U16::<1>::value", skip_serializing_if = "crate::U16::<1>::is_equal")]
+ #[serde(default = "crate::U16::<1>::value", skip_serializing_if = "crate::U16::<1>::is_equal")]
min_sample_count: u16,
#[serde(default = "crate::default_value_lazy_health_check_mode", skip_serializing_if = "crate::default_value_equal_lazy_health_check_mode")]
mode: String,
- #[serde(rename = "sample-size", default = "crate::U16::<100>::value", skip_serializing_if = "crate::U16::<100>::is_equal")]
+ #[serde(default = "crate::U16::<100>::value", skip_serializing_if = "crate::U16::<100>::is_equal")]
sample_size: u16,
#[serde(default = "crate::U16::<20>::value", skip_serializing_if = "crate::U16::<20>::is_equal")]
threshold: u16,
- #[serde(rename = "use-exponential-back-off", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
use_exponential_back_off: bool,
- #[serde(rename = "max-back-off", default = "crate::U16::<3600>::value", skip_serializing_if = "crate::U16::<3600>::is_equal")]
+ #[serde(default = "crate::U16::<3600>::value", skip_serializing_if = "crate::U16::<3600>::is_equal")]
max_back_off: u16,
}
function: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
lua: String,
- #[serde(rename = "lua-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
lua_file: String,
#[serde(default = "crate::U16::<1000>::value", skip_serializing_if = "crate::U16::<1000>::is_equal")]
timeout: u16,
- #[serde(rename = "set-cd", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
set_cd: bool,
- #[serde(rename = "max-failures", default = "crate::U8::<1>::value", skip_serializing_if = "crate::U8::<1>::is_equal")]
+ #[serde(default = "crate::U8::<1>::value", skip_serializing_if = "crate::U8::<1>::is_equal")]
max_failures: u8,
#[serde(default = "crate::U8::<1>::value", skip_serializing_if = "crate::U8::<1>::is_equal")]
rise: u8,
#[serde(default = "crate::U32::<1>::value", skip_serializing_if = "crate::U32::<1>::is_equal")]
interval: u32,
- #[serde(rename = "must-resolve", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
must_resolve: bool,
- #[serde(rename = "use-tcp", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
use_tcp: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
lazy: LazyHealthCheckConfiguration,
keep: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
pool: String,
- #[serde(rename = "doh-key", default = "crate::U8::<7>::value", skip_serializing_if = "crate::U8::<7>::is_equal")]
+ #[serde(default = "crate::U8::<7>::value", skip_serializing_if = "crate::U8::<7>::is_equal")]
doh_key: u8,
- #[serde(rename = "use-lazy-health-check", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
use_lazy_health_check: bool,
}
tls: OutgoingTlsConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
doh: OutgoingDohConfiguration,
- #[serde(rename = "use-client-subnet", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
use_client_subnet: bool,
- #[serde(rename = "use-proxy-protocol", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
use_proxy_protocol: bool,
- #[serde(rename = "queries-per-second", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
queries_per_second: u32,
#[serde(default = "crate::U32::<1>::value", skip_serializing_if = "crate::U32::<1>::is_equal")]
order: u32,
retries: u16,
#[serde(default, skip_serializing_if = "crate::is_default")]
tcp: OutgoingTcpConfiguration,
- #[serde(rename = "ip-bind-addr-no-port", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
ip_bind_addr_no_port: bool,
- #[serde(rename = "health-checks", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
health_checks: HealthCheckConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
source: String,
#[serde(default = "crate::U32::<1>::value", skip_serializing_if = "crate::U32::<1>::is_equal")]
sockets: u32,
- #[serde(rename = "disable-zero-scope", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
disable_zero_scope: bool,
- #[serde(rename = "reconnect-on-up", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
reconnect_on_up: bool,
- #[serde(rename = "max-in-flight", default = "crate::U32::<1>::value", skip_serializing_if = "crate::U32::<1>::is_equal")]
+ #[serde(default = "crate::U32::<1>::value", skip_serializing_if = "crate::U32::<1>::is_equal")]
max_in_flight: u32,
- #[serde(rename = "tcp-only", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
tcp_only: bool,
- #[serde(rename = "auto-upgrade", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
auto_upgrade: OutgoingAutoUpgradeConfiguration,
- #[serde(rename = "max-concurrent-tcp-connections", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
max_concurrent_tcp_connections: u32,
#[serde(default, skip_serializing_if = "crate::is_default")]
ktls: bool,
- #[serde(rename = "proxy-protocol-advertise-tls", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
proxy_protocol_advertise_tls: bool,
- #[serde(rename = "xsk-sockets", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
xsk_sockets: Vec<String>,
- #[serde(rename = "mac-address", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
mac_address: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
cpus: String,
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct TcpTuningConfiguration {
- #[serde(rename = "worker-threads", default = "crate::U32::<10>::value", skip_serializing_if = "crate::U32::<10>::is_equal")]
+ #[serde(default = "crate::U32::<10>::value", skip_serializing_if = "crate::U32::<10>::is_equal")]
worker_threads: u32,
- #[serde(rename = "receive-timeout", default = "crate::U32::<2>::value", skip_serializing_if = "crate::U32::<2>::is_equal")]
+ #[serde(default = "crate::U32::<2>::value", skip_serializing_if = "crate::U32::<2>::is_equal")]
receive_timeout: u32,
- #[serde(rename = "send-timeout", default = "crate::U32::<2>::value", skip_serializing_if = "crate::U32::<2>::is_equal")]
+ #[serde(default = "crate::U32::<2>::value", skip_serializing_if = "crate::U32::<2>::is_equal")]
send_timeout: u32,
- #[serde(rename = "max-queries-per-connection", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
max_queries_per_connection: u64,
- #[serde(rename = "max-connection-duration", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
max_connection_duration: u64,
- #[serde(rename = "max-queued-connections", default = "crate::U64::<10000>::value", skip_serializing_if = "crate::U64::<10000>::is_equal")]
+ #[serde(default = "crate::U64::<10000>::value", skip_serializing_if = "crate::U64::<10000>::is_equal")]
max_queued_connections: u64,
- #[serde(rename = "internal-pipe-buffer-size", default = "crate::U32::<1048576>::value", skip_serializing_if = "crate::U32::<1048576>::is_equal")]
+ #[serde(default = "crate::U32::<1048576>::value", skip_serializing_if = "crate::U32::<1048576>::is_equal")]
internal_pipe_buffer_size: u32,
- #[serde(rename = "outgoing-max-idle-time", default = "crate::U64::<300>::value", skip_serializing_if = "crate::U64::<300>::is_equal")]
+ #[serde(default = "crate::U64::<300>::value", skip_serializing_if = "crate::U64::<300>::is_equal")]
outgoing_max_idle_time: u64,
- #[serde(rename = "outgoing-cleanup-interval", default = "crate::U64::<60>::value", skip_serializing_if = "crate::U64::<60>::is_equal")]
+ #[serde(default = "crate::U64::<60>::value", skip_serializing_if = "crate::U64::<60>::is_equal")]
outgoing_cleanup_interval: u64,
- #[serde(rename = "outgoing-max-idle-connection-per-backend", default = "crate::U64::<10>::value", skip_serializing_if = "crate::U64::<10>::is_equal")]
+ #[serde(default = "crate::U64::<10>::value", skip_serializing_if = "crate::U64::<10>::is_equal")]
outgoing_max_idle_connection_per_backend: u64,
- #[serde(rename = "max-connections-per-client", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
max_connections_per_client: u32,
- #[serde(rename = "fast-open-key", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
fast_open_key: String,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct UdpTuningConfiguration {
- #[serde(rename = "messages-per-round", default = "crate::U32::<1>::value", skip_serializing_if = "crate::U32::<1>::is_equal")]
+ #[serde(default = "crate::U32::<1>::value", skip_serializing_if = "crate::U32::<1>::is_equal")]
messages_per_round: u32,
- #[serde(rename = "send-buffer-size", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
send_buffer_size: u32,
- #[serde(rename = "receive-buffer-size", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
receive_buffer_size: u32,
- #[serde(rename = "max-outstanding-per-backend", default = "crate::U32::<65535>::value", skip_serializing_if = "crate::U32::<65535>::is_equal")]
+ #[serde(default = "crate::U32::<65535>::value", skip_serializing_if = "crate::U32::<65535>::is_equal")]
max_outstanding_per_backend: u32,
#[serde(default = "crate::U8::<2>::value", skip_serializing_if = "crate::U8::<2>::is_equal")]
timeout: u8,
- #[serde(rename = "randomize-outgoing-sockets-to-backend", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
randomize_outgoing_sockets_to_backend: bool,
- #[serde(rename = "randomize-ids-to-backend", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
randomize_ids_to_backend: bool,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct TlsTuningConfiguration {
- #[serde(rename = "outgoing-tickets-cache-cleanup-delay", default = "crate::U16::<60>::value", skip_serializing_if = "crate::U16::<60>::is_equal")]
+ #[serde(default = "crate::U16::<60>::value", skip_serializing_if = "crate::U16::<60>::is_equal")]
outgoing_tickets_cache_cleanup_delay: u16,
- #[serde(rename = "outgoing-tickets-cache-validity", default = "crate::U16::<600>::value", skip_serializing_if = "crate::U16::<600>::is_equal")]
+ #[serde(default = "crate::U16::<600>::value", skip_serializing_if = "crate::U16::<600>::is_equal")]
outgoing_tickets_cache_validity: u16,
- #[serde(rename = "max-outgoing-tickets-per-backend", default = "crate::U16::<20>::value", skip_serializing_if = "crate::U16::<20>::is_equal")]
+ #[serde(default = "crate::U16::<20>::value", skip_serializing_if = "crate::U16::<20>::is_equal")]
max_outgoing_tickets_per_backend: u16,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct DohTuningConfiguration {
- #[serde(rename = "outgoing-worker-threads", default = "crate::U32::<10>::value", skip_serializing_if = "crate::U32::<10>::is_equal")]
+ #[serde(default = "crate::U32::<10>::value", skip_serializing_if = "crate::U32::<10>::is_equal")]
outgoing_worker_threads: u32,
- #[serde(rename = "outgoing-max-idle-time", default = "crate::U64::<300>::value", skip_serializing_if = "crate::U64::<300>::is_equal")]
+ #[serde(default = "crate::U64::<300>::value", skip_serializing_if = "crate::U64::<300>::is_equal")]
outgoing_max_idle_time: u64,
- #[serde(rename = "outgoing-cleanup-interval", default = "crate::U64::<60>::value", skip_serializing_if = "crate::U64::<60>::is_equal")]
+ #[serde(default = "crate::U64::<60>::value", skip_serializing_if = "crate::U64::<60>::is_equal")]
outgoing_cleanup_interval: u64,
- #[serde(rename = "outgoing-max-idle-connection-per-backend", default = "crate::U64::<10>::value", skip_serializing_if = "crate::U64::<10>::is_equal")]
+ #[serde(default = "crate::U64::<10>::value", skip_serializing_if = "crate::U64::<10>::is_equal")]
outgoing_max_idle_connection_per_backend: u64,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct CacheSettingsConfiguration {
- #[serde(rename = "stale-entries-ttl", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
stale_entries_ttl: u32,
- #[serde(rename = "cleaning-delay", default = "crate::U16::<60>::value", skip_serializing_if = "crate::U16::<60>::is_equal")]
+ #[serde(default = "crate::U16::<60>::value", skip_serializing_if = "crate::U16::<60>::is_equal")]
cleaning_delay: u16,
- #[serde(rename = "cleaning-percentage", default = "crate::U16::<100>::value", skip_serializing_if = "crate::U16::<100>::is_equal")]
+ #[serde(default = "crate::U16::<100>::value", skip_serializing_if = "crate::U16::<100>::is_equal")]
cleaning_percentage: u16,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct SecurityPollingConfiguration {
- #[serde(rename = "polling-interval", default = "crate::U32::<3600>::value", skip_serializing_if = "crate::U32::<3600>::is_equal")]
+ #[serde(default = "crate::U32::<3600>::value", skip_serializing_if = "crate::U32::<3600>::is_equal")]
polling_interval: u32,
#[serde(default = "crate::default_value_security_polling_suffix", skip_serializing_if = "crate::default_value_equal_security_polling_suffix")]
suffix: String,
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct GeneralConfiguration {
- #[serde(rename = "edns-udp-payload-size-self-generated-answers", default = "crate::U16::<1232>::value", skip_serializing_if = "crate::U16::<1232>::is_equal")]
+ #[serde(default = "crate::U16::<1232>::value", skip_serializing_if = "crate::U16::<1232>::is_equal")]
edns_udp_payload_size_self_generated_answers: u16,
- #[serde(rename = "add-edns-to-self-generated-answers", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
add_edns_to_self_generated_answers: bool,
- #[serde(rename = "truncate-tc-answers", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
truncate_tc_answers: bool,
- #[serde(rename = "fixup-case", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
fixup_case: bool,
#[serde(default, skip_serializing_if = "crate::is_default")]
verbose: bool,
- #[serde(rename = "verbose-health-checks", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
verbose_health_checks: bool,
- #[serde(rename = "allow-empty-responses", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
allow_empty_responses: bool,
- #[serde(rename = "drop-empty-queries", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
drop_empty_queries: bool,
- #[serde(rename = "capabilities-to-retain", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
capabilities_to_retain: Vec<String>,
}
struct PacketCacheConfiguration {
name: String,
size: u64,
- #[serde(rename = "deferrable-insert-lock", default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
+ #[serde(default = "crate::Bool::<true>::value", skip_serializing_if = "crate::if_true")]
deferrable_insert_lock: bool,
- #[serde(rename = "dont-age", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
dont_age: bool,
- #[serde(rename = "keep-stale-data", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
keep_stale_data: bool,
- #[serde(rename = "max-negative-ttl", default = "crate::U32::<3600>::value", skip_serializing_if = "crate::U32::<3600>::is_equal")]
+ #[serde(default = "crate::U32::<3600>::value", skip_serializing_if = "crate::U32::<3600>::is_equal")]
max_negative_ttl: u32,
- #[serde(rename = "max-ttl", default = "crate::U32::<86400>::value", skip_serializing_if = "crate::U32::<86400>::is_equal")]
+ #[serde(default = "crate::U32::<86400>::value", skip_serializing_if = "crate::U32::<86400>::is_equal")]
max_ttl: u32,
- #[serde(rename = "min-ttl", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
min_ttl: u32,
#[serde(default = "crate::U32::<20>::value", skip_serializing_if = "crate::U32::<20>::is_equal")]
shards: u32,
- #[serde(rename = "parse-ecs", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
parse_ecs: bool,
- #[serde(rename = "stale-ttl", default = "crate::U32::<60>::value", skip_serializing_if = "crate::U32::<60>::is_equal")]
+ #[serde(default = "crate::U32::<60>::value", skip_serializing_if = "crate::U32::<60>::is_equal")]
stale_ttl: u32,
- #[serde(rename = "temporary-failure-ttl", default = "crate::U32::<60>::value", skip_serializing_if = "crate::U32::<60>::is_equal")]
+ #[serde(default = "crate::U32::<60>::value", skip_serializing_if = "crate::U32::<60>::is_equal")]
temporary_failure_ttl: u32,
- #[serde(rename = "cookie-hashing", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
cookie_hashing: bool,
- #[serde(rename = "maximum-entry-size", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
maximum_entry_size: u32,
- #[serde(rename = "options-to-skip", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
options_to_skip: Vec<String>,
}
struct ProxyProtocolConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
acl: Vec<String>,
- #[serde(rename = "maximum-payload-size", default = "crate::U32::<512>::value", skip_serializing_if = "crate::U32::<512>::is_equal")]
+ #[serde(default = "crate::U32::<512>::value", skip_serializing_if = "crate::U32::<512>::is_equal")]
maximum_payload_size: u32,
- #[serde(rename = "apply-acl-to-proxied-clients", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
apply_acl_to_proxied_clients: bool,
}
struct SnmpConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
enabled: bool,
- #[serde(rename = "traps-enabled", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
traps_enabled: bool,
- #[serde(rename = "daemon-socket", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
daemon_socket: String,
}
struct QueryCountConfiguration {
#[serde(default, skip_serializing_if = "crate::is_default")]
enabled: bool,
- #[serde(rename = "filter-function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
filter_function_name: String,
- #[serde(rename = "filter-function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
filter_function_code: String,
- #[serde(rename = "filter-function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
filter_function_file: String,
}
#[serde(deny_unknown_fields)]
struct PoolConfiguration {
name: String,
- #[serde(rename = "packet-cache", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
packet_cache: String,
#[serde(default = "crate::default_value_pool_policy", skip_serializing_if = "crate::default_value_equal_pool_policy")]
policy: String,
#[serde(deny_unknown_fields)]
struct CustomLoadBalancingPolicyConfiguration {
name: String,
- #[serde(rename = "function-name", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_name: String,
- #[serde(rename = "function-code", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_code: String,
- #[serde(rename = "function-file", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
function_file: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
ffi: bool,
- #[serde(rename = "per-thread", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
per_thread: bool,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
#[serde(deny_unknown_fields)]
struct LoadBalancingPoliciesConfiguration {
- #[serde(rename = "default-policy", default = "crate::default_value_load_balancing_policies_default_policy", skip_serializing_if = "crate::default_value_equal_load_balancing_policies_default_policy")]
+ #[serde(default = "crate::default_value_load_balancing_policies_default_policy", skip_serializing_if = "crate::default_value_equal_load_balancing_policies_default_policy")]
default_policy: String,
- #[serde(rename = "servfail-on-no-server", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
servfail_on_no_server: bool,
- #[serde(rename = "round-robin-servfail-on-no-server", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
round_robin_servfail_on_no_server: bool,
- #[serde(rename = "weighted-balancing-factor", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
weighted_balancing_factor: f64,
- #[serde(rename = "consistent-hashing-balancing-factor", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
consistent_hashing_balancing_factor: f64,
- #[serde(rename = "custom-policies", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
custom_policies: Vec<CustomLoadBalancingPolicyConfiguration>,
- #[serde(rename = "hash-perturbation", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
hash_perturbation: u32,
}
queues: u16,
#[serde(default = "crate::U32::<65536>::value", skip_serializing_if = "crate::U32::<65536>::is_equal")]
frames: u32,
- #[serde(rename = "map-path", default = "crate::default_value_xsk_map_path", skip_serializing_if = "crate::default_value_equal_xsk_map_path")]
+ #[serde(default = "crate::default_value_xsk_map_path", skip_serializing_if = "crate::default_value_equal_xsk_map_path")]
map_path: String,
}
backends: Vec<dnsdistsettings::BackendConfiguration>,
#[serde(default, skip_serializing_if = "crate::is_default")]
binds: Vec<dnsdistsettings::BindConfiguration>,
- #[serde(rename = "cache-hit-response-rules", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
cache_hit_response_rules: Vec<ResponseRuleConfigurationSerde>,
- #[serde(rename = "cache-inserted-response-rules", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
cache_inserted_response_rules: Vec<ResponseRuleConfigurationSerde>,
- #[serde(rename = "cache-miss-rules", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
cache_miss_rules: Vec<QueryRuleConfigurationSerde>,
- #[serde(rename = "cache-settings", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
cache_settings: dnsdistsettings::CacheSettingsConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
console: dnsdistsettings::ConsoleConfiguration,
- #[serde(rename = "dynamic-rules", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
dynamic_rules: Vec<dnsdistsettings::DynamicRulesConfiguration>,
- #[serde(rename = "dynamic-rules-settings", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
dynamic_rules_settings: dnsdistsettings::DynamicRulesSettingsConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
ebpf: dnsdistsettings::EbpfConfiguration,
- #[serde(rename = "edns-client-subnet", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
edns_client_subnet: dnsdistsettings::EdnsClientSubnetConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
general: dnsdistsettings::GeneralConfiguration,
- #[serde(rename = "key-value-stores", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
key_value_stores: dnsdistsettings::KeyValueStoresConfiguration,
- #[serde(rename = "load-balancing-policies", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
load_balancing_policies: dnsdistsettings::LoadBalancingPoliciesConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
metrics: dnsdistsettings::MetricsConfiguration,
- #[serde(rename = "packet-caches", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
packet_caches: Vec<dnsdistsettings::PacketCacheConfiguration>,
#[serde(default, skip_serializing_if = "crate::is_default")]
pools: Vec<dnsdistsettings::PoolConfiguration>,
- #[serde(rename = "proxy-protocol", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
proxy_protocol: dnsdistsettings::ProxyProtocolConfiguration,
- #[serde(rename = "query-count", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
query_count: dnsdistsettings::QueryCountConfiguration,
- #[serde(rename = "query-rules", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
query_rules: Vec<QueryRuleConfigurationSerde>,
- #[serde(rename = "remote-logging", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
remote_logging: dnsdistsettings::RemoteLoggingConfiguration,
- #[serde(rename = "response-rules", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
response_rules: Vec<ResponseRuleConfigurationSerde>,
- #[serde(rename = "ring-buffers", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
ring_buffers: dnsdistsettings::RingBuffersConfiguration,
- #[serde(rename = "security-polling", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
security_polling: dnsdistsettings::SecurityPollingConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
selectors: Vec<Selector>,
- #[serde(rename = "self-answered-response-rules", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
self_answered_response_rules: Vec<ResponseRuleConfigurationSerde>,
#[serde(default, skip_serializing_if = "crate::is_default")]
snmp: dnsdistsettings::SnmpConfiguration,
tuning: dnsdistsettings::TuningConfiguration,
#[serde(default, skip_serializing_if = "crate::is_default")]
webserver: dnsdistsettings::WebserverConfiguration,
- #[serde(rename = "xfr-response-rules", default, skip_serializing_if = "crate::is_default")]
+ #[serde(default, skip_serializing_if = "crate::is_default")]
xfr_response_rules: Vec<ResponseRuleConfigurationSerde>,
#[serde(default, skip_serializing_if = "crate::is_default")]
xsk: Vec<dnsdistsettings::XskConfiguration>,
// DEFAULT HANDLING for pool_policy
fn default_value_pool_policy() -> String {
- String::from("least-outstanding")
+ String::from("leastOutstanding")
}
fn default_value_equal_pool_policy(value: &str)-> bool {
value == default_value_pool_policy()
no-lua-equivalent: true
description: "References an already declared selector by its name"
parameters:
- - name: "selector-name"
+ - name: "selector_name"
type: "String"
- name: "DNSSEC"
description: "Matches queries with the DO flag set"
- name: "EDNSOption"
description: "Matches queries or responses with the specified EDNS option present"
parameters:
- - name: "option-code"
+ - name: "option_code"
type: "u16"
- name: "EDNSVersion"
description: "Matches queries or responses with an OPT record whose EDNS version is greater than the specified EDNS version"
- name: "KeyValueStoreLookup"
skip-cpp: true
skip-rust: true
- description: "Matches if the key returned by ``lookup-key-name`` exists in the key value store"
+ description: "Matches if the key returned by ``lookup_key_name`` exists in the key value store"
parameters:
- - name: "kvs-name"
+ - name: "kvs_name"
type: "String"
- - name: "lookup-key-name"
+ - name: "lookup_key_name"
type: "String"
- name: "KeyValueStoreRangeLookup"
skip-cpp: true
skip-rust: true
- description: "Does a range-based lookup into the key value store using the key returned by ``lookup-key-name`` and matches if there is a range covering that key.
+ description: "Does a range-based lookup into the key value store using the key returned by ``lookup_key_name`` and matches if there is a range covering that key.
This assumes that there is a key, in network byte order, for the last element of the range (for example ``2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff`` for ``2001:db8::/32``) which contains the first element of the range (``2001:0db8:0000:0000:0000:0000:0000:0000``) (optionally followed by any data) as value, still in network byte order, and that there is no overlapping ranges in the database. This requires that the underlying store supports ordered keys, which is true for ``LMDB`` but not for ``CDB``"
parameters:
- - name: "kvs-name"
+ - name: "kvs_name"
type: "String"
- - name: "lookup-key-name"
+ - name: "lookup_key_name"
type: "String"
- name: "lua"
description: "Invoke a Lua function that accepts a :class:`DNSQuestion` object. The function should return true if the query matches, or false otherwise. If the Lua code fails, false is returned"
skip-cpp: true
skip-rust: true
parameters:
- - name: "function-name"
+ - name: "function_name"
type: "String"
default: ""
- - name: "function-code"
+ - name: "function_code"
type: "String"
default: ""
- - name: "function-file"
+ - name: "function_file"
type: "String"
default: ""
- name: "LuaFFI"
skip-cpp: true
skip-rust: true
parameters:
- - name: "function-name"
+ - name: "function_name"
type: "String"
default: ""
- - name: "function-code"
+ - name: "function_code"
type: "String"
default: ""
- - name: "function-file"
+ - name: "function_file"
type: "String"
default: ""
- name: "LuaFFIPerThread"
type: "u32"
default: 0
- name: "MaxQPSIP"
- description: "Matches traffic for a subnet specified by the v4 or v6 mask exceeding ``qps`` queries per second up to ``burst`` allowed. This rule keeps track of QPS by netmask or source IP. This state is cleaned up regularly if ``cleanup-delay`` is greater than zero, removing existing netmasks or IP addresses that have not been seen in the last ``expiration`` seconds."
+ description: "Matches traffic for a subnet specified by the v4 or v6 mask exceeding ``qps`` queries per second up to ``burst`` allowed. This rule keeps track of QPS by netmask or source IP. This state is cleaned up regularly if ``cleanup_delay`` is greater than zero, removing existing netmasks or IP addresses that have not been seen in the last ``expiration`` seconds."
parameters:
- name: "qps"
type: "u32"
- - name: "ipv4-mask"
+ - name: "ipv4_mask"
type: "u8"
default: 32
- - name: "ipv6-mask"
+ - name: "ipv6_mask"
type: "u8"
default: 64
- name: "burst"
- name: "expiration"
type: "u32"
default: 300
- - name: "cleanup-delay"
+ - name: "cleanup_delay"
type: "u32"
default: 60
- - name: "scan-fraction"
+ - name: "scan_fraction"
type: "u32"
default: 10
- name: "shards"
description: "Matches traffic from/to the network range specified in either the supplied :class:`NetmaskGroup` object or the list of ``netmasks``.
Set the ``source`` parameter to ``false`` to match against destination address instead of source address. This can be used to differentiate between clients"
parameters:
- - name: "netmask-group-name"
+ - name: "netmask_group_name"
type: "String"
default: ""
- name: "netmasks"
parameters:
- name: "pool"
type: "String"
- - name: "max-outstanding"
+ - name: "max_outstanding"
type: "u64"
- name: "proba"
description: "Matches queries with a given probability. 1.0 means \"always\""
- name: "probability"
type: "f64"
- name: "ProxyProtocolValue"
- description: "Matches queries that have a proxy protocol TLV value of the specified type. If ``option-value`` is set, the content of the value should also match the content of value"
+ description: "Matches queries that have a proxy protocol TLV value of the specified type. If ``option_value`` is set, the content of the value should also match the content of value"
parameters:
- - name: "option-type"
+ - name: "option_type"
type: "u8"
- - name: "option-value"
+ - name: "option_value"
type: "String"
default: ""
- name: "QClass"
- name: "qclass"
type: "String"
default: ""
- - name: "numeric-value"
+ - name: "numeric_value"
type: "u16"
default: 0
- name: "QName"
- name: "qname"
type: "String"
- name: "QNameLabelsCount"
- description: "Matches if the qname has less than ``min-labels-count`` or more than ``max-labels-count`` labels"
+ description: "Matches if the qname has less than ``min_labels_count`` or more than ``max_labels_count`` labels"
parameters:
- - name: "min-labels-count"
+ - name: "min_labels_count"
type: "u16"
- - name: "max-labels-count"
+ - name: "max_labels_count"
type: "u16"
- name: "QNameSet"
description: "Matches if the set contains exact qname. To match subdomain names, see :ref:`yaml-settings-QNameSuffixSelector`"
parameters:
- name: "qtype"
type: "String"
- - name: "numeric-value"
+ - name: "numeric_value"
type: "u16"
default: 0
- name: "RCode"
- name: "maximum"
type: "u16"
- name: "RecordsTypeCount"
- description: "Matches if there is at least ``minimum`` and at most ``maximum`` records of type ``record-type`` in the section ``section``. ``section`` is specified as an integer with ``0`` being the question section, ``1`` answer, ``2`` authority and ``3`` additional"
+ description: "Matches if there is at least ``minimum`` and at most ``maximum`` records of type ``record_type`` in the section ``section``. ``section`` is specified as an integer with ``0`` being the question section, ``1`` answer, ``2`` authority and ``3`` additional"
parameters:
- name: "section"
type: "u8"
- - name: "record-type"
+ - name: "record_type"
type: "u16"
- name: "minimum"
type: "u16"
- name: "SNI"
description: "Matches against the TLS Server Name Indication value sent by the client, if any. Only makes sense for DoT or DoH, and for that last one matching on the HTTP Host header using :ref:`yaml-settings-HTTPHeaderSelector` might provide more consistent results"
parameters:
- - name: "server-name"
+ - name: "server_name"
type: "String"
- name: "Tag"
description: "Matches question or answer with a tag named ``tag`` set. If ``value`` is specified, the existing tag value should match too"
{
return std::make_shared<DSTPortRule>(port);
}
-std::shared_ptr<EDNSOptionRule> getEDNSOptionSelector(uint16_t optionCode)
+std::shared_ptr<EDNSOptionRule> getEDNSOptionSelector(uint16_t option_code)
{
- return std::make_shared<EDNSOptionRule>(optionCode);
+ return std::make_shared<EDNSOptionRule>(option_code);
}
std::shared_ptr<EDNSVersionRule> getEDNSVersionSelector(uint8_t version)
{
{
return std::make_shared<MaxQPSRule>(qps, burst ? *burst : 0);
}
-std::shared_ptr<MaxQPSIPRule> getMaxQPSIPSelector(uint32_t qps, std::optional<uint8_t> ipv4Mask, std::optional<uint8_t> ipv6Mask, std::optional<uint32_t> burst, std::optional<uint32_t> expiration, std::optional<uint32_t> cleanupDelay, std::optional<uint32_t> scanFraction, std::optional<uint32_t> shards)
+std::shared_ptr<MaxQPSIPRule> getMaxQPSIPSelector(uint32_t qps, std::optional<uint8_t> ipv4_mask, std::optional<uint8_t> ipv6_mask, std::optional<uint32_t> burst, std::optional<uint32_t> expiration, std::optional<uint32_t> cleanup_delay, std::optional<uint32_t> scan_fraction, std::optional<uint32_t> shards)
{
- return std::make_shared<MaxQPSIPRule>(qps, ipv4Mask ? *ipv4Mask : 32, ipv6Mask ? *ipv6Mask : 64, burst ? *burst : 0, expiration ? *expiration : 300, cleanupDelay ? *cleanupDelay : 60, scanFraction ? *scanFraction : 10, shards ? *shards : 10);
+ return std::make_shared<MaxQPSIPRule>(qps, ipv4_mask ? *ipv4_mask : 32, ipv6_mask ? *ipv6_mask : 64, burst ? *burst : 0, expiration ? *expiration : 300, cleanup_delay ? *cleanup_delay : 60, scan_fraction ? *scan_fraction : 10, shards ? *shards : 10);
}
std::shared_ptr<OpcodeRule> getOpcodeSelector(uint8_t code)
{
{
return std::make_shared<PoolAvailableRule>(pool);
}
-std::shared_ptr<PoolOutstandingRule> getPoolOutstandingSelector(const std::string& pool, uint64_t maxOutstanding)
+std::shared_ptr<PoolOutstandingRule> getPoolOutstandingSelector(const std::string& pool, uint64_t max_outstanding)
{
- return std::make_shared<PoolOutstandingRule>(pool, maxOutstanding);
+ return std::make_shared<PoolOutstandingRule>(pool, max_outstanding);
}
std::shared_ptr<ProbaRule> getProbaSelector(double probability)
{
return std::make_shared<ProbaRule>(probability);
}
-std::shared_ptr<ProxyProtocolValueRule> getProxyProtocolValueSelector(uint8_t optionType, std::optional<std::string> optionValue)
+std::shared_ptr<ProxyProtocolValueRule> getProxyProtocolValueSelector(uint8_t option_type, std::optional<std::string> option_value)
{
- return std::make_shared<ProxyProtocolValueRule>(optionType, optionValue ? *optionValue : "");
+ return std::make_shared<ProxyProtocolValueRule>(option_type, option_value ? *option_value : "");
}
-std::shared_ptr<QNameLabelsCountRule> getQNameLabelsCountSelector(uint16_t minLabelsCount, uint16_t maxLabelsCount)
+std::shared_ptr<QNameLabelsCountRule> getQNameLabelsCountSelector(uint16_t min_labels_count, uint16_t max_labels_count)
{
- return std::make_shared<QNameLabelsCountRule>(minLabelsCount, maxLabelsCount);
+ return std::make_shared<QNameLabelsCountRule>(min_labels_count, max_labels_count);
}
std::shared_ptr<QNameWireLengthRule> getQNameWireLengthSelector(uint16_t min, uint16_t max)
{
{
return std::make_shared<RecordsCountRule>(section, minimum, maximum);
}
-std::shared_ptr<RecordsTypeCountRule> getRecordsTypeCountSelector(uint8_t section, uint16_t recordType, uint16_t minimum, uint16_t maximum)
+std::shared_ptr<RecordsTypeCountRule> getRecordsTypeCountSelector(uint8_t section, uint16_t record_type, uint16_t minimum, uint16_t maximum)
{
- return std::make_shared<RecordsTypeCountRule>(section, recordType, minimum, maximum);
+ return std::make_shared<RecordsTypeCountRule>(section, record_type, minimum, maximum);
}
std::shared_ptr<RegexRule> getRegexSelector(const std::string& expression)
{
return std::make_shared<RegexRule>(expression);
}
-std::shared_ptr<SNIRule> getSNISelector(const std::string& serverName)
+std::shared_ptr<SNIRule> getSNISelector(const std::string& server_name)
{
- return std::make_shared<SNIRule>(serverName);
+ return std::make_shared<SNIRule>(server_name);
}
std::shared_ptr<TagRule> getTagSelector(const std::string& tag, std::optional<std::string> value)
{
std::shared_ptr<AllRule> getAllSelector();
std::shared_ptr<DNSSECRule> getDNSSECSelector();
std::shared_ptr<DSTPortRule> getDSTPortSelector(uint16_t port);
-std::shared_ptr<EDNSOptionRule> getEDNSOptionSelector(uint16_t optionCode);
+std::shared_ptr<EDNSOptionRule> getEDNSOptionSelector(uint16_t option_code);
std::shared_ptr<EDNSVersionRule> getEDNSVersionSelector(uint8_t version);
std::shared_ptr<ERCodeRule> getERCodeSelector(uint64_t rcode);
std::shared_ptr<HTTPHeaderRule> getHTTPHeaderSelector(const std::string& header, const std::string& expression);
std::shared_ptr<HTTPPathRegexRule> getHTTPPathRegexSelector(const std::string& expression);
std::shared_ptr<LuaFFIPerThreadRule> getLuaFFIPerThreadSelector(const std::string& code);
std::shared_ptr<MaxQPSRule> getMaxQPSSelector(uint32_t qps, std::optional<uint32_t> burst);
-std::shared_ptr<MaxQPSIPRule> getMaxQPSIPSelector(uint32_t qps, std::optional<uint8_t> ipv4Mask, std::optional<uint8_t> ipv6Mask, std::optional<uint32_t> burst, std::optional<uint32_t> expiration, std::optional<uint32_t> cleanupDelay, std::optional<uint32_t> scanFraction, std::optional<uint32_t> shards);
+std::shared_ptr<MaxQPSIPRule> getMaxQPSIPSelector(uint32_t qps, std::optional<uint8_t> ipv4_mask, std::optional<uint8_t> ipv6_mask, std::optional<uint32_t> burst, std::optional<uint32_t> expiration, std::optional<uint32_t> cleanup_delay, std::optional<uint32_t> scan_fraction, std::optional<uint32_t> shards);
std::shared_ptr<OpcodeRule> getOpcodeSelector(uint8_t code);
std::shared_ptr<PayloadSizeRule> getPayloadSizeSelector(const std::string& comparison, uint16_t size);
std::shared_ptr<PoolAvailableRule> getPoolAvailableSelector(const std::string& pool);
-std::shared_ptr<PoolOutstandingRule> getPoolOutstandingSelector(const std::string& pool, uint64_t maxOutstanding);
+std::shared_ptr<PoolOutstandingRule> getPoolOutstandingSelector(const std::string& pool, uint64_t max_outstanding);
std::shared_ptr<ProbaRule> getProbaSelector(double probability);
-std::shared_ptr<ProxyProtocolValueRule> getProxyProtocolValueSelector(uint8_t optionType, std::optional<std::string> optionValue);
-std::shared_ptr<QNameLabelsCountRule> getQNameLabelsCountSelector(uint16_t minLabelsCount, uint16_t maxLabelsCount);
+std::shared_ptr<ProxyProtocolValueRule> getProxyProtocolValueSelector(uint8_t option_type, std::optional<std::string> option_value);
+std::shared_ptr<QNameLabelsCountRule> getQNameLabelsCountSelector(uint16_t min_labels_count, uint16_t max_labels_count);
std::shared_ptr<QNameWireLengthRule> getQNameWireLengthSelector(uint16_t min, uint16_t max);
std::shared_ptr<RCodeRule> getRCodeSelector(uint64_t rcode);
std::shared_ptr<RDRule> getRDSelector();
std::shared_ptr<RE2Rule> getRE2Selector(const std::string& expression);
std::shared_ptr<RecordsCountRule> getRecordsCountSelector(uint8_t section, uint16_t minimum, uint16_t maximum);
-std::shared_ptr<RecordsTypeCountRule> getRecordsTypeCountSelector(uint8_t section, uint16_t recordType, uint16_t minimum, uint16_t maximum);
+std::shared_ptr<RecordsTypeCountRule> getRecordsTypeCountSelector(uint8_t section, uint16_t record_type, uint16_t minimum, uint16_t maximum);
std::shared_ptr<RegexRule> getRegexSelector(const std::string& expression);
-std::shared_ptr<SNIRule> getSNISelector(const std::string& serverName);
+std::shared_ptr<SNIRule> getSNISelector(const std::string& server_name);
std::shared_ptr<TagRule> getTagSelector(const std::string& tag, std::optional<std::string> value);
std::shared_ptr<TCPRule> getTCPSelector(bool tcp);
std::shared_ptr<TrailingDataRule> getTrailingDataSelector();
type: "Vec<BindConfiguration>"
default: true
description: "List of endpoints to accept queries on"
- - name: "cache-hit-response-rules"
+ - name: "cache_hit_response_rules"
type: "Vec<ResponseRuleConfiguration>"
default: true
skip-serde: true
description: "List of rules executed on a cache hit"
- - name: "cache-inserted-response-rules"
+ - name: "cache_inserted_response_rules"
type: "Vec<ResponseRuleConfiguration>"
default: true
skip-serde: true
description: "List of rules executed after inserting a new response into the cache"
- - name: "cache-miss-rules"
+ - name: "cache_miss_rules"
type: "Vec<QueryRuleConfiguration>"
default: true
skip-serde: true
description: "List of rules executed after a cache miss"
- - name: "cache-settings"
+ - name: "cache_settings"
type: "CacheSettingsConfiguration"
default: true
description: "Caching-related settings"
type: "ConsoleConfiguration"
default: true
description: "Console-related settings"
- - name: "dynamic-rules"
+ - name: "dynamic_rules"
type: "Vec<DynamicRulesConfiguration>"
default: true
description: "List of dynamic rules"
- - name: "dynamic-rules-settings"
+ - name: "dynamic_rules_settings"
type: "DynamicRulesSettingsConfiguration"
default: true
description: "Dynamic rules-related settings"
type: "EbpfConfiguration"
default: true
description: "EBPF settings"
- - name: "edns-client-subnet"
+ - name: "edns_client_subnet"
type: "EdnsClientSubnetConfiguration"
default: true
description: "EDNS Client Subnet-related settings"
type: "GeneralConfiguration"
default: true
description: "General settings"
- - name: "key-value-stores"
+ - name: "key_value_stores"
type: "KeyValueStoresConfiguration"
default: true
description: "Key-Value stores"
- - name: "load-balancing-policies"
+ - name: "load_balancing_policies"
type: "LoadBalancingPoliciesConfiguration"
default: true
description: "Load-balancing policies"
type: "MetricsConfiguration"
default: true
description: "Metrics-related settings"
- - name: "packet-caches"
+ - name: "packet_caches"
type: "Vec<PacketCacheConfiguration>"
default: true
description: "Packet-cache definitions"
type: "Vec<PoolConfiguration>"
default: true
description: "Pools of backends"
- - name: "proxy-protocol"
+ - name: "proxy_protocol"
type: "ProxyProtocolConfiguration"
default: true
description: "Proxy-protocol-related settings"
- - name: "query-count"
+ - name: "query_count"
type: "QueryCountConfiguration"
default: true
description: "Queries counting-related settings"
- - name: "query-rules"
+ - name: "query_rules"
type: "Vec<QueryRuleConfiguration>"
default: true
skip-serde: true
description: "List of rules executed when a query is received"
- - name: "remote-logging"
+ - name: "remote_logging"
type: "RemoteLoggingConfiguration"
default: true
description: "Remote logging-related settings"
- - name: "response-rules"
+ - name: "response_rules"
type: "Vec<ResponseRuleConfiguration>"
default: true
skip-serde: true
description: "List of rules executed when a response is received"
- - name: "ring-buffers"
+ - name: "ring_buffers"
type: "RingBuffersConfiguration"
default: true
description: "In-memory ring buffer settings"
- - name: "security-polling"
+ - name: "security_polling"
type: "SecurityPollingConfiguration"
default: true
description: "Automatic checking of outdated version"
default: true
skip-serde: true
description: "List of selectors that can be reused in rules"
- - name: "self-answered-response-rules"
+ - name: "self_answered_response_rules"
type: "Vec<ResponseRuleConfiguration>"
default: true
skip-serde: true
type: "WebserverConfiguration"
default: true
description: "Internal web server configuration"
- - name: "xfr-response-rules"
+ - name: "xfr_response_rules"
type: "Vec<ResponseRuleConfiguration>"
default: true
skip-serde: true
default: ""
description: "An optional string specifying the instance name that should be used"
-remote-logging:
+remote_logging:
parameters:
- - name: "protobuf-loggers"
+ - name: "protobuf_loggers"
type: "Vec<ProtobufLoggerConfiguration>"
default: true
- - name: "dnstap-loggers"
+ - name: "dnstap_loggers"
type: "Vec<DnstapLoggerConfiguration>"
default: true
-protobuf-logger:
+protobuf_logger:
parameters:
- name: "name"
type: "String"
type: "u16"
default: 2
description: "TCP connect timeout in seconds"
- - name: "max-queued-entries"
+ - name: "max_queued_entries"
type: "u64"
default: 100
description: "Queue this many messages before dropping new ones (e.g. when the remote listener closes the connection)"
- - name: "reconnect-wait-time"
+ - name: "reconnect_wait_time"
type: "u8"
default: 1
description: "Time in seconds between reconnection attempts"
-dnstap-logger:
+dnstap_logger:
parameters:
- name: "name"
type: "String"
type: "String"
- name: "address"
type: "String"
- - name: "buffer-hint"
+ - name: "buffer_hint"
type: "u64"
default: 0
- - name: "flush-timeout"
+ - name: "flush_timeout"
type: "u64"
default: 0
- - name: "input-queue-size"
+ - name: "input_queue_size"
type: "u64"
default: 0
- - name: "output-queue-size"
+ - name: "output_queue_size"
type: "u64"
default: 0
- - name: "queue-notify-threshold"
+ - name: "queue_notify_threshold"
type: "u64"
default: 0
- - name: "reopen-interval"
+ - name: "reopen_interval"
type: "u64"
default: 0
parameters:
- name: "name"
type: "String"
- - name: "file-name"
+ - name: "file_name"
type: "String"
- - name: "database-name"
+ - name: "database_name"
type: "String"
- - name: "no-lock"
+ - name: "no_lock"
type: "bool"
default: "false"
parameters:
- name: "name"
type: "String"
- - name: "file-name"
+ - name: "file_name"
type: "String"
- - name: "refresh-delay"
+ - name: "refresh_delay"
type: "u32"
KVSLookupKeySourceIP:
parameters:
- name: "name"
type: "String"
- - name: "v4-mask"
+ - name: "v4_mask"
type: "u8"
default: "32"
- - name: "v6-mask"
+ - name: "v6_mask"
type: "u8"
default: "128"
- - name: "include-port"
+ - name: "include_port"
type: "bool"
default: "false"
parameters:
- name: "name"
type: "String"
- - name: "wire-format"
+ - name: "wire_format"
type: "bool"
default: "true"
parameters:
- name: "name"
type: "String"
- - name: "minimum-labels"
+ - name: "minimum_labels"
type: "u16"
default: "0"
- - name: "wire-format"
+ - name: "wire_format"
type: "bool"
default: "true"
KVSLookupKeys:
parameters:
- - name: "source-ip-keys"
+ - name: "source_ip_keys"
type: "Vec<KVSLookupKeySourceIPConfiguration>"
default: true
- - name: "qname-keys"
+ - name: "qname_keys"
type: "Vec<KVSLookupKeyQNameConfiguration>"
default: true
- - name: "suffix-keys"
+ - name: "suffix_keys"
type: "Vec<KVSLookupKeySuffixConfiguration>"
default: true
- - name: "tag-keys"
+ - name: "tag_keys"
type: "Vec<KVSLookupKeyTagConfiguration>"
default: true
-key-value-stores:
+key_value_stores:
parameters:
- name: "lmdb"
type: "Vec<LMDBKVStoreConfiguration>"
- name: "cdb"
type: "Vec<CDBKVStoreConfiguration>"
default: true
- - name: "lookup-keys"
+ - name: "lookup_keys"
type: "KVSLookupKeysConfiguration"
default: true
webserver:
parameters:
- - name: "listen-address"
+ - name: "listen_address"
type: "String"
default: ""
description: "IP address and port to listen on"
type: "String"
default: ""
description: "The password used to access the internal webserver. Since 1.7.0 the password should be hashed and salted via the ``hashPassword()`` command"
- - name: "api-key"
+ - name: "api_key"
type: "String"
default: ""
description: "The API Key (set to an empty string do disable it). Since 1.7.0 the key should be hashed and salted via the ``hashPassword()`` command"
type: "Vec<String>"
default: "127.0.0.1, ::1"
description: "List of network masks or IP addresses that are allowed to open a connection to the web server"
- - name: "api-requires-authentication"
+ - name: "api_requires_authentication"
type: "bool"
default: "true"
description: "Whether access to the API (/api endpoints) requires a valid API key"
- - name: "stats-require-authentication"
+ - name: "stats_require_authentication"
type: "bool"
default: "true"
description: "Whether access to the statistics (/metrics and /jsonstat endpoints) requires a valid password or API key"
- - name: "dashboard-requires-authentication"
+ - name: "dashboard_requires_authentication"
type: "bool"
default: "true"
description: "Whether access to the internal dashboard requires a valid password"
- - name: "max-concurrent-connections"
+ - name: "max_concurrent_connections"
type: "u32"
default: 100
description: "The maximum number of concurrent web connections, or 0 which means an unlimited number"
- - name: "hash-plaintext-credentials"
+ - name: "hash_plaintext_credentials"
type: "bool"
default: "false"
description: "Whether passwords and API keys provided in plaintext should be hashed during startup, to prevent the plaintext versions from staying in memory. Doing so increases significantly the cost of verifying credentials"
- - name: "custom-headers"
+ - name: "custom_headers"
type: "Vec<HttpCustomResponseHeaderConfiguration>"
default: true
- - name: "api-configuration-directory"
+ - name: "api_configuration_directory"
type: "String"
default: ""
- - name: "api-read-write"
+ - name: "api_read_write"
type: "bool"
default: "false"
console:
parameters:
- - name: "listen-address"
+ - name: "listen_address"
type: "String"
default: ""
description: "IP address and port to listen on for console connections"
type: "Vec<String>"
default: "127.0.0.1, ::1"
description: "List of network masks or IP addresses that are allowed to open a connection to the console server"
- - name: "maximum-output-size"
+ - name: "maximum_output_size"
type: "u32"
default: "10000000"
lua-name: "setConsoleOutputMaxMsgSize"
internal-field-name: "d_consoleOutputMsgMaxSize"
runtime-configurable: true
- - name: "log-connections"
+ - name: "log_connections"
type: "bool"
default: "true"
lua-name: "setConsoleConnectionsLogging"
internal-field-name: "d_logConsoleConnections"
runtime-configurable: true
- - name: "max-concurrent-connections"
+ - name: "max_concurrent_connections"
type: "u64"
default: "0"
lua-name: "setConsoleMaximumConcurrentConnections"
internal-field-name: "d_consoleMaxConcurrentConnections"
runtime-configurable: false
-ebpf-map:
+ebpf_map:
parameters:
- - name: "max-entries"
+ - name: "max_entries"
type: "u32"
default: 0
- - name: "pinned-path"
+ - name: "pinned_path"
type: "String"
default: ""
- name: "ipv6"
type: "EbpfMapConfiguration"
default: true
- - name: "cidr-ipv4"
+ - name: "cidr_ipv4"
type: "EbpfMapConfiguration"
default: true
- - name: "cidr-ipv6"
+ - name: "cidr_ipv6"
type: "EbpfMapConfiguration"
default: true
- name: "qnames"
type: "bool"
default: "false"
-edns-client-subnet:
+edns_client_subnet:
parameters:
- - name: "override-existing"
+ - name: "override_existing"
lua-name: "setECSOverride"
internal-field-name: "d_ecsOverride"
runtime-configurable: true
type: "bool"
default: "false"
description: "When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, override an existing option already present in the query, if any. Please see Passing the source address to the backend for more information. Note that it’s not recommended to enable setECSOverride in front of an authoritative server responding with EDNS Client Subnet information as mismatching data (ECS scopes) can confuse clients and lead to SERVFAIL responses on downstream nameservers"
- - name: "source-prefix-v4"
+ - name: "source_prefix_v4"
lua-name: "setECSSourcePrefixV4"
internal-field-name: "d_ECSSourcePrefixV4"
runtime-configurable: true
type: "u8"
default: 32
description: "When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, truncate the requestor's IPv4 address to `prefix` bits"
- - name: "source-prefix-v6"
+ - name: "source_prefix_v6"
lua-name: "setECSSourcePrefixV6"
internal-field-name: "d_ECSSourcePrefixV6"
runtime-configurable: true
default: 56
description: "When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, truncate the requestor's IPv6 address to `prefix` bits"
-dynamic-rules-settings:
+dynamic_rules_settings:
parameters:
- - name: "purge-interval"
+ - name: "purge_interval"
type: "u64"
default: "60"
lua-name: "setDynBlocksPurgeInterval"
internal-field-name: "d_dynBlocksPurgeInterval"
runtime-configurable: true
- - name: "default-action"
+ - name: "default_action"
type: "String"
default: "Drop"
-dynamic-rule:
+dynamic_rule:
parameters:
- name: "type"
rename: "rule_type"
type: "String"
- name: "seconds"
type: "u32"
- - name: "action-duration"
+ - name: "action_duration"
type: "u32"
- name: "comment"
type: "String"
- name: "action"
type: "String"
default: "drop"
- - name: "warning-rate"
+ - name: "warning_rate"
type: "u32"
default: "0"
- - name: "warning-ratio"
+ - name: "warning_ratio"
type: "f64"
default: "0.0"
- - name: "tag-name"
+ - name: "tag_name"
type: "String"
default: ""
- - name: "tag-value"
+ - name: "tag_value"
type: "String"
default: "0"
- - name: "visitor-function-name"
+ - name: "visitor_function_name"
type: "String"
default: ""
- - name: "visitor-function-code"
+ - name: "visitor_function_code"
type: "String"
default: ""
- - name: "visitor-function-file"
+ - name: "visitor_function_file"
type: "String"
default: ""
- name: "rcode"
- name: "qtype"
type: "String"
default: ""
- - name: "minimum-number-of-responses"
+ - name: "minimum_number_of_responses"
type: "u32"
default: "0"
- - name: "minimum-global-cache-hit-ratio"
+ - name: "minimum_global_cache_hit_ratio"
type: "f64"
default: "0.0"
-dynamic-rules:
+dynamic_rules:
parameters:
- name: "name"
type: "String"
- - name: "mask-ipv4"
+ - name: "mask_ipv4"
type: "u8"
default: "32"
- - name: "mask-ipv6"
+ - name: "mask_ipv6"
type: "u8"
default: "64"
- - name: "mask-port"
+ - name: "mask_port"
type: u8
default: "0"
- - name: "exclude-ranges"
+ - name: "exclude_ranges"
type: "Vec<String>"
default: true
- - name: "include-ranges"
+ - name: "include_ranges"
type: "Vec<String>"
default: true
- - name: "exclude-domains"
+ - name: "exclude_domains"
type: "Vec<String>"
default: true
- name: "rules"
type: "Vec<DynamicRuleConfiguration>"
-ring-buffers:
+ring_buffers:
parameters:
- name: "size"
type: "u64"
lua-name: "setRingBuffersSize"
internal-field-name: "d_ringsNumberOfShards"
runtime-configurable: false
- - name: "lock-retries"
+ - name: "lock_retries"
type: "u64"
default: 5
description: "Set the number of shards to attempt to lock without blocking before giving up and simply blocking while waiting for the next shard to be available. Default to 5 if there is more than one shard, 0 otherwise"
lua-name: "setRingBuffersOptions"
internal-field-name: "d_ringsNbLockTries"
runtime-configurable: false
- - name: "record-queries"
+ - name: "record_queries"
type: "bool"
default: "true"
description: "Whether to record queries in the ring buffers"
lua-name: "setRingBuffersOptions"
internal-field-name: "d_ringsRecordQueries"
runtime-configurable: false
- - name: "record-responses"
+ - name: "record_responses"
type: "bool"
default: "true"
description: "Whether to record responses in the ring buffers"
internal-field-name: "d_ringsRecordResponses"
runtime-configurable: false
-incoming-tls-certificate-key-pair:
+incoming_tls_certificate_key_pair:
parameters:
- name: "certificate"
type: "String"
type: "String"
default: ""
-incoming-tls:
+incoming_tls:
parameters:
- name: "provider"
type: "String"
- name: "certificates"
type: "Vec<IncomingTlsCertificateKeyPairConfiguration>"
default: true
- - name: "ignore-errors"
+ - name: "ignore_errors"
type: "bool"
default: "false"
- name: "ciphers"
type: "String"
default: ""
- - name: "ciphers-tls-13"
+ - name: "ciphers_tls_13"
type: "String"
default: ""
- - name: "minimum-version"
+ - name: "minimum_version"
type: "String"
default: "tls1.0"
- - name: "ticket-key-file"
+ - name: "ticket_key_file"
type: "String"
default: ""
- - name: "tickets-keys-rotation-delay"
+ - name: "tickets_keys_rotation_delay"
type: "u32"
default: "43200"
- - name: "number-of-tickets-keys"
+ - name: "number_of_tickets_keys"
type: "u32"
default: "5"
- - name: "prefer-server-ciphers"
+ - name: "prefer_server_ciphers"
type: "bool"
default: "true"
- - name: "session-timeout"
+ - name: "session_timeout"
type: "u32"
default: "0"
- - name: "session-tickets"
+ - name: "session_tickets"
type: "bool"
default: "true"
- - name: "number-of-stored-sessions"
+ - name: "number_of_stored_sessions"
type: "u32"
default: "20480"
- - name: "ocsp-response-files"
+ - name: "ocsp_response_files"
type: "Vec<String>"
default: true
- - name: "key-log-file"
+ - name: "key_log_file"
type: "String"
default: ""
- - name: "release-buffers"
+ - name: "release_buffers"
type: "bool"
default: "true"
- - name: "enable-renegotiation"
+ - name: "enable_renegotiation"
type: "bool"
default: "false"
- - name: "async-mode"
+ - name: "async_mode"
type: "bool"
default: "false"
- name: "ktls"
type: "bool"
default: "false"
- - name: "read-ahead"
+ - name: "read_ahead"
type: "bool"
default: "true"
- - name: "proxy-protocol-outside-tls"
+ - name: "proxy_protocol_outside_tls"
type: "bool"
default: "false"
- - name: "ignore-configuration-errors"
+ - name: "ignore_configuration_errors"
type: "bool"
default: "false"
-outgoing-tls:
+outgoing_tls:
parameters:
- name: "provider"
type: "String"
default: "OpenSSL"
- - name: "subject-name"
+ - name: "subject_name"
type: "String"
default: ""
- - name: "subject-address"
+ - name: "subject_address"
type: "String"
default: ""
- - name: "validate-certificate"
+ - name: "validate_certificate"
type: "bool"
default: "true"
- - name: "ca-store"
+ - name: "ca_store"
type: "String"
default: ""
- name: "ciphers"
type: "String"
default: ""
- - name: "ciphers-tls-13"
+ - name: "ciphers_tls_13"
type: "String"
default: ""
- - name: "key-log-file"
+ - name: "key_log_file"
type: "String"
default: ""
- - name: "release-buffers"
+ - name: "release_buffers"
type: "bool"
default: "true"
- - name: "enable-renegotiation"
+ - name: "enable_renegotiation"
type: "bool"
default: "false"
- name: "ktls"
type: "bool"
default: "false"
-http-custom-response-header:
+http_custom_response_header:
parameters:
- name: "key"
type: "String"
- name: "value"
type: "String"
-http-responses-map:
+http_responses_map:
parameters:
- name: "expression"
type: "String"
type: "Vec<HttpCustomResponseHeaderConfiguration>"
default: true
-incoming-doh:
+incoming_doh:
parameters:
- name: "provider"
type: "String"
- name: "paths"
type: "Vec<String>"
default: "/dns-query"
- - name: "idle-timeout"
+ - name: "idle_timeout"
type: "u64"
default: 30
- - name: "server-tokens"
+ - name: "server_tokens"
type: "String"
default: "h2o/dnsdist"
- - name: "send-cache-control-headers"
+ - name: "send_cache_control_headers"
type: "bool"
default: "true"
- - name: "keep-incoming-headers"
+ - name: "keep_incoming_headers"
type: "bool"
default: "false"
- - name: "trust-forwarded-for-header"
+ - name: "trust_forwarded_for_header"
type: "bool"
default: "false"
- - name: "early-acl-drop"
+ - name: "early_acl_drop"
type: "bool"
default: "true"
- - name: "exact-path-matching"
+ - name: "exact_path_matching"
type: "bool"
default: "true"
- - name: "internal-pipe-buffer-size"
+ - name: "internal_pipe_buffer_size"
type: "u32"
default: 1048576
- - name: "custom-response-headers"
+ - name: "custom_response_headers"
type: "Vec<HttpCustomResponseHeaderConfiguration>"
default: true
- - name: "responses-map"
+ - name: "responses_map"
type: "Vec<HttpResponsesMapConfiguration>"
default: true
-incoming-doq:
+incoming_doq:
parameters:
- name: "max_concurrent_queries_per_connection"
type: "u64"
default: 65535
-incoming-quic:
+incoming_quic:
parameters:
- - name: "idle-timeout"
+ - name: "idle_timeout"
type: "u64"
default: 5
- - name: "congestion-control-algorithm"
+ - name: "congestion_control_algorithm"
type: "String"
default: "reno"
- - name: "internal-pipe-buffer-size"
+ - name: "internal_pipe_buffer_size"
type: "u32"
default: 1048576
-incoming-dnscrypt-certificate-key-pair:
+incoming_dnscrypt_certificate_key_pair:
parameters:
- name: "certificate"
type: "String"
- name: "key"
type: "String"
-incoming-dnscrypt:
+incoming_dnscrypt:
parameters:
- - name: "provider-name"
+ - name: "provider_name"
type: "String"
default: ""
- name: "certificates"
type: "Vec<IncomingDnscryptCertificateKeyPairConfiguration>"
default: true
-outgoing-doh:
+outgoing_doh:
parameters:
- name: "path"
type: "String"
default: "/dns-query"
- - name: "add-x-forwarded-headers"
+ - name: "add_x_forwarded_headers"
type: "bool"
default: "false"
-incoming-tcp:
+incoming_tcp:
parameters:
- - name: "max-in-flight-queries"
+ - name: "max_in_flight_queries"
type: "u32"
default: 0
- - name: "listen-queue-size"
+ - name: "listen_queue_size"
type: "u32"
default: 0
- - name: "fast-open-queue-size"
+ - name: "fast_open_queue_size"
type: "u32"
default: 0
- - name: "max-concurrent-connections"
+ - name: "max_concurrent_connections"
type: "u32"
default: 0
bind:
parameters:
- - name: "listen-address"
+ - name: "listen_address"
type: "String"
description: "Address and port to listen to"
- name: "reuseport"
- name: "cpus"
type: "String"
default: ""
- - name: "enable-proxy-protocol"
+ - name: "enable_proxy_protocol"
type: "bool"
default: "false"
- name: "tcp"
- name: "dnscrypt"
type: "IncomingDnscryptConfiguration"
default: true
- - name: "additional-addresses"
+ - name: "additional_addresses"
type: "Vec<String>"
default: true
- name: "xsk"
type: "String"
default: ""
-outgoing-tcp:
+outgoing_tcp:
parameters:
- - name: "connect-timeout"
+ - name: "connect_timeout"
type: "u16"
default: 5
- - name: "send-timeout"
+ - name: "send_timeout"
type: "u16"
default: 30
- - name: "receive-timeout"
+ - name: "receive_timeout"
type: "u16"
default: 30
- - name: "fast-open"
+ - name: "fast_open"
type: "bool"
default: "false"
-proxy-protocol-value:
+proxy_protocol_value:
parameters:
- name: "key"
type: "u8"
- name: "value"
type: "String"
-lazy-health-check:
+lazy_health_check:
parameters:
- name: "interval"
type: "u16"
default: 30
- - name: "min-sample-count"
+ - name: "min_sample_count"
type: "u16"
default: 1
- name: "mode"
type: "String"
default: "TimeoutOrServFail"
- - name: "sample-size"
+ - name: "sample_size"
type: "u16"
default: 100
- name: "threshold"
type: "u16"
default: 20
- - name: "use-exponential-back-off"
+ - name: "use_exponential_back_off"
type: "bool"
default: "false"
- - name: "max-back-off"
+ - name: "max_back_off"
type: "u16"
default: 3600
-health-check:
+health_check:
parameters:
- name: "mode"
type: "String"
- name: "lua"
type: "String"
default: ""
- - name: "lua-file"
+ - name: "lua_file"
type: "String"
default: ""
- name: "timeout"
type: "u16"
default: 1000
- - name: "set-cd"
+ - name: "set_cd"
type: "bool"
default: "false"
- - name: "max-failures"
+ - name: "max_failures"
type: "u8"
default: "1"
- name: "rise"
- name: "interval"
type: "u32"
default: "1"
- - name: "must-resolve"
+ - name: "must_resolve"
type: "bool"
default: "false"
- - name: "use-tcp"
+ - name: "use_tcp"
type: "bool"
default: "false"
- name: "lazy"
type: "LazyHealthCheckConfiguration"
default: true
-outgoing-auto-upgrade:
+outgoing_auto_upgrade:
parameters:
- name: "enabled"
type: "bool"
- name: "pool"
type: "String"
default: ""
- - name: "doh-key"
+ - name: "doh_key"
type: "u8"
default: "7"
- - name: "use-lazy-health-check"
+ - name: "use_lazy_health_check"
type: "bool"
default: "false"
- name: "doh"
type: "OutgoingDohConfiguration"
default: true
- - name: "use-client-subnet"
+ - name: "use_client_subnet"
type: "bool"
default: "false"
- - name: "use-proxy-protocol"
+ - name: "use_proxy_protocol"
type: "bool"
default: "false"
- - name: "queries-per-second"
+ - name: "queries_per_second"
type: "u32"
default: 0
- name: "order"
- name: "tcp"
type: "OutgoingTcpConfiguration"
default: true
- - name: "ip-bind-addr-no-port"
+ - name: "ip_bind_addr_no_port"
type: "bool"
default: "true"
- - name: "health-checks"
+ - name: "health_checks"
type: "HealthCheckConfiguration"
default: true
- name: "source"
- name: "sockets"
type: "u32"
default: "1"
- - name: "disable-zero-scope"
+ - name: "disable_zero_scope"
type: "bool"
default: "false"
- - name: "reconnect-on-up"
+ - name: "reconnect_on_up"
type: "bool"
default: "false"
- - name: "max-in-flight"
+ - name: "max_in_flight"
type: "u32"
default: "1"
- - name: "tcp-only"
+ - name: "tcp_only"
type: "bool"
default: "false"
- - name: "auto-upgrade"
+ - name: "auto_upgrade"
type: "OutgoingAutoUpgradeConfiguration"
default: true
- - name: "max-concurrent-tcp-connections"
+ - name: "max_concurrent_tcp_connections"
type: "u32"
default: 0
- name: "ktls"
type: "bool"
default: "false"
- - name: "proxy-protocol-advertise-tls"
+ - name: "proxy_protocol_advertise_tls"
type: "bool"
default: "false"
- - name: "xsk-sockets"
+ - name: "xsk_sockets"
type: "Vec<String>"
default: true
- - name: "mac-address"
+ - name: "mac_address"
type: "String"
default: ""
- name: "cpus"
type: "UdpTuningConfiguration"
default: true
-tcp-tuning:
+tcp_tuning:
category: "tuning.tcp"
parameters:
- - name: "worker-threads"
+ - name: "worker_threads"
type: "u32"
default: 10
lua-name: "setMaxTCPClientThreads"
internal-field-name: "d_maxTCPClientThreads"
runtime-configurable: false
- - name: "receive-timeout"
+ - name: "receive_timeout"
type: "u32"
default: 2
lua-name: "setTCPRecvTimeout"
internal-field-name: "d_tcpRecvTimeout"
runtime-configurable: true
- - name: "send-timeout"
+ - name: "send_timeout"
type: "u32"
default: 2
lua-name: "setTCPSendTimeout"
internal-field-name: "d_tcpSendTimeout"
runtime-configurable: true
- - name: "max-queries-per-connection"
+ - name: "max_queries_per_connection"
type: "u64"
default: "0"
lua-name: "setMaxTCPQueriesPerConnection"
internal-field-name: "d_maxTCPQueriesPerConn"
runtime-configurable: true
- - name: "max-connection-duration"
+ - name: "max_connection_duration"
type: "u64"
default: "0"
lua-name: "setMaxTCPConnectionDuration"
internal-field-name: "d_maxTCPConnectionDuration"
runtime-configurable: true
- - name: "max-queued-connections"
+ - name: "max_queued_connections"
type: "u64"
default: "10000"
lua-name: "setMaxTCPQueuedConnections"
internal-field-name: "d_maxTCPQueuedConnections"
runtime-configurable: false
- - name: "internal-pipe-buffer-size"
+ - name: "internal_pipe_buffer_size"
type: "u32"
default: 1048576
lua-name: "setTCPInternalPipeBufferSize"
internal-field-name: "d_tcpInternalPipeBufferSize"
runtime-configurable: false
- - name: "outgoing-max-idle-time"
+ - name: "outgoing_max_idle_time"
type: "u64"
default: 300
lua-name: "setTCPDownstreamMaxIdleTime"
internal-field-name: "d_outgoingTCPMaxIdleTime"
runtime-configurable: false
- - name: "outgoing-cleanup-interval"
+ - name: "outgoing_cleanup_interval"
type: "u64"
default: 60
lua-name: "setTCPDownstreamCleanupInterval"
internal-field-name: "d_outgoingTCPCleanupInterval"
runtime-configurable: false
- - name: "outgoing-max-idle-connection-per-backend"
+ - name: "outgoing_max_idle_connection_per_backend"
type: "u64"
default: 10
lua-name: "setMaxCachedTCPConnectionsPerDownstream"
internal-field-name: "d_outgoingTCPMaxIdlePerBackend"
runtime-configurable: false
- - name: "max-connections-per-client"
+ - name: "max_connections_per_client"
type: "u32"
default: 0
lua-name: "setMaxTCPConnectionsPerClient"
internal-field-name: "d_maxTCPConnectionsPerClient"
runtime-configurable: false
- - name: "fast-open-key"
+ - name: "fast_open_key"
type: "String"
default: ""
lua-name: "setTCPFastOpenKey"
runtime-configurable: false
-udp-tuning:
+udp_tuning:
category: "tuning.udp"
parameters:
- - name: "messages-per-round"
+ - name: "messages_per_round"
type: "u32"
default: 1
lua-name: "setUDPMultipleMessagesVectorSize"
internal-field-name: "d_udpVectorSize"
runtime-configurable: false
- - name: "send-buffer-size"
+ - name: "send_buffer_size"
type: "u32"
default: 0
lua-name: "setUDPSocketBufferSizes"
internal-field-name: "d_socketUDPSendBuffer"
runtime-configurable: false
- - name: "receive-buffer-size"
+ - name: "receive_buffer_size"
type: "u32"
default: 0
lua-name: "setUDPSocketBufferSizes"
internal-field-name: "d_socketUDPRecvBuffer"
runtime-configurable: false
- - name: "max-outstanding-per-backend"
+ - name: "max_outstanding_per_backend"
type: "u32"
default: 65535
lua-name: "setMaxUDPOutstanding"
lua-name: "setUDPTimeout"
internal-field-name: "d_udpTimeout"
runtime-configurable: false
- - name: "randomize-outgoing-sockets-to-backend"
+ - name: "randomize_outgoing_sockets_to_backend"
type: "bool"
default: "false"
lua-name: "setRandomizedOutgoingSockets"
internal-field-name: "d_randomizeUDPSocketsToBackend"
runtime-configurable: false
- - name: "randomize-ids-to-backend"
+ - name: "randomize_ids_to_backend"
type: "bool"
default: "false"
lua-name: "setRandomizedIdsOverUDP"
internal-field-name: "d_randomizeIDsToBackend"
runtime-configurable: false
-tls-tuning:
+tls_tuning:
category: "tuning.tls"
parameters:
- - name: "outgoing-tickets-cache-cleanup-delay"
+ - name: "outgoing_tickets_cache_cleanup_delay"
type: "u16"
default: "60"
lua-name: "setOutgoingTLSSessionsCacheCleanupDelay"
internal-field-name: "d_tlsSessionCacheCleanupDelay"
runtime-configurable: true
- - name: "outgoing-tickets-cache-validity"
+ - name: "outgoing_tickets_cache_validity"
type: "u16"
default: "600"
lua-name: "setOutgoingTLSSessionsCacheMaxTicketValidity"
internal-field-name: "d_tlsSessionCacheSessionValidity"
runtime-configurable: true
- - name: "max-outgoing-tickets-per-backend"
+ - name: "max_outgoing_tickets_per_backend"
type: "u16"
default: "20"
lua-name: "setOutgoingTLSSessionsCacheMaxTicketsPerBackend"
internal-field-name: "d_tlsSessionCacheMaxSessionsPerBackend"
runtime-configurable: true
-doh-tuning:
+doh_tuning:
category: "tuning.doh"
parameters:
- - name: "outgoing-worker-threads"
+ - name: "outgoing_worker_threads"
type: "u32"
default: 10
lua-name: "setOutgoingDoHWorkerThreads"
internal-field-name: "d_outgoingDoHWorkers"
runtime-configurable: false
- - name: "outgoing-max-idle-time"
+ - name: "outgoing_max_idle_time"
type: "u64"
default: 300
lua-name: "setDoHDownstreamMaxIdleTime"
internal-field-name: "d_outgoingDoHMaxIdleTime"
runtime-configurable: false
- - name: "outgoing-cleanup-interval"
+ - name: "outgoing_cleanup_interval"
type: "u64"
default: 60
lua-name: "setDoHDownstreamCleanupInterval"
internal-field-name: "d_outgoingDoHCleanupInterval"
runtime-configurable: false
- - name: "outgoing-max-idle-connection-per-backend"
+ - name: "outgoing_max_idle_connection_per_backend"
type: "u64"
default: 10
lua-name: "setMaxIdleDoHConnectionsPerDownstream"
internal-field-name: "d_outgoingDoHMaxIdlePerBackend"
runtime-configurable: false
-cache-settings:
+cache_settings:
parameters:
- - name: "stale-entries-ttl"
+ - name: "stale_entries_ttl"
type: "u32"
default: "0"
lua-name: "setStaleCacheEntriesTTL"
internal-field-name: "d_staleCacheEntriesTTL"
runtime-configurable: true
- - name: "cleaning-delay"
+ - name: "cleaning_delay"
type: "u16"
default: "60"
lua-name: "setCacheCleaningDelay"
internal-field-name: "d_cacheCleaningDelay"
runtime-configurable: true
- - name: "cleaning-percentage"
+ - name: "cleaning_percentage"
type: "u16"
default: "100"
lua-name: "setCacheCleaningPercentage"
internal-field-name: "d_cacheCleaningPercentage"
runtime-configurable: true
-security-polling:
+security_polling:
parameters:
- - name: "polling-interval"
+ - name: "polling_interval"
type: "u32"
default: "3600"
lua-name: "setSecurityPollInterval"
general:
parameters:
- - name: "edns-udp-payload-size-self-generated-answers"
+ - name: "edns_udp_payload_size_self_generated_answers"
type: "u16"
default: "1232"
lua-name: "setPayloadSizeOnSelfGeneratedAnswers"
internal-field-name: "d_payloadSizeSelfGenAnswers"
runtime-configurable: true
- - name: "add-edns-to-self-generated-answers"
+ - name: "add_edns_to_self_generated_answers"
type: "bool"
default: "true"
lua-name: "setAddEDNSToSelfGeneratedResponses"
internal-field-name: "d_addEDNSToSelfGeneratedResponses"
runtime-configurable: true
- - name: "truncate-tc-answers"
+ - name: "truncate_tc_answers"
type: "bool"
default: "false"
lua-name: "truncateTC"
internal-field-name: "d_truncateTC"
runtime-configurable: true
- - name: "fixup-case"
+ - name: "fixup_case"
type: "bool"
default: "false"
lua-name: "fixupCase"
lua-name: "setVerbose"
internal-field-name: "d_verbose"
runtime-configurable: true
- - name: "verbose-health-checks"
+ - name: "verbose_health_checks"
type: "bool"
default: "false"
lua-name: "setVerboseHealthChecks"
internal-field-name: "d_verboseHealthChecks"
runtime-configurable: true
- - name: "allow-empty-responses"
+ - name: "allow_empty_responses"
type: "bool"
default: "false"
lua-name: "setAllowEmptyResponse"
internal-field-name: "d_allowEmptyResponse"
runtime-configurable: true
- - name: "drop-empty-queries"
+ - name: "drop_empty_queries"
type: "bool"
default: "false"
lua-name: "setDropEmptyQueries"
internal-field-name: "d_dropEmptyQueries"
runtime-configurable: true
- - name: "capabilities-to-retain"
+ - name: "capabilities_to_retain"
type: "Vec<String>"
default: true
lua-name: "addCapabilitiesToRetain"
runtime-configurable: false
-packet-cache:
+packet_cache:
parameters:
- name: "name"
type: "String"
- name: "size"
type: "u64"
- - name: "deferrable-insert-lock"
+ - name: "deferrable_insert_lock"
type: "bool"
default: "true"
- - name: "dont-age"
+ - name: "dont_age"
type: "bool"
default: "false"
- - name: "keep-stale-data"
+ - name: "keep_stale_data"
type: "bool"
default: "false"
- - name: "max-negative-ttl"
+ - name: "max_negative_ttl"
type: "u32"
default: "3600"
- - name: "max-ttl"
+ - name: "max_ttl"
type: "u32"
default: "86400"
- - name: "min-ttl"
+ - name: "min_ttl"
type: "u32"
default: 0
- name: "shards"
type: "u32"
default: "20"
- - name: "parse-ecs"
+ - name: "parse_ecs"
type: "bool"
default: "false"
- - name: "stale-ttl"
+ - name: "stale_ttl"
type: "u32"
default: "60"
- - name: "temporary-failure-ttl"
+ - name: "temporary_failure_ttl"
type: "u32"
default: "60"
- - name: "cookie-hashing"
+ - name: "cookie_hashing"
type: "bool"
default: "false"
- - name: "maximum-entry-size"
+ - name: "maximum_entry_size"
type: "u32"
default: "0"
- - name: "options-to-skip"
+ - name: "options_to_skip"
type: "Vec<String>"
default: true
-proxy-protocol:
+proxy_protocol:
parameters:
- name: "acl"
type: "Vec<String>"
default: ""
- - name: "maximum-payload-size"
+ - name: "maximum_payload_size"
type: "u32"
default: "512"
lua-name: "setProxyProtocolMaximumPayloadSize"
internal-field-name: "d_proxyProtocolMaximumSize"
runtime-configurable: true
- - name: "apply-acl-to-proxied-clients"
+ - name: "apply_acl_to_proxied_clients"
type: "bool"
default: "false"
lua-name: "setProxyProtocolApplyACLToProxiedClients"
lua-name: "snmpAgent"
internal-field-name: "d_snmpEnabled"
runtime-configurable: false
- - name: "traps-enabled"
+ - name: "traps_enabled"
type: "bool"
default: "false"
lua-name: "snmpAgent"
internal-field-name: "d_snmpTrapsEnabled"
runtime-configurable: false
- - name: "daemon-socket"
+ - name: "daemon_socket"
type: "String"
default: ""
lua-name: "snmpAgent"
internal-field-name: "d_snmpDaemonSocketPath"
runtime-configurable: false
-query-count:
+query_count:
parameters:
- name: "enabled"
type: "bool"
default: "false"
- - name: "filter-function-name"
+ - name: "filter_function_name"
type: "String"
default: ""
- - name: "filter-function-code"
+ - name: "filter_function_code"
type: "String"
default: ""
- - name: "filter-function-file"
+ - name: "filter_function_file"
type: "String"
default: ""
parameters:
- name: "name"
type: "String"
- - name: "packet-cache"
+ - name: "packet_cache"
type: "String"
default: true
- name: "policy"
type: "String"
- default: "least-outstanding"
+ default: "leastOutstanding"
-custom-load-balancing-policy:
+custom_load_balancing_policy:
parameters:
- name: "name"
type: "String"
- - name: "function-name"
+ - name: "function_name"
type: "String"
default: ""
- - name: "function-code"
+ - name: "function_code"
type: "String"
default: ""
- - name: "function-file"
+ - name: "function_file"
type: "String"
default: ""
- name: "ffi"
type: "bool"
default: "false"
- - name: "per-thread"
+ - name: "per_thread"
type: "bool"
default: "false"
-load-balancing-policies:
+load_balancing_policies:
parameters:
- - name: "default-policy"
+ - name: "default_policy"
type: "String"
default: "leastOutstanding"
lua-name: "setServerPolicy"
runtime-configurable: true
- - name: "servfail-on-no-server"
+ - name: "servfail_on_no_server"
type: "bool"
default: "false"
lua-name: "setServFailWhenNoServer"
internal-field-name: "d_servFailOnNoPolicy"
runtime-configurable: true
- - name: "round-robin-servfail-on-no-server"
+ - name: "round_robin_servfail_on_no_server"
type: "bool"
default: "false"
lua-name: "setRoundRobinFailOnNoServer"
internal-field-name: "d_roundrobinFailOnNoServer"
runtime-configurable: true
- - name: "weighted-balancing-factor"
+ - name: "weighted_balancing_factor"
type: "f64"
default: 0.0
lua-name: "setWeightedBalancingFactor"
internal-field-name: "d_weightedBalancingFactor"
runtime-configurable: false
- - name: "consistent-hashing-balancing-factor"
+ - name: "consistent_hashing_balancing_factor"
type: "f64"
default: 0.0
lua-name: "setConsistentHashingBalancingFactor"
internal-field-name: "d_consistentHashBalancingFactor"
runtime-configurable: false
- - name: "custom-policies"
+ - name: "custom_policies"
type: "Vec<CustomLoadBalancingPolicyConfiguration>"
default: true
- - name: "hash-perturbation"
+ - name: "hash_perturbation"
type: "u32"
default: "0"
lua-name: "setWHashedPertubation"
internal-field-name: "d_hashPerturbation"
runtime-configurable: false
-query-rule:
+query_rule:
skip-serde: true
parameters:
- name: "name"
- name: "action"
type: "Action"
-response-rule:
+response_rule:
skip-serde: true
parameters:
- name: "name"
- name: "frames"
type: "u32"
default: 65536
- - name: "map-path"
+ - name: "map_path"
type: "String"
default: "/sys/fs/bpf/dnsdist/xskmap"
.. code-block:: yaml
- packet-caches:
+ packet_caches:
- name: "pc"
size: 1000
- max-ttl: 86400
- min-ttl: 0
- temporary-failure-ttl: 60
- state-ttl: 60
- dont-age: false
+ max_ttl: 86400
+ min_ttl: 0
+ temporary_failure_ttl: 60
+ state_ttl: 60
+ dont_age: false
pools:
- name: ""
- packet-cache: "pc"
+ packet_cache: "pc"
The :func:`setStaleCacheEntriesTTL` directive can be used to allow dnsdist to use expired entries from the cache when no backend is available.
Only entries that have expired for less than n seconds will be used, and the returned TTL can be set when creating a new cache with :func:`newPacketCache`.
.. code-block:: yaml
console:
- listen-address: "192.0.2.53:5199"
+ listen_address: "192.0.2.53:5199"
Enabling the console without encryption enabled is not recommended. Note that encryption requires building dnsdist with either libsodium or libcrypto support enabled.
.. code-block:: yaml
console:
- listen-address: "192.0.2.53:5199"
+ listen_address: "192.0.2.53:5199"
key: "ENCODED KEY"
Now you can run ``dnsdist -c`` to connect to the console.
.. code-block:: yaml
console:
- listen-address: "192.0.2.53:5199"
+ listen_address: "192.0.2.53:5199"
key: "ENCODED KEY"
acl:
- "192.0.2.0/24"
.. code-block:: yaml
binds:
- - listen-address: "2001:db8:1:f00::1"
+ - listen_address: "2001:db8:1:f00::1"
protocol: "DoH3"
tls:
certificates:
- certificate: "/etc/ssl/certs/example.com.pem"
key: "/etc/ssl/private/example.com.key"
quic:
- congestion-control-algorithm: "bbr"
+ congestion_control_algorithm: "bbr"
A particular attention should be taken to the permissions of the certificate and key files. Many ACME clients used to get and renew certificates, like CertBot, set permissions assuming that services are started as root, which is no longer true for dnsdist as of 1.5.0. For that particular case, making a copy of the necessary files in the /etc/dnsdist directory is advised, using for example CertBot's ``--deploy-hook`` feature to copy the files with the right permissions after a renewal.
.. code-block:: yaml
- - listen-address: "2001:db8:1:f00::1"
+ - listen_address: "2001:db8:1:f00::1"
protocol: "DoH"
tls:
certificates:
provider: "nghttp2"
paths:
- "/"
- custom-response-headers:
+ custom_response_headers:
- key: "link"
value: "<https://example.com/policy.html> rel=\\"service-meta\\"; type=\\"text/html\\""
protocol: "DoH"
tls:
provider: "openssl"
- validate-certificate: true
- subject-name: "doh.powerdns.com"
+ validate_certificate: true
+ subject_name: "doh.powerdns.com"
doh:
path: "/dns-query"
.. code-block:: yaml
binds:
- - listen-address: "2001:db8:1:f00::1"
+ - listen_address: "2001:db8:1:f00::1"
protocol: "DoQ"
tls:
certificates:
- certificate: "/etc/ssl/certs/example.com.pem"
key: "/etc/ssl/private/example.com.key"
quic:
- congestion-control-algorithm: "bbr"
+ congestion_control_algorithm: "bbr"
A particular attention should be taken to the permissions of the certificate and key files. Many ACME clients used to get and renew certificates, like CertBot, set permissions assuming that services are started as root, which is no longer true for dnsdist as of 1.5.0. For that particular case, making a copy of the necessary files in the /etc/dnsdist directory is advised, using for example CertBot's ``--deploy-hook`` feature to copy the files with the right permissions after a renewal.
.. code-block:: yaml
binds:
- - listen-address: "192.0.2.55"
+ - listen_address: "192.0.2.55"
protocol: "DoT"
tls:
certificates:
.. code-block:: yaml
binds:
- - listen-address: "127.0.0.1:8443"
+ - listen_address: "127.0.0.1:8443"
protocol: "DNSCrypt"
dnscrypt:
- provider-name: "2.providername"
+ provider_name: "2.providername"
certificates:
- certificate: "/path/to/resolver.cert"
key: "/path/to/resolver.key"
backends:
- address: "192.0.2.1"
protocol: "Do53"
- health-checks:
+ health_checks:
qname: "a.root-servers.net."
qtype: "AAAA"
qclass: "CHAOS"
- must-resolve: true
+ must_resolve: true
You can turn on logging of health check errors using the :func:`setVerboseHealthChecks` function.
backends:
- address: "192.0.2.1"
protocol: "Do53"
- health-checks:
+ health_checks:
mode: "lazy"
rise: 2
- max-failures: 3
- check-interval: 1
+ max_failures: 3
+ check_interval: 1
lazy:
mode: "TimeoutOnly"
interval: 30
threshold: 30
- sample-size: 100
- min-sample-count: 10
+ sample_size: 100
+ min_sample_count: 10
The 'lazy' mode also supports using an exponential back-off time between health-check queries, once a backend has been moved to the 'down' state. This can be enabled by setting the ``lazyHealthCheckUseExponentialBackOff`` parameter to 'true'. Once the backend has been marked as 'down', the first query will be sent after ``lazyHealthCheckFailedInterval`` seconds, the second one after 2 times ``lazyHealthCheckFailedInterval`` seconds, the third after 4 times ``lazyHealthCheckFailedInterval`` seconds, and so on and so forth, until ``lazyHealthCheckMaxBackOff`` has been reached. Then probes will be sent every ``lazyHealthCheckMaxBackOff`` seconds (default is 3600 so one hour) until the backend comes 'up' again.
.. code-block:: yaml
webserver:
- listen-address: "127.0.0.1:8083"
+ listen_address: "127.0.0.1:8083"
password: "supersecretpassword"
- api-key: "supersecretAPIkey"
+ api_key: "supersecretAPIkey"
acl:
- "192.0.2.0/24"
- "!192.0.2.1"
qps: 10
- address: "192.0.2.1"
protocol: Do53
- load-balancing-policies:
- default-policy: "firstAvailable"
+ load_balancing_policies:
+ default_policy: "firstAvailable"
Now run dnsdist again, reading this configuration::
- "2001:db8:1::/56"
- "2001:db8:2::/56"
binds:
- - listen-address: "192.0.2.53"
+ - listen_address: "192.0.2.53"
protocol: Do53
- - listen-address: "[::1]:5300"
+ - listen_address: "[::1]:5300"
protocol: Do53
DnstapLogAction
---------------
-Send the current query to a remote logger as a dnstap message. ``alter-function`` is a callback, receiving a :class:`DNSQuestion` and a :class:`DnstapMessage`, that can be used to modify the message. Subsequent rules are processed after this action
+Send the current query to a remote logger as a dnstap message. ``alter_function`` is a callback, receiving a :class:`DNSQuestion` and a :class:`DnstapMessage`, that can be used to modify the message. Subsequent rules are processed after this action
Lua equivalent: :func:`DnstapLogAction`
Parameters:
- **identity**: String
-- **logger-name**: String
-- **alter-function-name**: String ``("")``
-- **alter-function-code**: String ``("")``
-- **alter-function-file**: String ``("")``
+- **logger_name**: String
+- **alter_function_name**: String ``("")``
+- **alter_function_code**: String ``("")``
+- **alter_function_file**: String ``("")``
.. _yaml-settings-DropAction:
- **status**: Unsigned integer
- **body**: String
-- **content-type**: String ``("")``
+- **content_type**: String ``("")``
- **vars**: :ref:`ResponseConfig <yaml-settings-ResponseConfig>`
KeyValueStoreLookupAction
-------------------------
-Does a lookup into the key value store using the key returned by ``lookup-key-name``, and storing the result if any into the tag named ``destination-tag``. The store can be a ``CDB`` or a ``LMDB`` database. The key can be based on the qname, source IP or the value of an existing tag. Subsequent rules are processed after this action. Note that the tag is always created, even if there was no match, but in that case the content is empty
+Does a lookup into the key value store using the key returned by ``lookup_key_name``, and storing the result if any into the tag named ``destination_tag``. The store can be a ``CDB`` or a ``LMDB`` database. The key can be based on the qname, source IP or the value of an existing tag. Subsequent rules are processed after this action. Note that the tag is always created, even if there was no match, but in that case the content is empty
Lua equivalent: :func:`KeyValueStoreLookupAction`
Parameters:
-- **kvs-name**: String
-- **lookup-key-name**: String
-- **destination-tag**: String
+- **kvs_name**: String
+- **lookup_key_name**: String
+- **destination_tag**: String
.. _yaml-settings-KeyValueStoreRangeLookupAction:
KeyValueStoreRangeLookupAction
------------------------------
-Does a range-based lookup into the key value store using the key returned by ``lookup-key-name``, and storing the result if any into the tag named ``destination-tag``. This assumes that there is a key in network byte order for the last element of the range (for example ``2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff`` for ``2001:db8::/32``) which contains the first element of the range (``2001:0db8:0000:0000:0000:0000:0000:0000``) (optionally followed by any data) as value, also in network byte order, and that there is no overlapping ranges in the database. This requires that the underlying store supports ordered keys, which is true for LMDB but not for CDB
+Does a range-based lookup into the key value store using the key returned by ``lookup_key_name``, and storing the result if any into the tag named ``destination_tag``. This assumes that there is a key in network byte order for the last element of the range (for example ``2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff`` for ``2001:db8::/32``) which contains the first element of the range (``2001:0db8:0000:0000:0000:0000:0000:0000``) (optionally followed by any data) as value, also in network byte order, and that there is no overlapping ranges in the database. This requires that the underlying store supports ordered keys, which is true for LMDB but not for CDB
Lua equivalent: :func:`KeyValueStoreRangeLookupAction`
Parameters:
-- **kvs-name**: String
-- **lookup-key-name**: String
-- **destination-tag**: String
+- **kvs_name**: String
+- **lookup_key_name**: String
+- **destination_tag**: String
.. _yaml-settings-LogAction:
LogAction
---------
-Log a line for each query, to the specified file if any, to the console (require verbose) if the empty string is given as filename. If an empty string is supplied in the file name, the logging is done to stdout, and only in verbose mode by default. This can be changed by setting ``verbose-only`` to ``false``. When logging to a file, the ``binary`` parameter specifies whether we log in binary form (default) or in textual form. The ``append`` parameter specifies whether we open the file for appending or truncate each time (default). The ``buffered`` parameter specifies whether writes to the file are buffered (default) or not. Subsequent rules are processed after this action
+Log a line for each query, to the specified file if any, to the console (require verbose) if the empty string is given as filename. If an empty string is supplied in the file name, the logging is done to stdout, and only in verbose mode by default. This can be changed by setting ``verbose_only`` to ``false``. When logging to a file, the ``binary`` parameter specifies whether we log in binary form (default) or in textual form. The ``append`` parameter specifies whether we open the file for appending or truncate each time (default). The ``buffered`` parameter specifies whether writes to the file are buffered (default) or not. Subsequent rules are processed after this action
Lua equivalent: :func:`LogAction`
Parameters:
-- **file-name**: String ``("")``
+- **file_name**: String ``("")``
- **binary**: Boolean ``(true)``
- **append**: Boolean ``(false)``
- **buffered**: Boolean ``(false)``
-- **verbose-only**: Boolean ``(true)``
-- **include-timestamp**: Boolean ``(false)``
+- **verbose_only**: Boolean ``(true)``
+- **include_timestamp**: Boolean ``(false)``
.. _yaml-settings-LuaAction:
Parameters:
-- **function-name**: String ``("")``
-- **function-code**: String ``("")``
-- **function-file**: String ``("")``
+- **function_name**: String ``("")``
+- **function_code**: String ``("")``
+- **function_file**: String ``("")``
.. _yaml-settings-LuaFFIAction:
Parameters:
-- **function-name**: String ``("")``
-- **function-code**: String ``("")``
-- **function-file**: String ``("")``
+- **function_name**: String ``("")``
+- **function_code**: String ``("")``
+- **function_file**: String ``("")``
.. _yaml-settings-LuaFFIPerThreadAction:
- **ttl**: Unsigned integer
- **mname**: String
- **rname**: String
-- **soa-parameters**: :ref:`SOAParams <yaml-settings-SOAParams>`
-- **soa-in-authority**: Boolean ``(false)``
+- **soa_parameters**: :ref:`SOAParams <yaml-settings-SOAParams>`
+- **soa_in_authority**: Boolean ``(false)``
- **vars**: :ref:`ResponseConfig <yaml-settings-ResponseConfig>`
PoolAction
----------
-Send the packet into the specified pool. If ``stop-processing`` is set to ``false``, subsequent rules will be processed after this action
+Send the packet into the specified pool. If ``stop_processing`` is set to ``false``, subsequent rules will be processed after this action
Lua equivalent: :func:`PoolAction`
Parameters:
-- **pool-name**: String
-- **stop-processing**: Boolean ``(true)``
+- **pool_name**: String
+- **stop_processing**: Boolean ``(true)``
.. _yaml-settings-QPSAction:
Parameters:
- **limit**: Unsigned integer
-- **pool-name**: String
-- **stop-processing**: Boolean ``(true)``
+- **pool_name**: String
+- **stop_processing**: Boolean ``(true)``
.. _yaml-settings-RCodeAction:
RemoteLogAction
---------------
-Send the current query to a remote logger as a Protocol Buffer message. ``alter-function`` is a callback, receiving a :class:`DNSQuestion` and a :class:`DNSDistProtoBufMessage`, that can be used to modify the message, for example for anonymization purposes. Subsequent rules are processed after this action
+Send the current query to a remote logger as a Protocol Buffer message. ``alter_function`` is a callback, receiving a :class:`DNSQuestion` and a :class:`DNSDistProtoBufMessage`, that can be used to modify the message, for example for anonymization purposes. Subsequent rules are processed after this action
Lua equivalent: :func:`RemoteLogAction`
Parameters:
-- **logger-name**: String
-- **alter-function-name**: String ``("")``
-- **alter-function-code**: String ``("")``
-- **alter-function-file**: String ``("")``
-- **server-id**: String ``("")``
-- **ip-encrypt-key**: String ``("")``
-- **export-tags**: Sequence of String
+- **logger_name**: String
+- **alter_function_name**: String ``("")``
+- **alter_function_code**: String ``("")``
+- **alter_function_file**: String ``("")``
+- **server_id**: String ``("")``
+- **ip_encrypt_key**: String ``("")``
+- **export_tags**: Sequence of String
- **metas**: Sequence of :ref:`ProtoBufMetaConfiguration <yaml-settings-ProtoBufMetaConfiguration>`
Parameters:
-- **proxy-type**: Unsigned integer
+- **proxy_type**: Unsigned integer
- **value**: String
Parameters:
-- **override-existing**: Boolean
+- **override_existing**: Boolean
.. _yaml-settings-SetECSPrefixLengthAction:
Parameters:
-- **info-code**: Unsigned integer
-- **extra-text**: String ``("")``
+- **info_code**: Unsigned integer
+- **extra_text**: String ``("")``
.. _yaml-settings-SetMacAddrAction:
Parameters:
- **answers**: Sequence of String
-- **qtype-for-any**: String ``("")``
+- **qtype_for_any**: String ``("")``
- **vars**: :ref:`ResponseConfig <yaml-settings-ResponseConfig>`
TeeAction
---------
-Send copy of query to remote, keep stats on responses. If ``add-ecs`` is set to true, EDNS Client Subnet information will be added to the query. If ``add-proxy-protocol`` is set to true, a Proxy Protocol v2 payload will be prepended in front of the query. The payload will contain the protocol the initial query was received over (UDP or TCP), as well as the initial source and destination addresses and ports. If ``lca`` has provided a value like “192.0.2.53”, dnsdist will try binding that address as local address when sending the queries. Subsequent rules are processed after this action
+Send copy of query to remote, keep stats on responses. If ``add_ecs`` is set to true, EDNS Client Subnet information will be added to the query. If ``add_proxy_protocol`` is set to true, a Proxy Protocol v2 payload will be prepended in front of the query. The payload will contain the protocol the initial query was received over (UDP or TCP), as well as the initial source and destination addresses and ports. If ``lca`` has provided a value like “192.0.2.53”, dnsdist will try binding that address as local address when sending the queries. Subsequent rules are processed after this action
Lua equivalent: :func:`TeeAction`
- **rca**: String
- **lca**: String ``("")``
-- **add-ecs**: Boolean ``(false)``
-- **add-proxy-protocol**: Boolean ``(false)``
+- **add_ecs**: Boolean ``(false)``
+- **add_proxy_protocol**: Boolean ``(false)``
Parameters:
-- **selector-name**: String
+- **selector_name**: String
.. _yaml-settings-DNSSECSelector:
Parameters:
-- **option-code**: Unsigned integer
+- **option_code**: Unsigned integer
.. _yaml-settings-EDNSVersionSelector:
KeyValueStoreLookupSelector
---------------------------
-Matches if the key returned by ``lookup-key-name`` exists in the key value store
+Matches if the key returned by ``lookup_key_name`` exists in the key value store
Lua equivalent: :func:`KeyValueStoreLookupRule`
Parameters:
-- **kvs-name**: String
-- **lookup-key-name**: String
+- **kvs_name**: String
+- **lookup_key_name**: String
.. _yaml-settings-KeyValueStoreRangeLookupSelector:
KeyValueStoreRangeLookupSelector
--------------------------------
-Does a range-based lookup into the key value store using the key returned by ``lookup-key-name`` and matches if there is a range covering that key. This assumes that there is a key, in network byte order, for the last element of the range (for example ``2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff`` for ``2001:db8::/32``) which contains the first element of the range (``2001:0db8:0000:0000:0000:0000:0000:0000``) (optionally followed by any data) as value, still in network byte order, and that there is no overlapping ranges in the database. This requires that the underlying store supports ordered keys, which is true for ``LMDB`` but not for ``CDB``
+Does a range-based lookup into the key value store using the key returned by ``lookup_key_name`` and matches if there is a range covering that key. This assumes that there is a key, in network byte order, for the last element of the range (for example ``2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff`` for ``2001:db8::/32``) which contains the first element of the range (``2001:0db8:0000:0000:0000:0000:0000:0000``) (optionally followed by any data) as value, still in network byte order, and that there is no overlapping ranges in the database. This requires that the underlying store supports ordered keys, which is true for ``LMDB`` but not for ``CDB``
Lua equivalent: :func:`KeyValueStoreRangeLookupRule`
Parameters:
-- **kvs-name**: String
-- **lookup-key-name**: String
+- **kvs_name**: String
+- **lookup_key_name**: String
.. _yaml-settings-LuaSelector:
Parameters:
-- **function-name**: String ``("")``
-- **function-code**: String ``("")``
-- **function-file**: String ``("")``
+- **function_name**: String ``("")``
+- **function_code**: String ``("")``
+- **function_file**: String ``("")``
.. _yaml-settings-LuaFFISelector:
Parameters:
-- **function-name**: String ``("")``
-- **function-code**: String ``("")``
-- **function-file**: String ``("")``
+- **function_name**: String ``("")``
+- **function_code**: String ``("")``
+- **function_file**: String ``("")``
.. _yaml-settings-LuaFFIPerThreadSelector:
MaxQPSIPSelector
----------------
-Matches traffic for a subnet specified by the v4 or v6 mask exceeding ``qps`` queries per second up to ``burst`` allowed. This rule keeps track of QPS by netmask or source IP. This state is cleaned up regularly if ``cleanup-delay`` is greater than zero, removing existing netmasks or IP addresses that have not been seen in the last ``expiration`` seconds.
+Matches traffic for a subnet specified by the v4 or v6 mask exceeding ``qps`` queries per second up to ``burst`` allowed. This rule keeps track of QPS by netmask or source IP. This state is cleaned up regularly if ``cleanup_delay`` is greater than zero, removing existing netmasks or IP addresses that have not been seen in the last ``expiration`` seconds.
Lua equivalent: :func:`MaxQPSIPRule`
Parameters:
- **qps**: Unsigned integer
-- **ipv4-mask**: Unsigned integer ``(32)``
-- **ipv6-mask**: Unsigned integer ``(64)``
+- **ipv4_mask**: Unsigned integer ``(32)``
+- **ipv6_mask**: Unsigned integer ``(64)``
- **burst**: Unsigned integer ``(0)``
- **expiration**: Unsigned integer ``(300)``
-- **cleanup-delay**: Unsigned integer ``(60)``
-- **scan-fraction**: Unsigned integer ``(10)``
+- **cleanup_delay**: Unsigned integer ``(60)``
+- **scan_fraction**: Unsigned integer ``(10)``
- **shards**: Unsigned integer ``(10)``
Parameters:
-- **netmask-group-name**: String ``("")``
+- **netmask_group_name**: String ``("")``
- **netmasks**: Sequence of String
- **source**: Boolean ``(true)``
- **quiet**: Boolean ``(false)``
Parameters:
- **pool**: String
-- **max-outstanding**: Unsigned integer
+- **max_outstanding**: Unsigned integer
.. _yaml-settings-ProbaSelector:
ProxyProtocolValueSelector
--------------------------
-Matches queries that have a proxy protocol TLV value of the specified type. If ``option-value`` is set, the content of the value should also match the content of value
+Matches queries that have a proxy protocol TLV value of the specified type. If ``option_value`` is set, the content of the value should also match the content of value
Lua equivalent: :func:`ProxyProtocolValueRule`
Parameters:
-- **option-type**: Unsigned integer
-- **option-value**: String ``("")``
+- **option_type**: Unsigned integer
+- **option_value**: String ``("")``
.. _yaml-settings-QClassSelector:
Parameters:
- **qclass**: String ``("")``
-- **numeric-value**: Unsigned integer ``(0)``
+- **numeric_value**: Unsigned integer ``(0)``
.. _yaml-settings-QNameSelector:
QNameLabelsCountSelector
------------------------
-Matches if the qname has less than ``min-labels-count`` or more than ``max-labels-count`` labels
+Matches if the qname has less than ``min_labels_count`` or more than ``max_labels_count`` labels
Lua equivalent: :func:`QNameLabelsCountRule`
Parameters:
-- **min-labels-count**: Unsigned integer
-- **max-labels-count**: Unsigned integer
+- **min_labels_count**: Unsigned integer
+- **max_labels_count**: Unsigned integer
.. _yaml-settings-QNameSetSelector:
Parameters:
- **qtype**: String
-- **numeric-value**: Unsigned integer ``(0)``
+- **numeric_value**: Unsigned integer ``(0)``
.. _yaml-settings-RCodeSelector:
RecordsTypeCountSelector
------------------------
-Matches if there is at least ``minimum`` and at most ``maximum`` records of type ``record-type`` in the section ``section``. ``section`` is specified as an integer with ``0`` being the question section, ``1`` answer, ``2`` authority and ``3`` additional
+Matches if there is at least ``minimum`` and at most ``maximum`` records of type ``record_type`` in the section ``section``. ``section`` is specified as an integer with ``0`` being the question section, ``1`` answer, ``2`` authority and ``3`` additional
Lua equivalent: :func:`RecordsTypeCountRule`
Parameters:
- **section**: Unsigned integer
-- **record-type**: Unsigned integer
+- **record_type**: Unsigned integer
- **minimum**: Unsigned integer
- **maximum**: Unsigned integer
Parameters:
-- **server-name**: String
+- **server_name**: String
.. _yaml-settings-TagSelector:
- **acl**: Sequence of String ``(127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10)`` - CIDR netmasks of the clients allowed to send DNS queries
- **backends**: Sequence of :ref:`BackendConfiguration <yaml-settings-BackendConfiguration>` - List of backends
- **binds**: Sequence of :ref:`BindConfiguration <yaml-settings-BindConfiguration>` - List of endpoints to accept queries on
-- **cache-hit-response-rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed on a cache hit
-- **cache-inserted-response-rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed after inserting a new response into the cache
-- **cache-miss-rules**: Sequence of :ref:`QueryRuleConfiguration <yaml-settings-QueryRuleConfiguration>` - List of rules executed after a cache miss
-- **cache-settings**: :ref:`CacheSettingsConfiguration <yaml-settings-CacheSettingsConfiguration>` - Caching-related settings
+- **cache_hit_response_rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed on a cache hit
+- **cache_inserted_response_rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed after inserting a new response into the cache
+- **cache_miss_rules**: Sequence of :ref:`QueryRuleConfiguration <yaml-settings-QueryRuleConfiguration>` - List of rules executed after a cache miss
+- **cache_settings**: :ref:`CacheSettingsConfiguration <yaml-settings-CacheSettingsConfiguration>` - Caching-related settings
- **console**: :ref:`ConsoleConfiguration <yaml-settings-ConsoleConfiguration>` - Console-related settings
-- **dynamic-rules**: Sequence of :ref:`DynamicRulesConfiguration <yaml-settings-DynamicRulesConfiguration>` - List of dynamic rules
-- **dynamic-rules-settings**: :ref:`DynamicRulesSettingsConfiguration <yaml-settings-DynamicRulesSettingsConfiguration>` - Dynamic rules-related settings
+- **dynamic_rules**: Sequence of :ref:`DynamicRulesConfiguration <yaml-settings-DynamicRulesConfiguration>` - List of dynamic rules
+- **dynamic_rules_settings**: :ref:`DynamicRulesSettingsConfiguration <yaml-settings-DynamicRulesSettingsConfiguration>` - Dynamic rules-related settings
- **ebpf**: :ref:`EbpfConfiguration <yaml-settings-EbpfConfiguration>` - EBPF settings
-- **edns-client-subnet**: :ref:`EdnsClientSubnetConfiguration <yaml-settings-EdnsClientSubnetConfiguration>` - EDNS Client Subnet-related settings
+- **edns_client_subnet**: :ref:`EdnsClientSubnetConfiguration <yaml-settings-EdnsClientSubnetConfiguration>` - EDNS Client Subnet-related settings
- **general**: :ref:`GeneralConfiguration <yaml-settings-GeneralConfiguration>` - General settings
-- **key-value-stores**: :ref:`KeyValueStoresConfiguration <yaml-settings-KeyValueStoresConfiguration>` - Key-Value stores
-- **load-balancing-policies**: :ref:`LoadBalancingPoliciesConfiguration <yaml-settings-LoadBalancingPoliciesConfiguration>` - Load-balancing policies
+- **key_value_stores**: :ref:`KeyValueStoresConfiguration <yaml-settings-KeyValueStoresConfiguration>` - Key-Value stores
+- **load_balancing_policies**: :ref:`LoadBalancingPoliciesConfiguration <yaml-settings-LoadBalancingPoliciesConfiguration>` - Load-balancing policies
- **metrics**: :ref:`MetricsConfiguration <yaml-settings-MetricsConfiguration>` - Metrics-related settings
-- **packet-caches**: Sequence of :ref:`PacketCacheConfiguration <yaml-settings-PacketCacheConfiguration>` - Packet-cache definitions
+- **packet_caches**: Sequence of :ref:`PacketCacheConfiguration <yaml-settings-PacketCacheConfiguration>` - Packet-cache definitions
- **pools**: Sequence of :ref:`PoolConfiguration <yaml-settings-PoolConfiguration>` - Pools of backends
-- **proxy-protocol**: :ref:`ProxyProtocolConfiguration <yaml-settings-ProxyProtocolConfiguration>` - Proxy-protocol-related settings
-- **query-count**: :ref:`QueryCountConfiguration <yaml-settings-QueryCountConfiguration>` - Queries counting-related settings
-- **query-rules**: Sequence of :ref:`QueryRuleConfiguration <yaml-settings-QueryRuleConfiguration>` - List of rules executed when a query is received
-- **remote-logging**: :ref:`RemoteLoggingConfiguration <yaml-settings-RemoteLoggingConfiguration>` - Remote logging-related settings
-- **response-rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed when a response is received
-- **ring-buffers**: :ref:`RingBuffersConfiguration <yaml-settings-RingBuffersConfiguration>` - In-memory ring buffer settings
-- **security-polling**: :ref:`SecurityPollingConfiguration <yaml-settings-SecurityPollingConfiguration>` - Automatic checking of outdated version
+- **proxy_protocol**: :ref:`ProxyProtocolConfiguration <yaml-settings-ProxyProtocolConfiguration>` - Proxy-protocol-related settings
+- **query_count**: :ref:`QueryCountConfiguration <yaml-settings-QueryCountConfiguration>` - Queries counting-related settings
+- **query_rules**: Sequence of :ref:`QueryRuleConfiguration <yaml-settings-QueryRuleConfiguration>` - List of rules executed when a query is received
+- **remote_logging**: :ref:`RemoteLoggingConfiguration <yaml-settings-RemoteLoggingConfiguration>` - Remote logging-related settings
+- **response_rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed when a response is received
+- **ring_buffers**: :ref:`RingBuffersConfiguration <yaml-settings-RingBuffersConfiguration>` - In-memory ring buffer settings
+- **security_polling**: :ref:`SecurityPollingConfiguration <yaml-settings-SecurityPollingConfiguration>` - Automatic checking of outdated version
- **selectors**: Sequence of :ref:`Selector <yaml-settings-Selector>` - List of selectors that can be reused in rules
-- **self-answered-response-rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed when a response is generated by DNSdist itself
+- **self_answered_response_rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed when a response is generated by DNSdist itself
- **snmp**: :ref:`SnmpConfiguration <yaml-settings-SnmpConfiguration>` - SNMP-related settings
- **tuning**: :ref:`TuningConfiguration <yaml-settings-TuningConfiguration>` - Performance-related settings
- **webserver**: :ref:`WebserverConfiguration <yaml-settings-WebserverConfiguration>` - Internal web server configuration
-- **xfr-response-rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed when a XFR response is received
+- **xfr_response_rules**: Sequence of :ref:`ResponseRuleConfiguration <yaml-settings-ResponseRuleConfiguration>` - List of rules executed when a XFR response is received
- **xsk**: Sequence of :ref:`XskConfiguration <yaml-settings-XskConfiguration>` - List of AF_XDP / XSK objects
- **protocol**: String
- **tls**: :ref:`OutgoingTlsConfiguration <yaml-settings-OutgoingTlsConfiguration>`
- **doh**: :ref:`OutgoingDohConfiguration <yaml-settings-OutgoingDohConfiguration>`
-- **use-client-subnet**: Boolean ``(false)``
-- **use-proxy-protocol**: Boolean ``(false)``
-- **queries-per-second**: Unsigned integer ``(0)``
+- **use_client_subnet**: Boolean ``(false)``
+- **use_proxy_protocol**: Boolean ``(false)``
+- **queries_per_second**: Unsigned integer ``(0)``
- **order**: Unsigned integer ``(1)``
- **weight**: Unsigned integer ``(1)``
- **pools**: Sequence of String
- **retries**: Unsigned integer ``(5)``
- **tcp**: :ref:`OutgoingTcpConfiguration <yaml-settings-OutgoingTcpConfiguration>`
-- **ip-bind-addr-no-port**: Boolean ``(true)``
-- **health-checks**: :ref:`HealthCheckConfiguration <yaml-settings-HealthCheckConfiguration>`
+- **ip_bind_addr_no_port**: Boolean ``(true)``
+- **health_checks**: :ref:`HealthCheckConfiguration <yaml-settings-HealthCheckConfiguration>`
- **source**: String ``("")``
- **sockets**: Unsigned integer ``(1)``
-- **disable-zero-scope**: Boolean ``(false)``
-- **reconnect-on-up**: Boolean ``(false)``
-- **max-in-flight**: Unsigned integer ``(1)``
-- **tcp-only**: Boolean ``(false)``
-- **auto-upgrade**: :ref:`OutgoingAutoUpgradeConfiguration <yaml-settings-OutgoingAutoUpgradeConfiguration>`
-- **max-concurrent-tcp-connections**: Unsigned integer ``(0)``
+- **disable_zero_scope**: Boolean ``(false)``
+- **reconnect_on_up**: Boolean ``(false)``
+- **max_in_flight**: Unsigned integer ``(1)``
+- **tcp_only**: Boolean ``(false)``
+- **auto_upgrade**: :ref:`OutgoingAutoUpgradeConfiguration <yaml-settings-OutgoingAutoUpgradeConfiguration>`
+- **max_concurrent_tcp_connections**: Unsigned integer ``(0)``
- **ktls**: Boolean ``(false)``
-- **proxy-protocol-advertise-tls**: Boolean ``(false)``
-- **xsk-sockets**: Sequence of String
-- **mac-address**: String ``("")``
+- **proxy_protocol_advertise_tls**: Boolean ``(false)``
+- **xsk_sockets**: Sequence of String
+- **mac_address**: String ``("")``
- **cpus**: String ``("")``
- **xsk**: String ``("")``
BindConfiguration
-----------------
-- **listen-address**: String - Address and port to listen to
+- **listen_address**: String - Address and port to listen to
- **reuseport**: Boolean ``(false)``
- **protocol**: String ``(Do53)``
- **threads**: Unsigned integer ``(1)``
- **interface**: String ``("")``
- **cpus**: String ``("")``
-- **enable-proxy-protocol**: Boolean ``(false)``
+- **enable_proxy_protocol**: Boolean ``(false)``
- **tcp**: :ref:`IncomingTcpConfiguration <yaml-settings-IncomingTcpConfiguration>`
- **tls**: :ref:`IncomingTlsConfiguration <yaml-settings-IncomingTlsConfiguration>`
- **doh**: :ref:`IncomingDohConfiguration <yaml-settings-IncomingDohConfiguration>`
- **doq**: :ref:`IncomingDoqConfiguration <yaml-settings-IncomingDoqConfiguration>`
- **quic**: :ref:`IncomingQuicConfiguration <yaml-settings-IncomingQuicConfiguration>`
- **dnscrypt**: :ref:`IncomingDnscryptConfiguration <yaml-settings-IncomingDnscryptConfiguration>`
-- **additional-addresses**: Sequence of String
+- **additional_addresses**: Sequence of String
- **xsk**: String ``("")``
-----------------------
- **name**: String
-- **file-name**: String
-- **refresh-delay**: Unsigned integer
+- **file_name**: String
+- **refresh_delay**: Unsigned integer
-.. _yaml-settings-CacheSettingsConfiguration:
+.. _yaml-settings-Cache_settingsConfiguration:
-CacheSettingsConfiguration
---------------------------
+Cache_settingsConfiguration
+---------------------------
-- **stale-entries-ttl**: Unsigned integer ``(0)``
-- **cleaning-delay**: Unsigned integer ``(60)``
-- **cleaning-percentage**: Unsigned integer ``(100)``
+- **stale_entries_ttl**: Unsigned integer ``(0)``
+- **cleaning_delay**: Unsigned integer ``(60)``
+- **cleaning_percentage**: Unsigned integer ``(100)``
.. _yaml-settings-CarbonConfiguration:
ConsoleConfiguration
--------------------
-- **listen-address**: String ``("")`` - IP address and port to listen on for console connections
+- **listen_address**: String ``("")`` - IP address and port to listen on for console connections
- **key**: String ``("")`` - The shared secret used to secure connections between the console client and the server, generated via ``makeKey()``
- **acl**: Sequence of String ``(127.0.0.1, ::1)`` - List of network masks or IP addresses that are allowed to open a connection to the console server
-- **maximum-output-size**: Unsigned integer ``(10000000)``
-- **log-connections**: Boolean ``(true)``
-- **max-concurrent-connections**: Unsigned integer ``(0)``
+- **maximum_output_size**: Unsigned integer ``(10000000)``
+- **log_connections**: Boolean ``(true)``
+- **max_concurrent_connections**: Unsigned integer ``(0)``
-.. _yaml-settings-CustomLoadBalancingPolicyConfiguration:
+.. _yaml-settings-Custom_load_balancing_policyConfiguration:
-CustomLoadBalancingPolicyConfiguration
---------------------------------------
+Custom_load_balancing_policyConfiguration
+-----------------------------------------
- **name**: String
-- **function-name**: String ``("")``
-- **function-code**: String ``("")``
-- **function-file**: String ``("")``
+- **function_name**: String ``("")``
+- **function_code**: String ``("")``
+- **function_file**: String ``("")``
- **ffi**: Boolean ``(false)``
-- **per-thread**: Boolean ``(false)``
+- **per_thread**: Boolean ``(false)``
-.. _yaml-settings-DnstapLoggerConfiguration:
+.. _yaml-settings-Dnstap_loggerConfiguration:
-DnstapLoggerConfiguration
--------------------------
+Dnstap_loggerConfiguration
+--------------------------
- **name**: String
- **transport**: String
- **address**: String
-- **buffer-hint**: Unsigned integer ``(0)``
-- **flush-timeout**: Unsigned integer ``(0)``
-- **input-queue-size**: Unsigned integer ``(0)``
-- **output-queue-size**: Unsigned integer ``(0)``
-- **queue-notify-threshold**: Unsigned integer ``(0)``
-- **reopen-interval**: Unsigned integer ``(0)``
+- **buffer_hint**: Unsigned integer ``(0)``
+- **flush_timeout**: Unsigned integer ``(0)``
+- **input_queue_size**: Unsigned integer ``(0)``
+- **output_queue_size**: Unsigned integer ``(0)``
+- **queue_notify_threshold**: Unsigned integer ``(0)``
+- **reopen_interval**: Unsigned integer ``(0)``
-.. _yaml-settings-DohTuningConfiguration:
+.. _yaml-settings-Doh_tuningConfiguration:
-DohTuningConfiguration
-----------------------
+Doh_tuningConfiguration
+-----------------------
-- **outgoing-worker-threads**: Unsigned integer ``(10)``
-- **outgoing-max-idle-time**: Unsigned integer ``(300)``
-- **outgoing-cleanup-interval**: Unsigned integer ``(60)``
-- **outgoing-max-idle-connection-per-backend**: Unsigned integer ``(10)``
+- **outgoing_worker_threads**: Unsigned integer ``(10)``
+- **outgoing_max_idle_time**: Unsigned integer ``(300)``
+- **outgoing_cleanup_interval**: Unsigned integer ``(60)``
+- **outgoing_max_idle_connection_per_backend**: Unsigned integer ``(10)``
-.. _yaml-settings-DynamicRuleConfiguration:
+.. _yaml-settings-Dynamic_ruleConfiguration:
-DynamicRuleConfiguration
-------------------------
+Dynamic_ruleConfiguration
+-------------------------
- **type**: String
- **seconds**: Unsigned integer
-- **action-duration**: Unsigned integer
+- **action_duration**: Unsigned integer
- **comment**: String
- **rate**: Unsigned integer ``(0)``
- **ratio**: Double ``(0.0)``
- **action**: String ``(drop)``
-- **warning-rate**: Unsigned integer ``(0)``
-- **warning-ratio**: Double ``(0.0)``
-- **tag-name**: String ``("")``
-- **tag-value**: String ``(0)``
-- **visitor-function-name**: String ``("")``
-- **visitor-function-code**: String ``("")``
-- **visitor-function-file**: String ``("")``
+- **warning_rate**: Unsigned integer ``(0)``
+- **warning_ratio**: Double ``(0.0)``
+- **tag_name**: String ``("")``
+- **tag_value**: String ``(0)``
+- **visitor_function_name**: String ``("")``
+- **visitor_function_code**: String ``("")``
+- **visitor_function_file**: String ``("")``
- **rcode**: String ``("")``
- **qtype**: String ``("")``
-- **minimum-number-of-responses**: Unsigned integer ``(0)``
-- **minimum-global-cache-hit-ratio**: Double ``(0.0)``
+- **minimum_number_of_responses**: Unsigned integer ``(0)``
+- **minimum_global_cache_hit_ratio**: Double ``(0.0)``
-.. _yaml-settings-DynamicRulesConfiguration:
+.. _yaml-settings-Dynamic_rulesConfiguration:
-DynamicRulesConfiguration
--------------------------
+Dynamic_rulesConfiguration
+--------------------------
- **name**: String
-- **mask-ipv4**: Unsigned integer ``(32)``
-- **mask-ipv6**: Unsigned integer ``(64)``
-- **mask-port**: Unsigned integer ``(0)``
-- **exclude-ranges**: Sequence of String
-- **include-ranges**: Sequence of String
-- **exclude-domains**: Sequence of String
+- **mask_ipv4**: Unsigned integer ``(32)``
+- **mask_ipv6**: Unsigned integer ``(64)``
+- **mask_port**: Unsigned integer ``(0)``
+- **exclude_ranges**: Sequence of String
+- **include_ranges**: Sequence of String
+- **exclude_domains**: Sequence of String
- **rules**: Sequence of :ref:`DynamicRuleConfiguration <yaml-settings-DynamicRuleConfiguration>`
-.. _yaml-settings-DynamicRulesSettingsConfiguration:
+.. _yaml-settings-Dynamic_rules_settingsConfiguration:
-DynamicRulesSettingsConfiguration
----------------------------------
+Dynamic_rules_settingsConfiguration
+-----------------------------------
-- **purge-interval**: Unsigned integer ``(60)``
-- **default-action**: String ``(Drop)``
+- **purge_interval**: Unsigned integer ``(60)``
+- **default_action**: String ``(Drop)``
.. _yaml-settings-EbpfConfiguration:
- **ipv4**: :ref:`EbpfMapConfiguration <yaml-settings-EbpfMapConfiguration>`
- **ipv6**: :ref:`EbpfMapConfiguration <yaml-settings-EbpfMapConfiguration>`
-- **cidr-ipv4**: :ref:`EbpfMapConfiguration <yaml-settings-EbpfMapConfiguration>`
-- **cidr-ipv6**: :ref:`EbpfMapConfiguration <yaml-settings-EbpfMapConfiguration>`
+- **cidr_ipv4**: :ref:`EbpfMapConfiguration <yaml-settings-EbpfMapConfiguration>`
+- **cidr_ipv6**: :ref:`EbpfMapConfiguration <yaml-settings-EbpfMapConfiguration>`
- **qnames**: :ref:`EbpfMapConfiguration <yaml-settings-EbpfMapConfiguration>`
- **external**: Boolean ``(false)``
-.. _yaml-settings-EbpfMapConfiguration:
+.. _yaml-settings-Ebpf_mapConfiguration:
-EbpfMapConfiguration
---------------------
+Ebpf_mapConfiguration
+---------------------
-- **max-entries**: Unsigned integer ``(0)``
-- **pinned-path**: String ``("")``
+- **max_entries**: Unsigned integer ``(0)``
+- **pinned_path**: String ``("")``
-.. _yaml-settings-EdnsClientSubnetConfiguration:
+.. _yaml-settings-Edns_client_subnetConfiguration:
-EdnsClientSubnetConfiguration
------------------------------
+Edns_client_subnetConfiguration
+-------------------------------
-- **override-existing**: Boolean ``(false)`` - When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, override an existing option already present in the query, if any. Please see Passing the source address to the backend for more information. Note that it’s not recommended to enable setECSOverride in front of an authoritative server responding with EDNS Client Subnet information as mismatching data (ECS scopes) can confuse clients and lead to SERVFAIL responses on downstream nameservers
-- **source-prefix-v4**: Unsigned integer ``(32)`` - When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, truncate the requestor's IPv4 address to `prefix` bits
-- **source-prefix-v6**: Unsigned integer ``(56)`` - When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, truncate the requestor's IPv6 address to `prefix` bits
+- **override_existing**: Boolean ``(false)`` - When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, override an existing option already present in the query, if any. Please see Passing the source address to the backend for more information. Note that it’s not recommended to enable setECSOverride in front of an authoritative server responding with EDNS Client Subnet information as mismatching data (ECS scopes) can confuse clients and lead to SERVFAIL responses on downstream nameservers
+- **source_prefix_v4**: Unsigned integer ``(32)`` - When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, truncate the requestor's IPv4 address to `prefix` bits
+- **source_prefix_v6**: Unsigned integer ``(56)`` - When `useClientSubnet` in `newServer()` is set and dnsdist adds an EDNS Client Subnet Client option to the query, truncate the requestor's IPv6 address to `prefix` bits
.. _yaml-settings-GeneralConfiguration:
GeneralConfiguration
--------------------
-- **edns-udp-payload-size-self-generated-answers**: Unsigned integer ``(1232)``
-- **add-edns-to-self-generated-answers**: Boolean ``(true)``
-- **truncate-tc-answers**: Boolean ``(false)``
-- **fixup-case**: Boolean ``(false)``
+- **edns_udp_payload_size_self_generated_answers**: Unsigned integer ``(1232)``
+- **add_edns_to_self_generated_answers**: Boolean ``(true)``
+- **truncate_tc_answers**: Boolean ``(false)``
+- **fixup_case**: Boolean ``(false)``
- **verbose**: Boolean ``(false)``
-- **verbose-health-checks**: Boolean ``(false)``
-- **allow-empty-responses**: Boolean ``(false)``
-- **drop-empty-queries**: Boolean ``(false)``
-- **capabilities-to-retain**: Sequence of String
+- **verbose_health_checks**: Boolean ``(false)``
+- **allow_empty_responses**: Boolean ``(false)``
+- **drop_empty_queries**: Boolean ``(false)``
+- **capabilities_to_retain**: Sequence of String
-.. _yaml-settings-HealthCheckConfiguration:
+.. _yaml-settings-Health_checkConfiguration:
-HealthCheckConfiguration
-------------------------
+Health_checkConfiguration
+-------------------------
- **mode**: String ``(auto)``
- **qname**: String ``("")``
- **qtype**: String ``(A)``
- **function**: String ``("")``
- **lua**: String ``("")``
-- **lua-file**: String ``("")``
+- **lua_file**: String ``("")``
- **timeout**: Unsigned integer ``(1000)``
-- **set-cd**: Boolean ``(false)``
-- **max-failures**: Unsigned integer ``(1)``
+- **set_cd**: Boolean ``(false)``
+- **max_failures**: Unsigned integer ``(1)``
- **rise**: Unsigned integer ``(1)``
- **interval**: Unsigned integer ``(1)``
-- **must-resolve**: Boolean ``(false)``
-- **use-tcp**: Boolean ``(false)``
+- **must_resolve**: Boolean ``(false)``
+- **use_tcp**: Boolean ``(false)``
- **lazy**: :ref:`LazyHealthCheckConfiguration <yaml-settings-LazyHealthCheckConfiguration>`
-.. _yaml-settings-HttpCustomResponseHeaderConfiguration:
+.. _yaml-settings-Http_custom_response_headerConfiguration:
-HttpCustomResponseHeaderConfiguration
--------------------------------------
+Http_custom_response_headerConfiguration
+----------------------------------------
- **key**: String
- **value**: String
-.. _yaml-settings-HttpResponsesMapConfiguration:
+.. _yaml-settings-Http_responses_mapConfiguration:
-HttpResponsesMapConfiguration
------------------------------
+Http_responses_mapConfiguration
+-------------------------------
- **expression**: String
- **status**: Unsigned integer
- **headers**: Sequence of :ref:`HttpCustomResponseHeaderConfiguration <yaml-settings-HttpCustomResponseHeaderConfiguration>`
-.. _yaml-settings-IncomingDnscryptCertificateKeyPairConfiguration:
+.. _yaml-settings-Incoming_dnscryptConfiguration:
-IncomingDnscryptCertificateKeyPairConfiguration
------------------------------------------------
+Incoming_dnscryptConfiguration
+------------------------------
-- **certificate**: String
-- **key**: String
+- **provider_name**: String ``("")``
+- **certificates**: Sequence of :ref:`IncomingDnscryptCertificateKeyPairConfiguration <yaml-settings-IncomingDnscryptCertificateKeyPairConfiguration>`
-.. _yaml-settings-IncomingDnscryptConfiguration:
+.. _yaml-settings-Incoming_dnscrypt_certificate_key_pairConfiguration:
-IncomingDnscryptConfiguration
------------------------------
+Incoming_dnscrypt_certificate_key_pairConfiguration
+---------------------------------------------------
-- **provider-name**: String ``("")``
-- **certificates**: Sequence of :ref:`IncomingDnscryptCertificateKeyPairConfiguration <yaml-settings-IncomingDnscryptCertificateKeyPairConfiguration>`
+- **certificate**: String
+- **key**: String
-.. _yaml-settings-IncomingDohConfiguration:
+.. _yaml-settings-Incoming_dohConfiguration:
-IncomingDohConfiguration
-------------------------
+Incoming_dohConfiguration
+-------------------------
- **provider**: String ``(nghttp2)``
- **paths**: Sequence of String ``(/dns-query)``
-- **idle-timeout**: Unsigned integer ``(30)``
-- **server-tokens**: String ``(h2o/dnsdist)``
-- **send-cache-control-headers**: Boolean ``(true)``
-- **keep-incoming-headers**: Boolean ``(false)``
-- **trust-forwarded-for-header**: Boolean ``(false)``
-- **early-acl-drop**: Boolean ``(true)``
-- **exact-path-matching**: Boolean ``(true)``
-- **internal-pipe-buffer-size**: Unsigned integer ``(1048576)``
-- **custom-response-headers**: Sequence of :ref:`HttpCustomResponseHeaderConfiguration <yaml-settings-HttpCustomResponseHeaderConfiguration>`
-- **responses-map**: Sequence of :ref:`HttpResponsesMapConfiguration <yaml-settings-HttpResponsesMapConfiguration>`
-
-
-.. _yaml-settings-IncomingDoqConfiguration:
-
-IncomingDoqConfiguration
-------------------------
-
-- **max_concurrent_queries_per_connection**: Unsigned integer ``(65535)``
+- **idle_timeout**: Unsigned integer ``(30)``
+- **server_tokens**: String ``(h2o/dnsdist)``
+- **send_cache_control_headers**: Boolean ``(true)``
+- **keep_incoming_headers**: Boolean ``(false)``
+- **trust_forwarded_for_header**: Boolean ``(false)``
+- **early_acl_drop**: Boolean ``(true)``
+- **exact_path_matching**: Boolean ``(true)``
+- **internal_pipe_buffer_size**: Unsigned integer ``(1048576)``
+- **custom_response_headers**: Sequence of :ref:`HttpCustomResponseHeaderConfiguration <yaml-settings-HttpCustomResponseHeaderConfiguration>`
+- **responses_map**: Sequence of :ref:`HttpResponsesMapConfiguration <yaml-settings-HttpResponsesMapConfiguration>`
-.. _yaml-settings-IncomingQuicConfiguration:
+.. _yaml-settings-Incoming_doqConfiguration:
-IncomingQuicConfiguration
+Incoming_doqConfiguration
-------------------------
-- **idle-timeout**: Unsigned integer ``(5)``
-- **congestion-control-algorithm**: String ``(reno)``
-- **internal-pipe-buffer-size**: Unsigned integer ``(1048576)``
+- **max_concurrent_queries_per_connection**: Unsigned integer ``(65535)``
-.. _yaml-settings-IncomingTcpConfiguration:
+.. _yaml-settings-Incoming_quicConfiguration:
-IncomingTcpConfiguration
-------------------------
+Incoming_quicConfiguration
+--------------------------
-- **max-in-flight-queries**: Unsigned integer ``(0)``
-- **listen-queue-size**: Unsigned integer ``(0)``
-- **fast-open-queue-size**: Unsigned integer ``(0)``
-- **max-concurrent-connections**: Unsigned integer ``(0)``
+- **idle_timeout**: Unsigned integer ``(5)``
+- **congestion_control_algorithm**: String ``(reno)``
+- **internal_pipe_buffer_size**: Unsigned integer ``(1048576)``
-.. _yaml-settings-IncomingTlsCertificateKeyPairConfiguration:
+.. _yaml-settings-Incoming_tcpConfiguration:
-IncomingTlsCertificateKeyPairConfiguration
-------------------------------------------
+Incoming_tcpConfiguration
+-------------------------
-- **certificate**: String
-- **key**: String ``("")``
-- **password**: String ``("")``
+- **max_in_flight_queries**: Unsigned integer ``(0)``
+- **listen_queue_size**: Unsigned integer ``(0)``
+- **fast_open_queue_size**: Unsigned integer ``(0)``
+- **max_concurrent_connections**: Unsigned integer ``(0)``
-.. _yaml-settings-IncomingTlsConfiguration:
+.. _yaml-settings-Incoming_tlsConfiguration:
-IncomingTlsConfiguration
-------------------------
+Incoming_tlsConfiguration
+-------------------------
- **provider**: String ``(OpenSSL)``
- **certificates**: Sequence of :ref:`IncomingTlsCertificateKeyPairConfiguration <yaml-settings-IncomingTlsCertificateKeyPairConfiguration>`
-- **ignore-errors**: Boolean ``(false)``
+- **ignore_errors**: Boolean ``(false)``
- **ciphers**: String ``("")``
-- **ciphers-tls-13**: String ``("")``
-- **minimum-version**: String ``(tls1.0)``
-- **ticket-key-file**: String ``("")``
-- **tickets-keys-rotation-delay**: Unsigned integer ``(43200)``
-- **number-of-tickets-keys**: Unsigned integer ``(5)``
-- **prefer-server-ciphers**: Boolean ``(true)``
-- **session-timeout**: Unsigned integer ``(0)``
-- **session-tickets**: Boolean ``(true)``
-- **number-of-stored-sessions**: Unsigned integer ``(20480)``
-- **ocsp-response-files**: Sequence of String
-- **key-log-file**: String ``("")``
-- **release-buffers**: Boolean ``(true)``
-- **enable-renegotiation**: Boolean ``(false)``
-- **async-mode**: Boolean ``(false)``
+- **ciphers_tls_13**: String ``("")``
+- **minimum_version**: String ``(tls1.0)``
+- **ticket_key_file**: String ``("")``
+- **tickets_keys_rotation_delay**: Unsigned integer ``(43200)``
+- **number_of_tickets_keys**: Unsigned integer ``(5)``
+- **prefer_server_ciphers**: Boolean ``(true)``
+- **session_timeout**: Unsigned integer ``(0)``
+- **session_tickets**: Boolean ``(true)``
+- **number_of_stored_sessions**: Unsigned integer ``(20480)``
+- **ocsp_response_files**: Sequence of String
+- **key_log_file**: String ``("")``
+- **release_buffers**: Boolean ``(true)``
+- **enable_renegotiation**: Boolean ``(false)``
+- **async_mode**: Boolean ``(false)``
- **ktls**: Boolean ``(false)``
-- **read-ahead**: Boolean ``(true)``
-- **proxy-protocol-outside-tls**: Boolean ``(false)``
-- **ignore-configuration-errors**: Boolean ``(false)``
+- **read_ahead**: Boolean ``(true)``
+- **proxy_protocol_outside_tls**: Boolean ``(false)``
+- **ignore_configuration_errors**: Boolean ``(false)``
+
+
+.. _yaml-settings-Incoming_tls_certificate_key_pairConfiguration:
+
+Incoming_tls_certificate_key_pairConfiguration
+----------------------------------------------
+
+- **certificate**: String
+- **key**: String ``("")``
+- **password**: String ``("")``
.. _yaml-settings-KVSLookupKeyQNameConfiguration:
------------------------------
- **name**: String
-- **wire-format**: Boolean ``(true)``
+- **wire_format**: Boolean ``(true)``
.. _yaml-settings-KVSLookupKeySourceIPConfiguration:
---------------------------------
- **name**: String
-- **v4-mask**: Unsigned integer ``(32)``
-- **v6-mask**: Unsigned integer ``(128)``
-- **include-port**: Boolean ``(false)``
+- **v4_mask**: Unsigned integer ``(32)``
+- **v6_mask**: Unsigned integer ``(128)``
+- **include_port**: Boolean ``(false)``
.. _yaml-settings-KVSLookupKeySuffixConfiguration:
-------------------------------
- **name**: String
-- **minimum-labels**: Unsigned integer ``(0)``
-- **wire-format**: Boolean ``(true)``
+- **minimum_labels**: Unsigned integer ``(0)``
+- **wire_format**: Boolean ``(true)``
.. _yaml-settings-KVSLookupKeyTagConfiguration:
KVSLookupKeysConfiguration
--------------------------
-- **source-ip-keys**: Sequence of :ref:`KVSLookupKeySourceIPConfiguration <yaml-settings-KVSLookupKeySourceIPConfiguration>`
-- **qname-keys**: Sequence of :ref:`KVSLookupKeyQNameConfiguration <yaml-settings-KVSLookupKeyQNameConfiguration>`
-- **suffix-keys**: Sequence of :ref:`KVSLookupKeySuffixConfiguration <yaml-settings-KVSLookupKeySuffixConfiguration>`
-- **tag-keys**: Sequence of :ref:`KVSLookupKeyTagConfiguration <yaml-settings-KVSLookupKeyTagConfiguration>`
+- **source_ip_keys**: Sequence of :ref:`KVSLookupKeySourceIPConfiguration <yaml-settings-KVSLookupKeySourceIPConfiguration>`
+- **qname_keys**: Sequence of :ref:`KVSLookupKeyQNameConfiguration <yaml-settings-KVSLookupKeyQNameConfiguration>`
+- **suffix_keys**: Sequence of :ref:`KVSLookupKeySuffixConfiguration <yaml-settings-KVSLookupKeySuffixConfiguration>`
+- **tag_keys**: Sequence of :ref:`KVSLookupKeyTagConfiguration <yaml-settings-KVSLookupKeyTagConfiguration>`
-.. _yaml-settings-KeyValueStoresConfiguration:
+.. _yaml-settings-Key_value_storesConfiguration:
-KeyValueStoresConfiguration
----------------------------
+Key_value_storesConfiguration
+-----------------------------
- **lmdb**: Sequence of :ref:`LMDBKVStoreConfiguration <yaml-settings-LMDBKVStoreConfiguration>`
- **cdb**: Sequence of :ref:`CDBKVStoreConfiguration <yaml-settings-CDBKVStoreConfiguration>`
-- **lookup-keys**: :ref:`KVSLookupKeysConfiguration <yaml-settings-KVSLookupKeysConfiguration>`
+- **lookup_keys**: :ref:`KVSLookupKeysConfiguration <yaml-settings-KVSLookupKeysConfiguration>`
.. _yaml-settings-LMDBKVStoreConfiguration:
------------------------
- **name**: String
-- **file-name**: String
-- **database-name**: String
-- **no-lock**: Boolean ``(false)``
+- **file_name**: String
+- **database_name**: String
+- **no_lock**: Boolean ``(false)``
-.. _yaml-settings-LazyHealthCheckConfiguration:
+.. _yaml-settings-Lazy_health_checkConfiguration:
-LazyHealthCheckConfiguration
-----------------------------
+Lazy_health_checkConfiguration
+------------------------------
- **interval**: Unsigned integer ``(30)``
-- **min-sample-count**: Unsigned integer ``(1)``
+- **min_sample_count**: Unsigned integer ``(1)``
- **mode**: String ``(TimeoutOrServFail)``
-- **sample-size**: Unsigned integer ``(100)``
+- **sample_size**: Unsigned integer ``(100)``
- **threshold**: Unsigned integer ``(20)``
-- **use-exponential-back-off**: Boolean ``(false)``
-- **max-back-off**: Unsigned integer ``(3600)``
+- **use_exponential_back_off**: Boolean ``(false)``
+- **max_back_off**: Unsigned integer ``(3600)``
-.. _yaml-settings-LoadBalancingPoliciesConfiguration:
+.. _yaml-settings-Load_balancing_policiesConfiguration:
-LoadBalancingPoliciesConfiguration
-----------------------------------
+Load_balancing_policiesConfiguration
+------------------------------------
-- **default-policy**: String ``(leastOutstanding)``
-- **servfail-on-no-server**: Boolean ``(false)``
-- **round-robin-servfail-on-no-server**: Boolean ``(false)``
-- **weighted-balancing-factor**: Double ``(0.0)``
-- **consistent-hashing-balancing-factor**: Double ``(0.0)``
-- **custom-policies**: Sequence of :ref:`CustomLoadBalancingPolicyConfiguration <yaml-settings-CustomLoadBalancingPolicyConfiguration>`
-- **hash-perturbation**: Unsigned integer ``(0)``
+- **default_policy**: String ``(leastOutstanding)``
+- **servfail_on_no_server**: Boolean ``(false)``
+- **round_robin_servfail_on_no_server**: Boolean ``(false)``
+- **weighted_balancing_factor**: Double ``(0.0)``
+- **consistent_hashing_balancing_factor**: Double ``(0.0)``
+- **custom_policies**: Sequence of :ref:`CustomLoadBalancingPolicyConfiguration <yaml-settings-CustomLoadBalancingPolicyConfiguration>`
+- **hash_perturbation**: Unsigned integer ``(0)``
.. _yaml-settings-MetricsConfiguration:
- **carbon**: Sequence of :ref:`CarbonConfiguration <yaml-settings-CarbonConfiguration>`
-.. _yaml-settings-OutgoingAutoUpgradeConfiguration:
+.. _yaml-settings-Outgoing_auto_upgradeConfiguration:
-OutgoingAutoUpgradeConfiguration
---------------------------------
+Outgoing_auto_upgradeConfiguration
+----------------------------------
- **enabled**: Boolean ``(false)``
- **interval**: Unsigned integer ``(3600)``
- **keep**: Boolean ``(false)``
- **pool**: String ``("")``
-- **doh-key**: Unsigned integer ``(7)``
-- **use-lazy-health-check**: Boolean ``(false)``
+- **doh_key**: Unsigned integer ``(7)``
+- **use_lazy_health_check**: Boolean ``(false)``
-.. _yaml-settings-OutgoingDohConfiguration:
+.. _yaml-settings-Outgoing_dohConfiguration:
-OutgoingDohConfiguration
-------------------------
+Outgoing_dohConfiguration
+-------------------------
- **path**: String ``(/dns-query)``
-- **add-x-forwarded-headers**: Boolean ``(false)``
+- **add_x_forwarded_headers**: Boolean ``(false)``
-.. _yaml-settings-OutgoingTcpConfiguration:
+.. _yaml-settings-Outgoing_tcpConfiguration:
-OutgoingTcpConfiguration
-------------------------
+Outgoing_tcpConfiguration
+-------------------------
-- **connect-timeout**: Unsigned integer ``(5)``
-- **send-timeout**: Unsigned integer ``(30)``
-- **receive-timeout**: Unsigned integer ``(30)``
-- **fast-open**: Boolean ``(false)``
+- **connect_timeout**: Unsigned integer ``(5)``
+- **send_timeout**: Unsigned integer ``(30)``
+- **receive_timeout**: Unsigned integer ``(30)``
+- **fast_open**: Boolean ``(false)``
-.. _yaml-settings-OutgoingTlsConfiguration:
+.. _yaml-settings-Outgoing_tlsConfiguration:
-OutgoingTlsConfiguration
-------------------------
+Outgoing_tlsConfiguration
+-------------------------
- **provider**: String ``(OpenSSL)``
-- **subject-name**: String ``("")``
-- **subject-address**: String ``("")``
-- **validate-certificate**: Boolean ``(true)``
-- **ca-store**: String ``("")``
+- **subject_name**: String ``("")``
+- **subject_address**: String ``("")``
+- **validate_certificate**: Boolean ``(true)``
+- **ca_store**: String ``("")``
- **ciphers**: String ``("")``
-- **ciphers-tls-13**: String ``("")``
-- **key-log-file**: String ``("")``
-- **release-buffers**: Boolean ``(true)``
-- **enable-renegotiation**: Boolean ``(false)``
+- **ciphers_tls_13**: String ``("")``
+- **key_log_file**: String ``("")``
+- **release_buffers**: Boolean ``(true)``
+- **enable_renegotiation**: Boolean ``(false)``
- **ktls**: Boolean ``(false)``
-.. _yaml-settings-PacketCacheConfiguration:
+.. _yaml-settings-Packet_cacheConfiguration:
-PacketCacheConfiguration
-------------------------
+Packet_cacheConfiguration
+-------------------------
- **name**: String
- **size**: Unsigned integer
-- **deferrable-insert-lock**: Boolean ``(true)``
-- **dont-age**: Boolean ``(false)``
-- **keep-stale-data**: Boolean ``(false)``
-- **max-negative-ttl**: Unsigned integer ``(3600)``
-- **max-ttl**: Unsigned integer ``(86400)``
-- **min-ttl**: Unsigned integer ``(0)``
+- **deferrable_insert_lock**: Boolean ``(true)``
+- **dont_age**: Boolean ``(false)``
+- **keep_stale_data**: Boolean ``(false)``
+- **max_negative_ttl**: Unsigned integer ``(3600)``
+- **max_ttl**: Unsigned integer ``(86400)``
+- **min_ttl**: Unsigned integer ``(0)``
- **shards**: Unsigned integer ``(20)``
-- **parse-ecs**: Boolean ``(false)``
-- **stale-ttl**: Unsigned integer ``(60)``
-- **temporary-failure-ttl**: Unsigned integer ``(60)``
-- **cookie-hashing**: Boolean ``(false)``
-- **maximum-entry-size**: Unsigned integer ``(0)``
-- **options-to-skip**: Sequence of String
+- **parse_ecs**: Boolean ``(false)``
+- **stale_ttl**: Unsigned integer ``(60)``
+- **temporary_failure_ttl**: Unsigned integer ``(60)``
+- **cookie_hashing**: Boolean ``(false)``
+- **maximum_entry_size**: Unsigned integer ``(0)``
+- **options_to_skip**: Sequence of String
.. _yaml-settings-PoolConfiguration:
-----------------
- **name**: String
-- **packet-cache**: String
-- **policy**: String ``(least-outstanding)``
+- **packet_cache**: String
+- **policy**: String ``(leastOutstanding)``
.. _yaml-settings-ProtoBufMetaConfiguration:
- **value**: String
-.. _yaml-settings-ProtobufLoggerConfiguration:
+.. _yaml-settings-Protobuf_loggerConfiguration:
-ProtobufLoggerConfiguration
----------------------------
+Protobuf_loggerConfiguration
+----------------------------
- **name**: String
- **address**: String - An IP:PORT combination where the logger is listening
- **timeout**: Unsigned integer ``(2)`` - TCP connect timeout in seconds
-- **max-queued-entries**: Unsigned integer ``(100)`` - Queue this many messages before dropping new ones (e.g. when the remote listener closes the connection)
-- **reconnect-wait-time**: Unsigned integer ``(1)`` - Time in seconds between reconnection attempts
+- **max_queued_entries**: Unsigned integer ``(100)`` - Queue this many messages before dropping new ones (e.g. when the remote listener closes the connection)
+- **reconnect_wait_time**: Unsigned integer ``(1)`` - Time in seconds between reconnection attempts
-.. _yaml-settings-ProxyProtocolConfiguration:
+.. _yaml-settings-Proxy_protocolConfiguration:
-ProxyProtocolConfiguration
---------------------------
+Proxy_protocolConfiguration
+---------------------------
- **acl**: Sequence of String ``("")``
-- **maximum-payload-size**: Unsigned integer ``(512)``
-- **apply-acl-to-proxied-clients**: Boolean ``(false)``
+- **maximum_payload_size**: Unsigned integer ``(512)``
+- **apply_acl_to_proxied_clients**: Boolean ``(false)``
-.. _yaml-settings-ProxyProtocolValueConfiguration:
+.. _yaml-settings-Proxy_protocol_valueConfiguration:
-ProxyProtocolValueConfiguration
--------------------------------
+Proxy_protocol_valueConfiguration
+---------------------------------
- **key**: Unsigned integer
- **value**: String
-.. _yaml-settings-QueryCountConfiguration:
+.. _yaml-settings-Query_countConfiguration:
-QueryCountConfiguration
------------------------
+Query_countConfiguration
+------------------------
- **enabled**: Boolean ``(false)``
-- **filter-function-name**: String ``("")``
-- **filter-function-code**: String ``("")``
-- **filter-function-file**: String ``("")``
+- **filter_function_name**: String ``("")``
+- **filter_function_code**: String ``("")``
+- **filter_function_file**: String ``("")``
-.. _yaml-settings-QueryRuleConfiguration:
+.. _yaml-settings-Query_ruleConfiguration:
-QueryRuleConfiguration
-----------------------
+Query_ruleConfiguration
+-----------------------
- **name**: String
- **uuid**: String
- **action**: :ref:`Action <yaml-settings-Action>`
-.. _yaml-settings-RemoteLoggingConfiguration:
+.. _yaml-settings-Remote_loggingConfiguration:
-RemoteLoggingConfiguration
---------------------------
+Remote_loggingConfiguration
+---------------------------
-- **protobuf-loggers**: Sequence of :ref:`ProtobufLoggerConfiguration <yaml-settings-ProtobufLoggerConfiguration>`
-- **dnstap-loggers**: Sequence of :ref:`DnstapLoggerConfiguration <yaml-settings-DnstapLoggerConfiguration>`
+- **protobuf_loggers**: Sequence of :ref:`ProtobufLoggerConfiguration <yaml-settings-ProtobufLoggerConfiguration>`
+- **dnstap_loggers**: Sequence of :ref:`DnstapLoggerConfiguration <yaml-settings-DnstapLoggerConfiguration>`
-.. _yaml-settings-ResponseRuleConfiguration:
+.. _yaml-settings-Response_ruleConfiguration:
-ResponseRuleConfiguration
--------------------------
+Response_ruleConfiguration
+--------------------------
- **name**: String
- **uuid**: String
- **action**: :ref:`ResponseAction <yaml-settings-ResponseAction>`
-.. _yaml-settings-RingBuffersConfiguration:
+.. _yaml-settings-Ring_buffersConfiguration:
-RingBuffersConfiguration
-------------------------
+Ring_buffersConfiguration
+-------------------------
- **size**: Unsigned integer ``(10000)`` - The maximum amount of queries to keep in the ringbuffer
- **shards**: Unsigned integer ``(10)`` - The number of shards to use to limit lock contention
-- **lock-retries**: Unsigned integer ``(5)`` - Set the number of shards to attempt to lock without blocking before giving up and simply blocking while waiting for the next shard to be available. Default to 5 if there is more than one shard, 0 otherwise
-- **record-queries**: Boolean ``(true)`` - Whether to record queries in the ring buffers
-- **record-responses**: Boolean ``(true)`` - Whether to record responses in the ring buffers
+- **lock_retries**: Unsigned integer ``(5)`` - Set the number of shards to attempt to lock without blocking before giving up and simply blocking while waiting for the next shard to be available. Default to 5 if there is more than one shard, 0 otherwise
+- **record_queries**: Boolean ``(true)`` - Whether to record queries in the ring buffers
+- **record_responses**: Boolean ``(true)`` - Whether to record responses in the ring buffers
-.. _yaml-settings-SecurityPollingConfiguration:
+.. _yaml-settings-Security_pollingConfiguration:
-SecurityPollingConfiguration
-----------------------------
+Security_pollingConfiguration
+-----------------------------
-- **polling-interval**: Unsigned integer ``(3600)``
+- **polling_interval**: Unsigned integer ``(3600)``
- **suffix**: String ``(secpoll.powerdns.com.)``
-----------------
- **enabled**: Boolean ``(false)``
-- **traps-enabled**: Boolean ``(false)``
-- **daemon-socket**: String ``("")``
+- **traps_enabled**: Boolean ``(false)``
+- **daemon_socket**: String ``("")``
-.. _yaml-settings-TcpTuningConfiguration:
+.. _yaml-settings-Tcp_tuningConfiguration:
-TcpTuningConfiguration
-----------------------
+Tcp_tuningConfiguration
+-----------------------
-- **worker-threads**: Unsigned integer ``(10)``
-- **receive-timeout**: Unsigned integer ``(2)``
-- **send-timeout**: Unsigned integer ``(2)``
-- **max-queries-per-connection**: Unsigned integer ``(0)``
-- **max-connection-duration**: Unsigned integer ``(0)``
-- **max-queued-connections**: Unsigned integer ``(10000)``
-- **internal-pipe-buffer-size**: Unsigned integer ``(1048576)``
-- **outgoing-max-idle-time**: Unsigned integer ``(300)``
-- **outgoing-cleanup-interval**: Unsigned integer ``(60)``
-- **outgoing-max-idle-connection-per-backend**: Unsigned integer ``(10)``
-- **max-connections-per-client**: Unsigned integer ``(0)``
-- **fast-open-key**: String ``("")``
+- **worker_threads**: Unsigned integer ``(10)``
+- **receive_timeout**: Unsigned integer ``(2)``
+- **send_timeout**: Unsigned integer ``(2)``
+- **max_queries_per_connection**: Unsigned integer ``(0)``
+- **max_connection_duration**: Unsigned integer ``(0)``
+- **max_queued_connections**: Unsigned integer ``(10000)``
+- **internal_pipe_buffer_size**: Unsigned integer ``(1048576)``
+- **outgoing_max_idle_time**: Unsigned integer ``(300)``
+- **outgoing_cleanup_interval**: Unsigned integer ``(60)``
+- **outgoing_max_idle_connection_per_backend**: Unsigned integer ``(10)``
+- **max_connections_per_client**: Unsigned integer ``(0)``
+- **fast_open_key**: String ``("")``
-.. _yaml-settings-TlsTuningConfiguration:
+.. _yaml-settings-Tls_tuningConfiguration:
-TlsTuningConfiguration
-----------------------
+Tls_tuningConfiguration
+-----------------------
-- **outgoing-tickets-cache-cleanup-delay**: Unsigned integer ``(60)``
-- **outgoing-tickets-cache-validity**: Unsigned integer ``(600)``
-- **max-outgoing-tickets-per-backend**: Unsigned integer ``(20)``
+- **outgoing_tickets_cache_cleanup_delay**: Unsigned integer ``(60)``
+- **outgoing_tickets_cache_validity**: Unsigned integer ``(600)``
+- **max_outgoing_tickets_per_backend**: Unsigned integer ``(20)``
.. _yaml-settings-TuningConfiguration:
- **udp**: :ref:`UdpTuningConfiguration <yaml-settings-UdpTuningConfiguration>`
-.. _yaml-settings-UdpTuningConfiguration:
+.. _yaml-settings-Udp_tuningConfiguration:
-UdpTuningConfiguration
-----------------------
+Udp_tuningConfiguration
+-----------------------
-- **messages-per-round**: Unsigned integer ``(1)``
-- **send-buffer-size**: Unsigned integer ``(0)``
-- **receive-buffer-size**: Unsigned integer ``(0)``
-- **max-outstanding-per-backend**: Unsigned integer ``(65535)``
+- **messages_per_round**: Unsigned integer ``(1)``
+- **send_buffer_size**: Unsigned integer ``(0)``
+- **receive_buffer_size**: Unsigned integer ``(0)``
+- **max_outstanding_per_backend**: Unsigned integer ``(65535)``
- **timeout**: Unsigned integer ``(2)``
-- **randomize-outgoing-sockets-to-backend**: Boolean ``(false)``
-- **randomize-ids-to-backend**: Boolean ``(false)``
+- **randomize_outgoing_sockets_to_backend**: Boolean ``(false)``
+- **randomize_ids_to_backend**: Boolean ``(false)``
.. _yaml-settings-WebserverConfiguration:
WebserverConfiguration
----------------------
-- **listen-address**: String ``("")`` - IP address and port to listen on
+- **listen_address**: String ``("")`` - IP address and port to listen on
- **password**: String ``("")`` - The password used to access the internal webserver. Since 1.7.0 the password should be hashed and salted via the ``hashPassword()`` command
-- **api-key**: String ``("")`` - The API Key (set to an empty string do disable it). Since 1.7.0 the key should be hashed and salted via the ``hashPassword()`` command
+- **api_key**: String ``("")`` - The API Key (set to an empty string do disable it). Since 1.7.0 the key should be hashed and salted via the ``hashPassword()`` command
- **acl**: Sequence of String ``(127.0.0.1, ::1)`` - List of network masks or IP addresses that are allowed to open a connection to the web server
-- **api-requires-authentication**: Boolean ``(true)`` - Whether access to the API (/api endpoints) requires a valid API key
-- **stats-require-authentication**: Boolean ``(true)`` - Whether access to the statistics (/metrics and /jsonstat endpoints) requires a valid password or API key
-- **dashboard-requires-authentication**: Boolean ``(true)`` - Whether access to the internal dashboard requires a valid password
-- **max-concurrent-connections**: Unsigned integer ``(100)`` - The maximum number of concurrent web connections, or 0 which means an unlimited number
-- **hash-plaintext-credentials**: Boolean ``(false)`` - Whether passwords and API keys provided in plaintext should be hashed during startup, to prevent the plaintext versions from staying in memory. Doing so increases significantly the cost of verifying credentials
-- **custom-headers**: Sequence of :ref:`HttpCustomResponseHeaderConfiguration <yaml-settings-HttpCustomResponseHeaderConfiguration>`
-- **api-configuration-directory**: String ``("")``
-- **api-read-write**: Boolean ``(false)``
+- **api_requires_authentication**: Boolean ``(true)`` - Whether access to the API (/api endpoints) requires a valid API key
+- **stats_require_authentication**: Boolean ``(true)`` - Whether access to the statistics (/metrics and /jsonstat endpoints) requires a valid password or API key
+- **dashboard_requires_authentication**: Boolean ``(true)`` - Whether access to the internal dashboard requires a valid password
+- **max_concurrent_connections**: Unsigned integer ``(100)`` - The maximum number of concurrent web connections, or 0 which means an unlimited number
+- **hash_plaintext_credentials**: Boolean ``(false)`` - Whether passwords and API keys provided in plaintext should be hashed during startup, to prevent the plaintext versions from staying in memory. Doing so increases significantly the cost of verifying credentials
+- **custom_headers**: Sequence of :ref:`HttpCustomResponseHeaderConfiguration <yaml-settings-HttpCustomResponseHeaderConfiguration>`
+- **api_configuration_directory**: String ``("")``
+- **api_read_write**: Boolean ``(false)``
.. _yaml-settings-XskConfiguration:
- **interface**: String
- **queues**: Unsigned integer
- **frames**: Unsigned integer ``(65536)``
-- **map-path**: String ``(/sys/fs/bpf/dnsdist/xskmap)``
+- **map_path**: String ``(/sys/fs/bpf/dnsdist/xskmap)``
ResponseConfig
--------------
-- **set-aa**: Boolean
-- **set-ad**: Boolean
-- **set-ra**: Boolean
+- **set_aa**: Boolean
+- **set_ad**: Boolean
+- **set_ra**: Boolean
- **ttl**: Unsigned integer
.. _yaml-settings-SOAParams:
SVCRecordParameters
-------------------
-- **mandatory-params**: Sequence of Unsigned integer
+- **mandatory_params**: Sequence of Unsigned integer
- **alpns**: Sequence of String
-- **ipv4-hints**: Sequence of String
-- **ipv6-hints**: Sequence of String
+- **ipv4_hints**: Sequence of String
+- **ipv6_hints**: Sequence of String
- **additional_params**: Sequence of :ref:`SVCRecordAdditionalParams <yaml-settings-SVCRecordAdditionalParams>`
- **target**: String
- **port**: Unsigned integer
- **priority**: Unsigned integer
-- **no-default-alpn**: Boolean
+- **no_default_alpn**: Boolean
_yaml_config_template = """
console:
key: "%s"
- listen-address: "127.0.0.1:%d"
+ listen_address: "127.0.0.1:%d"
acl:
- 127.0.0.0/8
binds:
- - listen-address: "127.0.0.1:%d"
+ - listen_address: "127.0.0.1:%d"
protocol: "DNSCrypt"
dnscrypt:
- provider-name: "%s"
+ provider_name: "%s"
certificates:
- certificate: "DNSCryptResolver.cert"
key: "DNSCryptResolver.key"
backends:
- address: "127.0.0.1:%d"
protocol: Do53
-query-rules:
+query_rules:
- selector:
type: "QName"
qname: "udp.protocols.dnscrypt.tests.powerdns.com."
action:
type: "Lua"
- function-name: "checkDNSCryptUDP"
+ function_name: "checkDNSCryptUDP"
- selector:
type: "QName"
qname: "tcp.protocols.dnscrypt.tests.powerdns.com."
action:
type: "Lua"
- function-name: "checkDNSCryptTCP"
+ function_name: "checkDNSCryptTCP"
"""
_config_params = []
_yaml_config_params = ['_consoleKeyB64', '_consolePort', '_dnsDistPortDNSCrypt', '_providerName', '_testServerPort']
_yaml_config_template = """---
console:
key: "%s"
- listen-address: "127.0.0.1:%d"
+ listen_address: "127.0.0.1:%d"
acl:
- 127.0.0.0/8
backends:
- address: "127.0.0.1:%d"
protocol: "Do53"
binds:
- - listen-address: "127.0.0.1:%d"
+ - listen_address: "127.0.0.1:%d"
reuseport: true
protocol: "DoH"
tls:
- "/PowerDNS"
- "/PowerDNS2"
- "/PowerDNS-999"
- custom-response-headers:
+ custom_response_headers:
- key: "access-control-allow-origin"
value: "*"
- key: "user-agent"
value: "derp"
- key: "UPPERCASE"
value: "VaLuE"
- keep-incoming-headers: true
- responses-map:
+ keep_incoming_headers: true
+ responses_map:
- expression: "^/coffee$"
status: 418
content: 'C0FFEE'
headers:
- key: "FoO"
value: "bar"
-query-rules:
+query_rules:
- name: "Drop"
selector:
type: "QName"
type: "HTTPStatus"
status: 200
body: "Plaintext answer"
- content-type: "text/plain"
+ content_type: "text/plain"
- name: "HTTP status redirect"
selector:
type: "QName"
qname: "no-backend.doh.tests.powerdns.com."
action:
type: "Pool"
- pool-name: "this-pool-has-no-backend"
+ pool_name: "this-pool-has-no-backend"
- name: "HTTP Lua"
selector:
type: "QName"
qname: "http-lua.doh.tests.powerdns.com."
action:
type: "Lua"
- function-name: "dohHandler"
+ function_name: "dohHandler"
"""
_yaml_config_params = ['_consoleKeyB64', '_consolePort', '_testServerPort', '_dohServerPort', '_serverCert', '_serverKey', '_dohLibrary']
_config_template = """
- address: "127.0.0.1:%d"
protocol: "Do53"
binds:
- - listen-address: "127.0.0.1:%d"
+ - listen_address: "127.0.0.1:%d"
reuseport: true
protocol: "DoH3"
tls:
certificates:
- certificate: "%s"
key: "%s"
-query-rules:
+query_rules:
- name: "Drop"
selector:
type: "QName"
qname: "no-backend.doq.tests.powerdns.com."
action:
type: "Pool"
- pool-name: "this-pool-has-no-backend"
+ pool_name: "this-pool-has-no-backend"
"""
_yaml_config_params = ['_testServerPort', '_doqServerPort','_serverCert', '_serverKey']
- address: "127.0.0.1:%d"
protocol: "Do53"
binds:
- - listen-address: "127.0.0.1:%d"
+ - listen_address: "127.0.0.1:%d"
reuseport: true
protocol: "DoQ"
tls:
certificates:
- certificate: "%s"
key: "%s"
-query-rules:
+query_rules:
- name: "Drop"
selector:
type: "QName"
qname: "no-backend.doq.tests.powerdns.com."
action:
type: "Pool"
- pool-name: "this-pool-has-no-backend"
+ pool_name: "this-pool-has-no-backend"
"""
_yaml_config_params = ['_testServerPort', '_doqServerPort','_serverCert', '_serverKey']
backends:
- address: "127.0.0.1:%d"
protocol: Do53
-key-value-stores:
+key_value_stores:
lmdb:
- name: "lmdb-kvs"
- file-name: "%s"
- database-name: "%s"
- lookup-keys:
- source-ip-keys:
+ file_name: "%s"
+ database_name: "%s"
+ lookup_keys:
+ source_ip_keys:
- name: "lookup-source-ip"
- qname-keys:
+ qname_keys:
- name: "lookup-qname"
- name: "lookup-qname-plaintext"
- wire-format: false
- suffix-keys:
+ wire_format: false
+ suffix_keys:
- name: "lookup-suffix"
- tag-keys:
+ tag_keys:
- name: "lookup-tag-qname-result"
tag: "kvs-qname-result"
-query-rules:
+query_rules:
- name: "qname as key"
selector:
type: "And"
- type: "QName"
qname: "kvs-rule.lmdb.tests.powerdns.com."
- type: "KeyValueStoreLookup"
- kvs-name: "lmdb-kvs"
- lookup-key-name: "lookup-qname-plaintext"
+ kvs_name: "lmdb-kvs"
+ lookup_key_name: "lookup-qname-plaintext"
action:
type: "Spoof"
ips:
type: "All"
action:
type: "KeyValueStoreLookup"
- kvs-name: "lmdb-kvs"
- lookup-key-name: "lookup-source-ip"
- destination-tag: "kvs-sourceip-result"
+ kvs_name: "lmdb-kvs"
+ lookup_key_name: "lookup-source-ip"
+ destination_tag: "kvs-sourceip-result"
- name: "plaintext qname as key"
selector:
type: "All"
action:
type: "KeyValueStoreLookup"
- kvs-name: "lmdb-kvs"
- lookup-key-name: "lookup-qname-plaintext"
- destination-tag: "kvs-plain-text-result"
+ kvs_name: "lmdb-kvs"
+ lookup_key_name: "lookup-qname-plaintext"
+ destination_tag: "kvs-plain-text-result"
- name: "plaintext qname tag check"
selector:
type: "Tag"
type: "All"
action:
type: "KeyValueStoreLookup"
- kvs-name: "lmdb-kvs"
- lookup-key-name: "lookup-qname"
- destination-tag: "kvs-qname-result"
+ kvs_name: "lmdb-kvs"
+ lookup_key_name: "lookup-qname"
+ destination_tag: "kvs-qname-result"
- name: "wire qname tag check"
selector:
type: "Tag"
value: "this is the value of the qname tag"
action:
type: "KeyValueStoreLookup"
- kvs-name: "lmdb-kvs"
- lookup-key-name: "lookup-tag-qname-result"
- destination-tag: "kvs-tag-result"
+ kvs_name: "lmdb-kvs"
+ lookup_key_name: "lookup-tag-qname-result"
+ destination_tag: "kvs-tag-result"
- name: "source IP as key"
selector:
type: "All"
action:
type: "KeyValueStoreLookup"
- kvs-name: "lmdb-kvs"
- lookup-key-name: "lookup-source-ip"
- destination-tag: "kvs-sourceip-result"
+ kvs_name: "lmdb-kvs"
+ lookup_key_name: "lookup-source-ip"
+ destination_tag: "kvs-sourceip-result"
- name: "qname suffix as key"
selector:
type: "All"
action:
type: "KeyValueStoreLookup"
- kvs-name: "lmdb-kvs"
- lookup-key-name: "lookup-suffix"
- destination-tag: "kvs-suffix-result"
+ kvs_name: "lmdb-kvs"
+ lookup_key_name: "lookup-suffix"
+ destination_tag: "kvs-suffix-result"
- name: "tag check"
selector:
type: "Tag"
_yaml_config_template = """---
console:
key: "%s"
- listen-address: "127.0.0.1:%d"
+ listen_address: "127.0.0.1:%d"
acl:
- 127.0.0.0/8
backends:
- "cache"
tls:
provider: "%s"
- validate-certificate: true
- ca-store: "ca.pem"
- subject-name: "powerdns.com"
+ validate_certificate: true
+ ca_store: "ca.pem"
+ subject_name: "powerdns.com"
doh:
path: "/dns-query"
- health-checks:
+ health_checks:
mode: "UP"
webserver:
- listen-address: "127.0.0.1:%d"
+ listen_address: "127.0.0.1:%d"
password: "%s"
- api-key: "%s"
+ api_key: "%s"
acl:
- 127.0.0.0/8
tuning:
tcp:
- worker-threads: 1
+ worker_threads: 1
pools:
- name: "cache"
- packet-cache: "pc"
-packet-caches:
+ packet_cache: "pc"
+packet_caches:
- name: "pc"
size: 100
-query-rules:
+query_rules:
- name: "suffix to pool"
selector:
type: "QNameSuffix"
- "cached.outgoing-doh.test.powerdns.com."
action:
type: "Pool"
- pool-name: "cache"
+ pool_name: "cache"
"""
_yaml_config_params = ['_consoleKeyB64', '_consolePort', '_tlsBackendPort', '_tlsProvider', '_webServerPort', '_webServerBasicAuthPasswordHashed', '_webServerAPIKeyHashed']
protocol: "DoT"
tls:
provider: "openssl"
- validate-certificate: true
- ca-store: "ca.pem"
- subject-name: "powerdns.com"
+ validate_certificate: true
+ ca_store: "ca.pem"
+ subject_name: "powerdns.com"
webserver:
- listen-address: "127.0.0.1:%d"
+ listen_address: "127.0.0.1:%d"
password: "%s"
- api-key: "%s"
+ api_key: "%s"
acl:
- 127.0.0.0/8
tuning:
tcp:
- worker-threads: 1
+ worker_threads: 1
"""
_yaml_config_params = ['_tlsBackendPort', '_webServerPort', '_webServerBasicAuthPasswordHashed', '_webServerAPIKeyHashed']
_yaml_config_template = """---
binds:
- - listen-address: "127.0.0.1:%d"
+ - listen_address: "127.0.0.1:%d"
reuseport: true
protocol: Do53
threads: 2
- address: "127.0.0.1:%d"
protocol: Do53
-remote-logging:
- protobuf-loggers:
+remote_logging:
+ protobuf_loggers:
- name: "my-logger"
address: "127.0.0.1:%d"
timeout: 1
-query-rules:
+query_rules:
- name: "my-rule"
selector:
type: "All"
action:
type: "RemoteLog"
- logger-name: "my-logger"
- server-id: "%s"
- export-tags:
+ logger_name: "my-logger"
+ server_id: "%s"
+ export_tags:
- "tag-1"
- "tag-2"
"""
_yaml_config_template = """---
console:
key: "%s"
- listen-address: "127.0.0.1:%d"
+ listen_address: "127.0.0.1:%d"
acl:
- 127.0.0.0/8
backends:
- address: "127.0.0.1:%d"
protocol: "Do53"
binds:
- - listen-address: "127.0.0.1:%d"
+ - listen_address: "127.0.0.1:%d"
reuseport: true
protocol: "DoT"
tls:
- certificate: "%s"
key: "%s"
provider: "openssl"
-query-rules:
+query_rules:
- name: "SNI"
selector:
type: "SNI"
- server-name: "powerdns.com"
+ server_name: "powerdns.com"
action:
type: "Spoof"
ips:
_yaml_config_template = """---
webserver:
- listen-address: "127.0.0.1:%d"
+ listen_address: "127.0.0.1:%d"
acl:
- 127.0.0.0/8
console:
- listen-address: "127.0.0.1:%d"
+ listen_address: "127.0.0.1:%d"
key: "%s"
acl:
- 127.0.0.0/8
-edns-client-subnet:
- override-existing: true
- source-prefix-v4: 32
- source-prefix-v6: 48
+edns_client_subnet:
+ override_existing: true
+ source_prefix_v4: 32
+ source_prefix_v6: 48
acl:
- 127.0.0.1/32
- ::1/128
-ring-buffers:
+ring_buffers:
size: 2000
shards: 2
binds:
- - listen-address: "127.0.0.1:%d"
+ - listen_address: "127.0.0.1:%d"
reuseport: true
protocol: Do53
threads: 2
name: "is-tcp"
tcp: true
-query-rules:
+query_rules:
- name: "route inline-yaml to inline pool"
selector:
type: "QNameSet"
- "inline-lua.yaml.test.powerdns.com."
action:
type: "Pool"
- pool-name: "inline"
- stop-processing: true
+ pool_name: "inline"
+ stop_processing: true
- name: "my-rule"
selector:
type: "And"
selectors:
- type: "ByName"
- selector-name: "is-tcp"
+ selector_name: "is-tcp"
- type: "Not"
selector:
type: "RD"
action:
type: "Pool"
- pool-name: "tcp-pool"
+ pool_name: "tcp-pool"
-response-rules:
+response_rules:
- name: "inline RD=0 TCP gets cleared"
selector:
type: "And"
selectors:
- type: "ByName"
- selector-name: "is-tcp"
+ selector_name: "is-tcp"
- type: "QNameSet"
qnames:
- "inline-lua.yaml.test.powerdns.com."
- type: "Lua"
name: "Match responses on RD=0 (inline)"
- function-code: |
+ function_code: |
return function(dr)
local rd = dr.dh:getRD()
if not rd then
- "inline-lua.yaml.test.powerdns.com."
- type: "Lua"
name: "Match responses on RD=0 (file)"
- function-file: "yaml-config-files/yaml-inline-lua-file.yml"
+ function_file: "yaml-config-files/yaml-inline-lua-file.yml"
action:
type: "TC"
"""
projects / thirdparty / pdns.git / commitdiff
