{
bool addOrRefreshBlock(ClientAddressDynamicRules& blocks, const timespec& now, const AddressAndPortRange& requestor, DynBlock&& dblock, bool beQuiet)
{
- unsigned int count = 0;
+ uint32_t count = 0;
bool expired = false;
bool wasWarning = false;
bool bpf = false;
bool addOrRefreshBlockSMT(SuffixDynamicRules& blocks, const timespec& now, DynBlock&& dblock, bool beQuiet)
{
- unsigned int count = 0;
+ uint32_t count = 0;
/* be careful, if you try to insert a longer suffix
lookup() might return a shorter one if it is
already in the tree as a final node */
}
}
-std::map<std::string, std::list<std::pair<AddressAndPortRange, unsigned int>>> DynBlockMaintenance::getTopNetmasks(size_t topN)
+std::map<std::string, std::list<std::pair<AddressAndPortRange, uint32_t>>> DynBlockMaintenance::getTopNetmasks(size_t topN)
{
- std::map<std::string, std::list<std::pair<AddressAndPortRange, unsigned int>>> results;
+ std::map<std::string, std::list<std::pair<AddressAndPortRange, uint32_t>>> results;
if (topN == 0) {
return results;
}
topsForReason.pop_front();
}
- topsForReason.insert(std::lower_bound(topsForReason.begin(), topsForReason.end(), newEntry, [](const std::pair<AddressAndPortRange, unsigned int>& rhs, const std::pair<AddressAndPortRange, unsigned int>& lhs) {
+ topsForReason.insert(std::lower_bound(topsForReason.begin(), topsForReason.end(), newEntry, [](const std::pair<AddressAndPortRange, uint32_t>& rhs, const std::pair<AddressAndPortRange, uint32_t>& lhs) {
return rhs.second < lhs.second;
}),
newEntry);
return results;
}
-std::map<std::string, std::list<std::pair<DNSName, unsigned int>>> DynBlockMaintenance::getTopSuffixes(size_t topN)
+std::map<std::string, std::list<std::pair<DNSName, uint32_t>>> DynBlockMaintenance::getTopSuffixes(size_t topN)
{
- std::map<std::string, std::list<std::pair<DNSName, unsigned int>>> results;
+ std::map<std::string, std::list<std::pair<DNSName, uint32_t>>> results;
if (topN == 0) {
return results;
}
topsForReason.pop_front();
}
- topsForReason.insert(std::lower_bound(topsForReason.begin(), topsForReason.end(), newEntry, [](const std::pair<DNSName, unsigned int>& rhs, const std::pair<DNSName, unsigned int>& lhs) {
+ topsForReason.insert(std::lower_bound(topsForReason.begin(), topsForReason.end(), newEntry, [](const std::pair<DNSName, uint32_t>& rhs, const std::pair<DNSName, uint32_t>& lhs) {
return rhs.second < lhs.second;
}),
newEntry);
struct DynBlockEntryStat
{
size_t sum{0};
- unsigned int lastSeenValue{0};
+ uint32_t lastSeenValue{0};
};
std::list<DynBlockMaintenance::MetricsSnapshot> DynBlockMaintenance::s_metricsData;
}
/* now we need to get the top N entries (for each "reason") based on our counters (sum of the last N entries) */
- std::map<std::string, std::list<std::pair<AddressAndPortRange, unsigned int>>> topNMGs;
+ std::map<std::string, std::list<std::pair<AddressAndPortRange, uint32_t>>> topNMGs;
{
for (const auto& reason : netmasks) {
auto& topsForReason = topNMGs[reason.first];
for (const auto& entry : reason.second) {
if (topsForReason.size() < s_topN || topsForReason.front().second < entry.second.sum) {
/* Note that this is a gauge, so we need to divide by the number of elapsed seconds */
- auto newEntry = std::pair<AddressAndPortRange, unsigned int>(entry.first, std::round(static_cast<double>(entry.second.sum) / 60.0));
+ auto newEntry = std::pair<AddressAndPortRange, uint32_t>(entry.first, std::round(static_cast<double>(entry.second.sum) / 60.0));
if (topsForReason.size() >= s_topN) {
topsForReason.pop_front();
}
- topsForReason.insert(std::lower_bound(topsForReason.begin(), topsForReason.end(), newEntry, [](const std::pair<AddressAndPortRange, unsigned int>& rhs, const std::pair<AddressAndPortRange, unsigned int>& lhs) {
+ topsForReason.insert(std::lower_bound(topsForReason.begin(), topsForReason.end(), newEntry, [](const std::pair<AddressAndPortRange, uint32_t>& rhs, const std::pair<AddressAndPortRange, uint32_t>& lhs) {
return rhs.second < lhs.second;
}),
newEntry);
}
/* now we need to get the top N entries (for each "reason") based on our counters (sum of the last N entries) */
- std::map<std::string, std::list<std::pair<DNSName, unsigned int>>> topSMTs;
+ std::map<std::string, std::list<std::pair<DNSName, uint32_t>>> topSMTs;
{
for (const auto& reason : smt) {
auto& topsForReason = topSMTs[reason.first];
for (const auto& entry : reason.second) {
if (topsForReason.size() < s_topN || topsForReason.front().second < entry.second.sum) {
/* Note that this is a gauge, so we need to divide by the number of elapsed seconds */
- auto newEntry = std::pair<DNSName, unsigned int>(entry.first, std::round(static_cast<double>(entry.second.sum) / 60.0));
+ auto newEntry = std::pair<DNSName, uint32_t>(entry.first, std::round(static_cast<double>(entry.second.sum) / 60.0));
if (topsForReason.size() >= s_topN) {
topsForReason.pop_front();
}
- topsForReason.insert(std::lower_bound(topsForReason.begin(), topsForReason.end(), newEntry, [](const std::pair<DNSName, unsigned int>& lhs, const std::pair<DNSName, unsigned int>& rhs) {
+ topsForReason.insert(std::lower_bound(topsForReason.begin(), topsForReason.end(), newEntry, [](const std::pair<DNSName, uint32_t>& lhs, const std::pair<DNSName, uint32_t>& rhs) {
return lhs.second < rhs.second;
}),
newEntry);
}
}
-std::map<std::string, std::list<std::pair<AddressAndPortRange, unsigned int>>> DynBlockMaintenance::getHitsForTopNetmasks()
+std::map<std::string, std::list<std::pair<AddressAndPortRange, uint32_t>>> DynBlockMaintenance::getHitsForTopNetmasks()
{
return s_tops.lock()->topNMGsByReason;
}
-std::map<std::string, std::list<std::pair<DNSName, unsigned int>>> DynBlockMaintenance::getHitsForTopSuffixes()
+std::map<std::string, std::list<std::pair<DNSName, uint32_t>>> DynBlockMaintenance::getHitsForTopSuffixes()
{
return s_tops.lock()->topSMTsByReason;
}
return true;
}
-bool DynBlockRulesGroup::DynBlockRule::rateExceeded(unsigned int count, const struct timespec& now) const
+bool DynBlockRulesGroup::DynBlockRule::rateExceeded(uint32_t count, const struct timespec& now) const
{
if (!d_enabled) {
return false;
return (count > limit);
}
-bool DynBlockRulesGroup::DynBlockRule::warningRateExceeded(unsigned int count, const struct timespec& now) const
+bool DynBlockRulesGroup::DynBlockRule::warningRateExceeded(uint32_t count, const struct timespec& now) const
{
if (!d_enabled) {
return false;
return (count > limit);
}
-bool DynBlockRulesGroup::DynBlockRatioRule::ratioExceeded(unsigned int total, unsigned int count) const
+bool DynBlockRulesGroup::DynBlockRatioRule::ratioExceeded(uint32_t total, uint32_t count) const
{
if (!d_enabled) {
return false;
return (count > allowed);
}
-bool DynBlockRulesGroup::DynBlockRatioRule::warningRatioExceeded(unsigned int total, unsigned int count) const
+bool DynBlockRulesGroup::DynBlockRatioRule::warningRatioExceeded(uint32_t total, uint32_t count) const
{
if (!d_enabled) {
return false;
return globalCacheHitRatio >= d_minimumGlobalCacheHitRatio;
}
-bool DynBlockRulesGroup::DynBlockCacheMissRatioRule::ratioExceeded(unsigned int total, unsigned int count) const
+bool DynBlockRulesGroup::DynBlockCacheMissRatioRule::ratioExceeded(uint32_t total, uint32_t count) const
{
if (!DynBlockRulesGroup::DynBlockRatioRule::ratioExceeded(total, count)) {
return false;
return checkGlobalCacheHitRatio();
}
-bool DynBlockRulesGroup::DynBlockCacheMissRatioRule::warningRatioExceeded(unsigned int total, unsigned int count) const
+bool DynBlockRulesGroup::DynBlockCacheMissRatioRule::warningRatioExceeded(uint32_t total, uint32_t count) const
{
if (!DynBlockRulesGroup::DynBlockRatioRule::warningRatioExceeded(total, count)) {
return false;
struct DynBlockRule
{
DynBlockRule() = default;
- DynBlockRule(const std::string& blockReason, unsigned int blockDuration, unsigned int rate, unsigned int warningRate, unsigned int seconds, DNSAction::Action action) :
+ DynBlockRule(const std::string& blockReason, uint32_t blockDuration, uint32_t rate, uint32_t warningRate, uint32_t seconds, DNSAction::Action action) :
d_blockReason(blockReason), d_blockDuration(blockDuration), d_rate(rate), d_warningRate(warningRate), d_seconds(seconds), d_action(action), d_enabled(true)
{
}
bool matches(const struct timespec& when);
- bool rateExceeded(unsigned int count, const struct timespec& now) const;
- bool warningRateExceeded(unsigned int count, const struct timespec& now) const;
+ bool rateExceeded(uint32_t count, const struct timespec& now) const;
+ bool warningRateExceeded(uint32_t count, const struct timespec& now) const;
bool isEnabled() const
{
std::shared_ptr<DynBlock::TagSettings> d_tagSettings;
struct timespec d_cutOff;
struct timespec d_minTime;
- unsigned int d_blockDuration{0};
- unsigned int d_rate{0};
- unsigned int d_warningRate{0};
- unsigned int d_seconds{0};
+ uint32_t d_blockDuration{0};
+ uint32_t d_rate{0};
+ uint32_t d_warningRate{0};
+ uint32_t d_seconds{0};
DNSAction::Action d_action{DNSAction::Action::None};
bool d_enabled{false};
};
struct DynBlockRatioRule : DynBlockRule
{
DynBlockRatioRule() = default;
- DynBlockRatioRule(const std::string& blockReason, unsigned int blockDuration, double ratio, double warningRatio, unsigned int seconds, DNSAction::Action action, size_t minimumNumberOfResponses) :
+ DynBlockRatioRule(const std::string& blockReason, uint32_t blockDuration, double ratio, double warningRatio, uint32_t seconds, DNSAction::Action action, size_t minimumNumberOfResponses) :
DynBlockRule(blockReason, blockDuration, 0, 0, seconds, action), d_minimumNumberOfResponses(minimumNumberOfResponses), d_ratio(ratio), d_warningRatio(warningRatio)
{
}
- bool ratioExceeded(unsigned int total, unsigned int count) const;
- bool warningRatioExceeded(unsigned int total, unsigned int count) const;
+ bool ratioExceeded(uint32_t total, uint32_t count) const;
+ bool warningRatioExceeded(uint32_t total, uint32_t count) const;
std::string toString() const;
size_t d_minimumNumberOfResponses{0};
struct DynBlockCacheMissRatioRule : public DynBlockRatioRule
{
DynBlockCacheMissRatioRule() = default;
- DynBlockCacheMissRatioRule(const std::string& blockReason, unsigned int blockDuration, double ratio, double warningRatio, unsigned int seconds, DNSAction::Action action, size_t minimumNumberOfResponses, double minimumGlobalCacheHitRatio) :
+ DynBlockCacheMissRatioRule(const std::string& blockReason, uint32_t blockDuration, double ratio, double warningRatio, uint32_t seconds, DNSAction::Action action, size_t minimumNumberOfResponses, double minimumGlobalCacheHitRatio) :
DynBlockRatioRule(blockReason, blockDuration, ratio, warningRatio, seconds, action, minimumNumberOfResponses), d_minimumGlobalCacheHitRatio(minimumGlobalCacheHitRatio)
{
}
bool checkGlobalCacheHitRatio() const;
- bool ratioExceeded(unsigned int total, unsigned int count) const;
- bool warningRatioExceeded(unsigned int total, unsigned int count) const;
+ bool ratioExceeded(uint32_t total, uint32_t count) const;
+ bool warningRatioExceeded(uint32_t total, uint32_t count) const;
std::string toString() const;
double d_minimumGlobalCacheHitRatio{0.0};
static void run();
/* return the (cached) number of hits per second for the top offenders, averaged over 60s */
- static std::map<std::string, std::list<std::pair<AddressAndPortRange, unsigned int>>> getHitsForTopNetmasks();
- static std::map<std::string, std::list<std::pair<DNSName, unsigned int>>> getHitsForTopSuffixes();
+ static std::map<std::string, std::list<std::pair<AddressAndPortRange, uint32_t>>> getHitsForTopNetmasks();
+ static std::map<std::string, std::list<std::pair<DNSName, uint32_t>>> getHitsForTopSuffixes();
/* get the top offenders based on the current value of the counters */
- static std::map<std::string, std::list<std::pair<AddressAndPortRange, unsigned int>>> getTopNetmasks(size_t topN);
- static std::map<std::string, std::list<std::pair<DNSName, unsigned int>>> getTopSuffixes(size_t topN);
+ static std::map<std::string, std::list<std::pair<AddressAndPortRange, uint32_t>>> getTopNetmasks(size_t topN);
+ static std::map<std::string, std::list<std::pair<DNSName, uint32_t>>> getTopSuffixes(size_t topN);
static void purgeExpired(const struct timespec& now);
private:
struct MetricsSnapshot
{
- std::map<std::string, std::list<std::pair<AddressAndPortRange, unsigned int>>> nmgData;
- std::map<std::string, std::list<std::pair<DNSName, unsigned int>>> smtData;
+ std::map<std::string, std::list<std::pair<AddressAndPortRange, uint32_t>>> nmgData;
+ std::map<std::string, std::list<std::pair<DNSName, uint32_t>>> smtData;
};
struct Tops
{
- std::map<std::string, std::list<std::pair<AddressAndPortRange, unsigned int>>> topNMGsByReason;
- std::map<std::string, std::list<std::pair<DNSName, unsigned int>>> topSMTsByReason;
+ std::map<std::string, std::list<std::pair<AddressAndPortRange, uint32_t>>> topNMGsByReason;
+ std::map<std::string, std::list<std::pair<DNSName, uint32_t>>> topSMTsByReason;
};
static LockGuarded<Tops> s_tops;
projects / thirdparty / pdns.git / commitdiff
