From: Y7n05h <Y7n05h@protonmail.com>
Date: Mon, 11 Apr 2022 15:44:46 +0000 (+0800)
Subject: Reject BPFFilter::attachToAllBinds() at configuration time
X-Git-Tag: rec-4.7.0-beta1~4^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5c87c4dfbd1b971f38c171fa890453f3a48b15be;p=thirdparty%2Fpdns.git

Reject BPFFilter::attachToAllBinds() at configuration time

Signed-off-by: Y7n05h <Y7n05h@protonmail.com>
---

diff --git a/pdns/dnsdist-lua-bindings.cc b/pdns/dnsdist-lua-bindings.cc
index 30eff5d39d..0ea0250a2f 100644
--- a/pdns/dnsdist-lua-bindings.cc
+++ b/pdns/dnsdist-lua-bindings.cc
@@ -547,6 +547,10 @@ void setupLuaBindings(LuaContext& luaCtx, bool client)
 
   luaCtx.registerFunction<void(std::shared_ptr<BPFFilter>::*)()>("attachToAllBinds", [](std::shared_ptr<BPFFilter> bpf) {
       std::string res;
+      if (!g_configurationDone) {
+        throw std::runtime_error("attachToAllBinds() cannot be used at configuration time!");
+        return;
+      }
       if (bpf) {
         for (const auto& frontend : g_frontends) {
           frontend->attachFilter(bpf);
diff --git a/pdns/dnsdistdist/docs/advanced/ebpf.rst b/pdns/dnsdistdist/docs/advanced/ebpf.rst
index 488480406e..6ce847bff8 100644
--- a/pdns/dnsdistdist/docs/advanced/ebpf.rst
+++ b/pdns/dnsdistdist/docs/advanced/ebpf.rst
@@ -30,7 +30,9 @@ Contrary to source address filtering, qname filtering only works over UDP. TCP q
 
   addAction(AndRule({TCPRule(true), makeRule("evildomain.com")}), DropAction())
 
-The :meth:`BPFFilter:attachToAllBinds` method attaches the filter to every existing bind at runtime, but it's also possible to define a default BPF filter at configuration time, so it's automatically attached to every bind::
+The :meth:`BPFFilter:attachToAllBinds` method attaches the filter to every existing bind at runtime. It cannot use at configuration time. The :func:`setDefaultBPFFilter()` should be used at configuration time.
+
+The :meth:`BPFFilter:attachToAllBinds` automatically attached to every bind::
 
   bpf = newBPFFilter(1024, 1024, 1024)
   setDefaultBPFFilter(bpf)
diff --git a/pdns/dnsdistdist/docs/reference/ebpf.rst b/pdns/dnsdistdist/docs/reference/ebpf.rst
index 5fc3da9f0e..6899bffd34 100644
--- a/pdns/dnsdistdist/docs/reference/ebpf.rst
+++ b/pdns/dnsdistdist/docs/reference/ebpf.rst
@@ -66,7 +66,9 @@ These are all the functions, objects and methods related to the :doc:`../advance
   .. method:: BPFFilter:attachToAllBinds()
 
     Attach this filter to every bind already defined.
-    This is the run-time equivalent of :func:`setDefaultBPFFilter`
+    This is the run-time equivalent of :func:`setDefaultBPFFilter`.
+    This only can be use at run-time.
+
 
   .. method:: BPFFilter:block(address)