From: Reinier Schoof <reinier@skoef.nl>
Date: Tue, 5 Jul 2016 19:11:25 +0000 (+0200)
Subject: implemented src parameter for NetmaskGroupRule
X-Git-Tag: rec-4.0.2~21^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6865ccee52aa6d1d4610985d67ed1c9c2bc9a70f;p=thirdparty%2Fpdns.git

implemented src parameter for NetmaskGroupRule
---

diff --git a/pdns/README-dnsdist.md b/pdns/README-dnsdist.md
index b4076558c4..0043ff3607 100644
--- a/pdns/README-dnsdist.md
+++ b/pdns/README-dnsdist.md
@@ -1215,7 +1215,7 @@ instantiate a server with additional parameters
     * `DNSSECRule()`: matches queries with the DO flag set
     * `MaxQPSIPRule(qps, v4Mask=32, v6Mask=64)`: matches traffic exceeding the qps limit per subnet
     * `MaxQPSRule(qps)`: matches traffic **not** exceeding this qps limit
-    * `NetmaskGroupRule()`: matches traffic from the specified network range
+    * `NetmaskGroupRule(nmg, [src-bool])`: matches traffic from the specified network range. Pass `false` as second parameter to match NetmaskGroup  against destination address instead of source address
     * `NotRule()`: matches if the sub-rule does not match
     * `OrRule()`: matches if at least one of the sub-rules matches
     * `OpcodeRule()`: matches queries with the specified opcode
diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc
index ebd6e41889..ca39e25ab4 100644
--- a/pdns/dnsdist-lua.cc
+++ b/pdns/dnsdist-lua.cc
@@ -779,8 +779,8 @@ vector<std::function<void(void)>> setupLua(bool client, const std::string& confi
       return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false));
     });
 
-  g_lua.writeFunction("NetmaskGroupRule", [](const NetmaskGroup& nmg) {
-      return std::shared_ptr<DNSRule>(new NetmaskGroupRule(nmg));
+  g_lua.writeFunction("NetmaskGroupRule", [](const NetmaskGroup& nmg, bool src = true) {
+      return std::shared_ptr<DNSRule>(new NetmaskGroupRule(nmg, src));
     });
 
   g_lua.writeFunction("benchRule", [](std::shared_ptr<DNSRule> rule, boost::optional<int> times_, boost::optional<string> suffix_)  {
diff --git a/pdns/dnsrulactions.hh b/pdns/dnsrulactions.hh
index d364157460..e5422270a9 100644
--- a/pdns/dnsrulactions.hh
+++ b/pdns/dnsrulactions.hh
@@ -90,16 +90,27 @@ protected:
 class NetmaskGroupRule : public NMGRule
 {
 public:
-  NetmaskGroupRule(const NetmaskGroup& nmg) : NMGRule(nmg) {}
+  NetmaskGroupRule(const NetmaskGroup& nmg, bool src) : NMGRule(nmg)
+  {
+      d_src = src;
+  }
   bool matches(const DNSQuestion* dq) const override
   {
+    if(!d_src) {
+        return d_nmg.match(*dq->local);
+    }
     return d_nmg.match(*dq->remote);
   }
 
   string toString() const override
   {
+    if(!d_src) {
+        return "Dst: "+d_nmg.toString();
+    }
     return "Src: "+d_nmg.toString();
   }
+private:
+  bool d_src;
 };
 
 class AllRule : public DNSRule