From: Matti Hiljanen <matti@hiljanen.com>
Date: Mon, 7 Dec 2020 11:37:25 +0000 (+0200)
Subject: dnsdist: add setACLFromFile()
X-Git-Tag: rec-4.5.0-alpha1~78^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cbee37e8218bd0393845fdd94e9446b2c31fed25;p=thirdparty%2Fpdns.git

dnsdist: add setACLFromFile()
---

diff --git a/pdns/dnsdist-console.cc b/pdns/dnsdist-console.cc
index 52328d9b6a..ecf2d08d03 100644
--- a/pdns/dnsdist-console.cc
+++ b/pdns/dnsdist-console.cc
@@ -511,6 +511,7 @@ const std::vector<ConsoleKeyword> g_consoleKeywords{
   { "roundrobin", false, "", "Simple round robin over available servers" },
   { "sendCustomTrap", true, "str", "send a custom `SNMP` trap from Lua, containing the `str` string"},
   { "setACL", true, "{netmask, netmask}", "replace the ACL set with these netmasks. Use `setACL({})` to reset the list, meaning no one can use us" },
+  { "setACLFromFile", true, "file", "replace the ACL set with netmasks in this file" },
   { "setAddEDNSToSelfGeneratedResponses", true, "add", "set whether to add EDNS to self-generated responses, provided that the initial query had EDNS" },
   { "setAllowEmptyResponse", true, "allow", "Set to true (defaults to false) to allow empty responses (qdcount=0) with a NoError or NXDomain rcode (default) from backends" },
   { "setAPIWritable", true, "bool, dir", "allow modifications via the API. if `dir` is set, it must be a valid directory where the configuration files will be written by the API" },
diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc
index 6de9aed771..e25b57dab8 100644
--- a/pdns/dnsdist-lua.cc
+++ b/pdns/dnsdist-lua.cc
@@ -675,6 +675,31 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
       g_ACL.setState(nmg);
   });
 
+  luaCtx.writeFunction("setACLFromFile", [](const std::string& file) {
+      setLuaSideEffect();
+      NetmaskGroup nmg;
+
+      ifstream ifs(file);
+      if(!ifs) {
+        throw std::runtime_error("Could not open '"+file+"': "+stringerror());
+      }
+
+      string::size_type pos;
+      string line;
+      while(getline(ifs,line)) {
+        pos=line.find('#');
+        if(pos!=string::npos)
+          line.resize(pos);
+        boost::trim(line);
+        if(line.empty())
+          continue;
+
+        nmg.addMask(line);
+      }
+
+      g_ACL.setState(nmg);
+  });
+
   luaCtx.writeFunction("showACL", []() {
       setLuaNoSideEffect();
       vector<string> vec;