From: Aki Tuomi Date: Tue, 27 Jun 2017 04:43:21 +0000 (+0300) Subject: docs: Drop unused documentation X-Git-Tag: rec-4.1.0-alpha1~23^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d66449df367177a9262a7c875ec57138bf17dc92;p=thirdparty%2Fpdns.git docs: Drop unused documentation This never was actually used anywhere, so it's safe to drop. --- diff --git a/docs/WIP/luapolicy.xml b/docs/WIP/luapolicy.xml deleted file mode 100644 index b9608e3ef9..0000000000 --- a/docs/WIP/luapolicy.xml +++ /dev/null @@ -1,56 +0,0 @@ - Lua Policy Engine - - Starting with release 3.4.0, the PowerDNS Authoritative Server has support for Lua scripting to - make policy decisions. The most common usage for these hooks is to implement RRL or RRL-like policies. - - - In the source tree, policy-example-rrl.lua contains an example RRL script - that aims to faithfully implement Vixie/Schryver's original draft. The script demonstrates most aspects of the policy API. More information about the original (in BIND) and other implementations can be found on - Vixie's RRL page. - - - If you set experimental-lua-policy-script in - pdns.conf, PowerDNS will load one instance of your - script, so your global state is exactly that -- global state. PowerDNS - will call the police function with three arguments, - up to two times per query. Before talking to the database, PowerDNS - will call police with req set, but - resp will be nil. For queries answered - from cache, this step is skipped. Before sending out a response (either from database - or from cache), we will call the function with all arguments filled. - - - The prototype for police is: - -function police (req, resp, isTcp) - - req is always set. resp is set when we are about to send out - a response. isTcp is a boolean that is set to true when the client is on TCP. - You could use this to mark clients as 'real and legit'. - - - req and resp are thin wrappers around the PowerDNS - DNSPacket object. The following methods are supported, shown with suggested usage and return values/types: - -qname, qtype = resp:getQuestion() -- string, number -remote = resp:getRemote() -- string (remote IPv4/v6 address) -wild = resp:getWild() -- string (see below) -zone = resp:getZone() -- string (see below) -reqsize = req:getSize() -- number (in bytes) -respsize = resp:getSize() -- number (in bytes) -rcode = resp:getRcode() -- number -an, ns, ar = resp:getRRCounts() -- number, number, number - - getWild() returns the name of the wildcard that was matched by qname, - or the empty string if no wildcard was matched. getZone() yields the name of the - authoritative zone holding the returned data. getRRCounts() tells you, respectively, the - number of ANSWER, AUTHORITY and ADDITIONAL records in the response. - - - police is expected to return pdns.PASS (tells PowerDNS to proceed - as normal), pdns.DROP (tells PowerDNS to silently drop the query/response) - or pdns.TRUNCATE (tells PowerDNS to send an empty response with TC=1, which should make - legitimate clients switch to TCP for this query). Note that TCP queries/responses (with isTcp set to true) ignore this return value from police. - - -