From: Y7n05h Date: Fri, 22 Apr 2022 17:49:41 +0000 (+0800) Subject: rename BPFFilter:unblockRange() to BPFFilter:allowRange() X-Git-Tag: auth-4.8.0-alpha0~66^2~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d87bff85df7cb6c655b52593139fba90d75f7d13;p=thirdparty%2Fpdns.git rename BPFFilter:unblockRange() to BPFFilter:allowRange() Signed-off-by: Y7n05h --- diff --git a/pdns/bpf-filter.cc b/pdns/bpf-filter.cc index c7912fd39f..00f93802db 100644 --- a/pdns/bpf-filter.cc +++ b/pdns/bpf-filter.cc @@ -565,7 +565,7 @@ void BPFFilter::block(const Netmask& addr, BPFFilter::MatchAction action) } } -void BPFFilter::unblock(const Netmask& addr) +void BPFFilter::allow(const Netmask& addr) { int res = 0; CounterAndActionValue value; @@ -904,7 +904,7 @@ void BPFFilter::block(const Netmask&, BPFFilter::MatchAction) { throw std::runtime_error("eBPF support not enabled"); } -void BPFFilter::unblock(const Netmask&) +void BPFFilter::allow(const Netmask&) { throw std::runtime_error("eBPF support not enabled"); } diff --git a/pdns/bpf-filter.hh b/pdns/bpf-filter.hh index 87e4a41557..6c04418ea6 100644 --- a/pdns/bpf-filter.hh +++ b/pdns/bpf-filter.hh @@ -72,7 +72,7 @@ public: void block(const Netmask& address, BPFFilter::MatchAction action); void block(const DNSName& qname, MatchAction action, uint16_t qtype=255); void unblock(const ComboAddress& addr); - void unblock(const Netmask& address); + void allow(const Netmask& address); void unblock(const DNSName& qname, uint16_t qtype=255); std::vector > getAddrStats(); diff --git a/pdns/dnsdist-lua-bindings.cc b/pdns/dnsdist-lua-bindings.cc index d9b84e6342..adba3e165f 100644 --- a/pdns/dnsdist-lua-bindings.cc +++ b/pdns/dnsdist-lua-bindings.cc @@ -555,11 +555,11 @@ void setupLuaBindings(LuaContext& luaCtx, bool client) return bpf->unblock(ca); } }); - luaCtx.registerFunction::*)(const string& range)>("unblockRange", [](std::shared_ptr bpf, const string& range) { + luaCtx.registerFunction::*)(const string& range)>("allowRange", [](std::shared_ptr bpf, const string& range) { if (!bpf) { return; } - bpf->unblock(Netmask(range)); + bpf->allow(Netmask(range)); }); luaCtx.registerFunction::*)(const DNSName& qname, boost::optional qtype)>("unblockQName", [](std::shared_ptr bpf, const DNSName& qname, boost::optional qtype) { if (bpf) { diff --git a/pdns/dnsdistdist/docs/reference/ebpf.rst b/pdns/dnsdistdist/docs/reference/ebpf.rst index 37afdfee42..74eba1873e 100644 --- a/pdns/dnsdistdist/docs/reference/ebpf.rst +++ b/pdns/dnsdistdist/docs/reference/ebpf.rst @@ -108,12 +108,12 @@ These are all the functions, objects and methods related to the :doc:`../advance :param ComboAddress address: The address to unblock - .. method:: BPFFilter:unblockRange(Netmask) + .. method:: BPFFilter:allowRange(Netmask) .. versionchanged:: 1.8.0 - Unblock this range. - + Allow all IP address in this range. + DNSDist will attempt to delete the item specified by Netmask first, and if no such item can be found, a new item will be inserted to indicate the exception for this subnet. DNSDist eBPF code first checks if an exact IP match is found, then if a range matches, and finally if a DNSName does. If a query coming from an IP or range marked as allowed, but is for a qname for which a DNSName block exists, the packet will be accepted as the first match wins.