* defcontent = CNAME field to return in case of defpol=Policy.Custom
* defttl = the TTL of the CNAME field to be synthesized. The default is to use the zone's TTL
* policyName = the name logged as 'appliedPolicy' in protobuf messages when this policy is applied
+* zoneSizeHint = an indication of the number of expected entries in the zone, speeding up the loading of huge zones by reserving space in advance
In addition to those, `rpzMaster` accepts:
{
}
-bool findNamedPolicy(const map<DNSName, DNSFilterEngine::Policy>& polmap, const DNSName& qname, DNSFilterEngine::Policy& pol)
+static bool findNamedPolicy(const std::unordered_map<DNSName, DNSFilterEngine::Policy>& polmap, const DNSName& qname, DNSFilterEngine::Policy& pol)
{
- DNSName s(qname);
-
/* for www.powerdns.com, we need to check:
www.powerdns.com.
*.powerdns.com.
*.
*/
- map<DNSName, DNSFilterEngine::Policy>::const_iterator iter;
- iter = polmap.find(s);
+ std::unordered_map<DNSName, DNSFilterEngine::Policy>::const_iterator iter;
+ iter = polmap.find(qname);
if(iter != polmap.end()) {
pol=iter->second;
return true;
}
+ DNSName s(qname);
while(s.chopOff()){
iter = polmap.find(g_wildcarddnsname+s);
if(iter != polmap.end()) {
DNSFilterEngine();
void clear();
void clear(size_t zone);
+ void reserve(size_t zone, size_t entriesCount) {
+ assureZones(zone);
+ d_zones[zone].qpolName.reserve(entriesCount);
+ }
void addClientTrigger(const Netmask& nm, Policy pol, size_t zone);
void addQNameTrigger(const DNSName& nm, Policy pol, size_t zone);
void addNSTrigger(const DNSName& dn, Policy pol, size_t zone);
private:
void assureZones(size_t zone);
struct Zone {
- std::map<DNSName, Policy> qpolName; // QNAME trigger (RPZ)
+ std::unordered_map<DNSName, Policy> qpolName; // QNAME trigger (RPZ)
NetmaskTree<Policy> qpolAddr; // Source address
- std::map<DNSName, Policy> propolName; // NSDNAME (RPZ)
+ std::unordered_map<DNSName, Policy> propolName; // NSDNAME (RPZ)
NetmaskTree<Policy> propolNSAddr; // NSIP (RPZ)
NetmaskTree<Policy> postpolAddr; // IP trigger (RPZ)
std::shared_ptr<std::string> name;
};
vector<Zone> d_zones;
-
};
try {
boost::optional<DNSFilterEngine::Policy> defpol;
std::string polName("rpzFile");
+ const size_t zoneIdx = lci.dfe.size();
if(options) {
auto& have = *options;
if(have.count("policyName")) {
defpol->d_ttl = -1; // get it from the zone
}
}
+ if(have.count("zoneSizeHint")) {
+ lci.dfe.reserve(zoneIdx, static_cast<size_t>(boost::get<int>(constGet(have, "zoneSizeHint"))));
+ }
}
- const size_t zoneIdx = lci.dfe.size();
theL()<<Logger::Warning<<"Loading RPZ from file '"<<filename<<"'"<<endl;
lci.dfe.setPolicyName(zoneIdx, polName);
loadRPZFromFile(filename, lci.dfe, defpol, zoneIdx);
int refresh=0;
std::string polName;
size_t maxReceivedXFRMBytes = 0;
- ComboAddress localAddress;
+ ComboAddress localAddress;
+ const size_t zoneIdx = lci.dfe.size();
if(options) {
auto& have = *options;
polName = zone_;
defpol->d_ttl = -1; // get it from the zone
}
}
+ if(have.count("zoneSizeHint")) {
+ lci.dfe.reserve(zoneIdx, static_cast<size_t>(boost::get<int>(constGet(have, "zoneSizeHint"))));
+ }
if(have.count("tsigname")) {
tt.name=DNSName(toLower(boost::get<string>(constGet(have, "tsigname"))));
tt.algo=DNSName(toLower(boost::get<string>(constGet(have, "tsigalgo"))));
// We were passed a localAddress, check if its AF matches the master's
throw PDNSException("Master address("+master.toString()+") is not of the same Address Family as the local address ("+localAddress.toString()+").");
DNSName zone(zone_);
- const size_t zoneIdx = lci.dfe.size();
lci.dfe.setPolicyName(zoneIdx, polName);
if (!checkOnly) {
projects / pdns / commitdiff