A special rule is `AndRule{rule1, rule2}`, which only matches if all of its subrules match.
Current actions are:
- * Drop
- * Route to a pool
+ * Drop (DropAction)
+ * Route to a pool (PoolAction)
* Return with TC=1 (truncated, ie, instruction to retry with TCP)
* Force a ServFail, NotImp or Refused answer
* Send out a crafted response (NXDOMAIN or "real" data)
- * Delay a response by n milliseconds
+ * Delay a response by n milliseconds (DelayAction)
* Modify query to remove RD bit
Rules can be added via:
- * addAction(DNS rule)
+ * addAction(DNS rule, DNS Action)
* addAnyTCRule()
* addDelay(DNS rule, delay in milliseconds)
* addDisableValidationRule(DNS rule)
* a RegexRule
* a SuffixMatchNodeRule
+A convenience function `makeRule()` is supplied which will make a NetmaskGroupRule for you or a SuffixMatchNodeRule
+depending on how you call it. `makeRule("0.0.0.0/0")` will for example match all IPv4 traffic, `makeRule{"be","nl","lu"}` will
+match all Benelux DNS traffic.
+
More power
----------
More powerful things can be achieved by defining a function called
return ret;
} );
-
+ g_lua.writeFunction("makeRule", makeRule);
g_lua.writeFunction("addAnyTCRule", []() {
setLuaSideEffect();
auto rules=g_rulactions.getCopy();
projects / pdns / commitdiff