From: Remi Gacogne Date: Fri, 4 Aug 2017 08:49:28 +0000 (+0200) Subject: dnsdist: Add setConsoleConnectionsLogging() X-Git-Tag: dnsdist-1.2.0~28^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=506bb6610475d567d7da48e667611628b586fbc6;p=pdns dnsdist: Add setConsoleConnectionsLogging() --- diff --git a/pdns/dnsdist-console.cc b/pdns/dnsdist-console.cc index 6a28b5437..196536bed 100644 --- a/pdns/dnsdist-console.cc +++ b/pdns/dnsdist-console.cc @@ -35,6 +35,7 @@ #include "ext/json11/json11.hpp" vector > g_confDelta; +bool g_logConsoleConnections{true}; // MUST BE CALLED UNDER A LOCK - right now the LuaLock void feedConfigDelta(const std::string& line) @@ -358,6 +359,7 @@ const std::vector g_consoleKeywords{ { "sendCustomTrap", true, "str", "send a custom `SNMP` trap from Lua, containing the `str` string"}, { "setACL", true, "{netmask, netmask}", "replace the ACL set with these netmasks. Use `setACL({})` to reset the list, meaning no one can use us" }, { "setAPIWritable", true, "bool, dir", "allow modifications via the API. if `dir` is set, it must be a valid directory where the configuration files will be written by the API" }, + { "setConsoleConnectionsLogging", true, "enabled", "whether to log the opening and closing of console connections" }, { "setDNSSECPool", true, "pool name", "move queries requesting DNSSEC processing to this pool" }, { "setDynBlocksAction", true, "action", "set which action is performed when a query is blocked. Only DNSAction.Drop (the default) and DNSAction.Refused are supported" }, { "setECSOverride", true, "bool", "whether to override an existing EDNS Client Subnet value in the query" }, @@ -568,7 +570,9 @@ try putMsgLen32(fd, response.length()); writen2(fd, response.c_str(), response.length()); } - infolog("Closed control connection from %s", client.toStringWithPort()); + if (g_logConsoleConnections) { + infolog("Closed control connection from %s", client.toStringWithPort()); + } close(fd); fd=-1; } diff --git a/pdns/dnsdist-lua2.cc b/pdns/dnsdist-lua2.cc index 9bdc77b83..2d27ca636 100644 --- a/pdns/dnsdist-lua2.cc +++ b/pdns/dnsdist-lua2.cc @@ -1458,4 +1458,8 @@ void moreLua(bool client) setLuaSideEffect(); g_downstreamTCPCleanupInterval = interval; }); + + g_lua.writeFunction("setConsoleConnectionsLogging", [](bool enabled) { + g_logConsoleConnections = enabled; + }); } diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc index a5cb24ce1..b90271a59 100644 --- a/pdns/dnsdist.cc +++ b/pdns/dnsdist.cc @@ -1591,7 +1591,10 @@ try int sock; warnlog("Accepting control connections on %s", local.toStringWithPort()); while((sock=SAccept(fd, client)) >= 0) { - warnlog("Got control connection from %s", client.toStringWithPort()); + if (g_logConsoleConnections) { + warnlog("Got control connection from %s", client.toStringWithPort()); + } + thread t(controlClientThread, sock, client); t.detach(); } diff --git a/pdns/dnsdist.hh b/pdns/dnsdist.hh index e92a72ecf..deef9f33b 100644 --- a/pdns/dnsdist.hh +++ b/pdns/dnsdist.hh @@ -775,6 +775,7 @@ struct ConsoleKeyword { } }; extern const std::vector g_consoleKeywords; +extern bool g_logConsoleConnections; #ifdef HAVE_EBPF extern shared_ptr g_defaultBPFFilter; diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst index 108a70f2f..b53edfe3b 100644 --- a/pdns/dnsdistdist/docs/reference/config.rst +++ b/pdns/dnsdistdist/docs/reference/config.rst @@ -120,6 +120,14 @@ Control Socket, Console and Webserver Generate and print an encryption key. +.. function:: setConsoleConnectionsLogging(enabled) + + .. versionadded:: 1.2.0 + + Whether to log the opening and closing of console connections. + + :param bool enabled: Default to true. + .. function:: setKey(key) Use ``key`` as shared secret between the client and the server