From: Pieter Lexis Date: Thu, 13 Oct 2016 16:03:37 +0000 (+0200) Subject: Lua: Give access to the dnsheader X-Git-Tag: dnsdist-1.1.0-beta2~8^2~2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=621e4e59bdae1fdfcf6bfe526557f73d95c2037d;p=pdns Lua: Give access to the dnsheader --- diff --git a/docs/markdown/recursor/scripting.md b/docs/markdown/recursor/scripting.md index 2beb7c758..862fb1d8c 100644 --- a/docs/markdown/recursor/scripting.md +++ b/docs/markdown/recursor/scripting.md @@ -107,6 +107,11 @@ It also supports the following methods: the answer too, which defaults to the name of the question * `addPolicyTag(tag)`: add a policy tag. * `discardPolicy(policyname)`: skip the filtering policy (for example RPZ) named `policyname` for this query. This is mostly useful in the `prerpz` hook. +* `getDH()` - Returns the DNS Header of the query or nil. A DNS header offers the following methods: + * `getRD()`, `getAA()`, `getAD()`, `getCD()`, `getTC()`: query these bits from the DNS Header + * `getRCODE()`: get the RCODE of the query + * `getOPCODE()`: get the OPCODE of the query + * `getID()`: get the ID of the query * `getPolicyTags()`: get the current policy tags as a table of strings. * `getRecords()`: get a table of DNS Records in this DNS Question (or answer by now) * `setPolicyTags(tags)`: update the policy tags, taking a table of strings. @@ -128,12 +133,7 @@ With this hook, undesired traffic can be dropped rapidly before using precious C for parsing. `remoteip` is the IP(v6) address of the requestor, `localip` is the address on which the query arrived. -`dh` is the DNS Header of the query, and it offers the following methods: - -* `getRD()`, `getAA()`, `getAD()`, `getCD()`, `getRD()`, `getRD()`, `getTC()`: query these bits from the DNS Header -* `getRCODE()`: get the RCODE of the query -* `getOPCODE()`: get the OPCODE of the query -* `getID()`: get the ID of the query +`dh` is the DNS Header of the query, and it offers the same functions as the `dq.getDH()` object described above. As an example, to filter all queries coming from 1.2.3.0/24, or with the AD bit set: diff --git a/pdns/lua-recursor4.cc b/pdns/lua-recursor4.cc index a80701b0c..36769190b 100644 --- a/pdns/lua-recursor4.cc +++ b/pdns/lua-recursor4.cc @@ -159,6 +159,13 @@ static int getFakePTRRecords(const DNSName& qname, const std::string& prefix, ve } +boost::optional RecursorLua4::DNSQuestion::getDH() const +{ + if (dh) + return *dh; + return boost::optional(); +} + vector > RecursorLua4::DNSQuestion::getEDNSOptions() const { if(ednsOptions) @@ -397,6 +404,7 @@ RecursorLua4::RecursorLua4(const std::string& fname) pol.d_custom = shared_ptr(DNSRecordContent::mastermake(QType::CNAME, 1, content)); } ); + d_lw->registerFunction("getDH", &DNSQuestion::getDH); d_lw->registerFunction("getEDNSOptions", &DNSQuestion::getEDNSOptions); d_lw->registerFunction("getEDNSOption", &DNSQuestion::getEDNSOption); d_lw->registerFunction("getEDNSSubnet", &DNSQuestion::getEDNSSubnet); diff --git a/pdns/lua-recursor4.hh b/pdns/lua-recursor4.hh index f0b9a078d..3acce5d51 100644 --- a/pdns/lua-recursor4.hh +++ b/pdns/lua-recursor4.hh @@ -55,6 +55,7 @@ public: const uint16_t qtype; const ComboAddress& local; const ComboAddress& remote; + const struct dnsheader* dh{nullptr}; const bool isTcp; const std::vector>* ednsOptions{nullptr}; vector* currentRecords{nullptr}; @@ -69,6 +70,7 @@ public: void addAnswer(uint16_t type, const std::string& content, boost::optional ttl, boost::optional name); void addRecord(uint16_t type, const std::string& content, DNSResourceRecord::Place place, boost::optional ttl, boost::optional name); vector > getRecords() const; + boost::optional getDH() const; vector > getEDNSOptions() const; boost::optional getEDNSOption(uint16_t code) const; boost::optional getEDNSSubnet() const; diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index a0f7cccce..31c6cd734 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -752,6 +752,7 @@ void startDoResolve(void *p) dq->policyTags = &dc->d_policyTags; dq->appliedPolicy = &appliedPolicy; dq->currentRecords = &ret; + dq->dh = &dc->d_mdp.d_header; } if(dc->d_mdp.d_qtype==QType::ANY && !dc->d_tcp && g_anyToTcp) {