From: bert hubert <bert.hubert@netherlabs.nl>
Date: Sat, 2 Jan 2016 13:15:28 +0000 (+0100)
Subject: add NetmaskGroup to dnsdist Lua and document it, closes #3144
X-Git-Tag: dnsdist-1.0.0-alpha2~132^2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=68e82cf901925c999f2543ac35ed47e5097689d4;p=pdns

add NetmaskGroup to dnsdist Lua and document it, closes #3144
---

diff --git a/pdns/README-dnsdist.md b/pdns/README-dnsdist.md
index 17dd25084..348446895 100644
--- a/pdns/README-dnsdist.md
+++ b/pdns/README-dnsdist.md
@@ -854,7 +854,11 @@ instantiate a server with additional parameters
      * `newNMG()`: return a new NetmaskTree<DynBlock>
      * member `add(ComboAddress, msg[, seconds])`: insert a new address into a DynBlock
    * NetmaskGroup related
-     * nothing yet
+     * function `newNMG()`: returns a NetmaskGroup
+     * member `addMask(mask)`: adds `mask` to the NetmaskGroup
+     * member `match(ComboAddress)`: checks if ComboAddress is matched by this NetmaskGroup
+     * member `clear()`: clears the NetmaskGroup
+     * member `size()`: returns number of netmasks in this NetmaskGroup
    * QPSLimiter related:
      * `newQPSLimiter(rate, burst)`: configure a QPS limiter with that rate and that burst capacity
      * member `check()`: check if this QPSLimiter has a token for us. If yes, you must use it.
diff --git a/pdns/dnsdist-lua2.cc b/pdns/dnsdist-lua2.cc
index d1838ec19..8bd81e2a6 100644
--- a/pdns/dnsdist-lua2.cc
+++ b/pdns/dnsdist-lua2.cc
@@ -121,21 +121,18 @@ void moreLua()
 {
   typedef NetmaskTree<DynBlock> nmts_t;
   g_lua.writeFunction("newCA", [](const std::string& name) { return ComboAddress(name); });
-  g_lua.writeFunction("newNMG", []() { return nmts_t(); });
-  g_lua.registerFunction<void(nmts_t::*)(const ComboAddress&, const std::string&, boost::optional<int> seconds)>("add", 
-														 [](nmts_t& s, const ComboAddress& ca, const std::string& msg, boost::optional<int> seconds) 
-							       { 
-								 struct timespec until;
-								 clock_gettime(CLOCK_MONOTONIC, &until);
-								 until.tv_sec += seconds ? *seconds : 10;
-								 
-								 s.insert(Netmask(ca)).second={msg, until};
-							       });
-
-  g_lua.writeFunction("setDynBlockNMG", [](const nmts_t& nmg) {
-      setLuaSideEffect();
-      g_dynblockNMG.setState(nmg);
-    });
+
+
+  g_lua.writeFunction("newNMG", []() { return NetmaskGroup(); });
+  g_lua.registerFunction<void(NetmaskGroup::*)(const std::string&mask)>("addMask", [](NetmaskGroup&nmg, const std::string& mask)
+			 {
+			   nmg.addMask(mask);
+			 });
+
+  g_lua.registerFunction("match", (bool (NetmaskGroup::*)(const ComboAddress&) const)&NetmaskGroup::match);
+  g_lua.registerFunction("size", &NetmaskGroup::size);  
+  g_lua.registerFunction("clear", &NetmaskGroup::clear);  
+
 
   g_lua.writeFunction("showDynBlocks", []() {
       setLuaNoSideEffect();
diff --git a/pdns/dnsdistconf.lua b/pdns/dnsdistconf.lua
index 4258c75cd..bdb37edf3 100644
--- a/pdns/dnsdistconf.lua
+++ b/pdns/dnsdistconf.lua
@@ -46,8 +46,16 @@ addDomainBlock("isis.")
 
 block=newDNSName("powerdns.org.")
 -- called before we distribute a question
+
+truncateNMG = newNMG()
+truncateNMG:addMask("213.244.0.0/16")
+truncateNMG:addMask("2001:503:ba3e::2:30")
+truncateNMG:addMask("fe80::/16")
+
+print(string.format("Have %d entries in truncate NMG", truncateNMG:size()))
+
 function blockFilter(remote, qname, qtype, dh)
-	 if(qtype==255) 
+	 if(qtype==255 or truncateNMG:match(remote)) 
 	 then
 --	        print("any query, tc=1")
 		dh:setTC(true)