diff options
Diffstat (limited to '')
-rw-r--r-- | dnsdist-lua-rules.cc | 662 |
1 files changed, 662 insertions, 0 deletions
diff --git a/dnsdist-lua-rules.cc b/dnsdist-lua-rules.cc new file mode 100644 index 0000000..da309e5 --- /dev/null +++ b/dnsdist-lua-rules.cc @@ -0,0 +1,662 @@ +/* + * This file is part of PowerDNS or dnsdist. + * Copyright -- PowerDNS.COM B.V. and its contributors + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * In addition, for the avoidance of any doubt, permission is granted to + * link this program with OpenSSL and to (re)distribute the binaries + * produced as the result of such linking. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#include "dnsdist.hh" +#include "dnsdist-lua.hh" +#include "dnsdist-rules.hh" + +std::shared_ptr<DNSRule> makeRule(const luadnsrule_t& var) +{ + if (var.type() == typeid(std::shared_ptr<DNSRule>)) + return *boost::get<std::shared_ptr<DNSRule>>(&var); + + SuffixMatchNode smn; + NetmaskGroup nmg; + auto add=[&](string src) { + try { + nmg.addMask(src); // need to try mask first, all masks are domain names! + } catch(...) { + smn.add(DNSName(src)); + } + }; + + if (var.type() == typeid(string)) + add(*boost::get<string>(&var)); + + else if (var.type() == typeid(LuaArray<std::string>)) + for(const auto& a : *boost::get<LuaArray<std::string>>(&var)) + add(a.second); + + else if (var.type() == typeid(DNSName)) + smn.add(*boost::get<DNSName>(&var)); + + else if (var.type() == typeid(LuaArray<DNSName>)) + for(const auto& a : *boost::get<LuaArray<DNSName>>(&var)) + smn.add(a.second); + + if(nmg.empty()) + return std::make_shared<SuffixMatchNodeRule>(smn); + else + return std::make_shared<NetmaskGroupRule>(nmg, true); +} + +static boost::uuids::uuid makeRuleID(std::string& id) +{ + if (id.empty()) { + return getUniqueID(); + } + + return getUniqueID(id); +} + +void parseRuleParams(boost::optional<luaruleparams_t>& params, boost::uuids::uuid& uuid, std::string& name, uint64_t& creationOrder) +{ + static uint64_t s_creationOrder = 0; + + string uuidStr; + + getOptionalValue<std::string>(params, "uuid", uuidStr); + getOptionalValue<std::string>(params, "name", name); + + uuid = makeRuleID(uuidStr); + creationOrder = s_creationOrder++; +} + +typedef LuaAssociativeTable<boost::variant<bool, int, std::string, LuaArray<int> > > ruleparams_t; + +template<typename T> +static std::string rulesToString(const std::vector<T>& rules, boost::optional<ruleparams_t> vars) +{ + int num = 0; + bool showUUIDs = false; + size_t truncateRuleWidth = string::npos; + std::string result; + + getOptionalValue<bool>(vars, "showUUIDs", showUUIDs); + getOptionalValue<int>(vars, "truncateRuleWidth", truncateRuleWidth); + checkAllParametersConsumed("rulesToString", vars); + + if (showUUIDs) { + boost::format fmt("%-3d %-30s %-38s %9d %9d %-56s %s\n"); + result += (fmt % "#" % "Name" % "UUID" % "Cr. Order" % "Matches" % "Rule" % "Action").str(); + for(const auto& lim : rules) { + string desc = lim.d_rule->toString().substr(0, truncateRuleWidth); + result += (fmt % num % lim.d_name % boost::uuids::to_string(lim.d_id) % lim.d_creationOrder % lim.d_rule->d_matches % desc % lim.d_action->toString()).str(); + ++num; + } + } + else { + boost::format fmt("%-3d %-30s %9d %-56s %s\n"); + result += (fmt % "#" % "Name" % "Matches" % "Rule" % "Action").str(); + for(const auto& lim : rules) { + string desc = lim.d_rule->toString().substr(0, truncateRuleWidth); + result += (fmt % num % lim.d_name % lim.d_rule->d_matches % desc % lim.d_action->toString()).str(); + ++num; + } + } + return result; +} + +template<typename T> +static void showRules(GlobalStateHolder<vector<T> > *someRuleActions, boost::optional<ruleparams_t> vars) { + setLuaNoSideEffect(); + + auto rules = someRuleActions->getLocal(); + g_outputBuffer += rulesToString(*rules, vars); +} + +template<typename T> +static void rmRule(GlobalStateHolder<vector<T> > *someRuleActions, boost::variant<unsigned int, std::string> id) { + setLuaSideEffect(); + auto rules = someRuleActions->getCopy(); + if (auto str = boost::get<std::string>(&id)) { + try { + const auto uuid = getUniqueID(*str); + auto removeIt = std::remove_if(rules.begin(), + rules.end(), + [&uuid](const T& rule) { return rule.d_id == uuid; }); + if (removeIt == rules.end()) { + g_outputBuffer = "Error: no rule matched\n"; + return; + } + rules.erase(removeIt, + rules.end()); + } + catch (const std::runtime_error& e) { + /* it was not an UUID, let's see if it was a name instead */ + auto removeIt = std::remove_if(rules.begin(), + rules.end(), + [&str](const T& rule) { return rule.d_name == *str; }); + if (removeIt == rules.end()) { + g_outputBuffer = "Error: no rule matched\n"; + return; + } + rules.erase(removeIt, + rules.end()); + } + } + else if (auto pos = boost::get<unsigned int>(&id)) { + if (*pos >= rules.size()) { + g_outputBuffer = "Error: attempt to delete non-existing rule\n"; + return; + } + rules.erase(rules.begin()+*pos); + } + someRuleActions->setState(std::move(rules)); +} + +template<typename T> +static void moveRuleToTop(GlobalStateHolder<vector<T> > *someRuleActions) { + setLuaSideEffect(); + auto rules = someRuleActions->getCopy(); + if(rules.empty()) + return; + auto subject = *rules.rbegin(); + rules.erase(std::prev(rules.end())); + rules.insert(rules.begin(), subject); + someRuleActions->setState(std::move(rules)); +} + +template<typename T> +static void mvRule(GlobalStateHolder<vector<T> > *someRespRuleActions, unsigned int from, unsigned int to) { + setLuaSideEffect(); + auto rules = someRespRuleActions->getCopy(); + if(from >= rules.size() || to > rules.size()) { + g_outputBuffer = "Error: attempt to move rules from/to invalid index\n"; + return; + } + auto subject = rules[from]; + rules.erase(rules.begin()+from); + if(to > rules.size()) + rules.push_back(subject); + else { + if(from < to) + --to; + rules.insert(rules.begin()+to, subject); + } + someRespRuleActions->setState(std::move(rules)); +} + +template<typename T> +static std::vector<T> getTopRules(const std::vector<T>& rules, unsigned int top) +{ + std::vector<std::pair<size_t, size_t>> counts; + counts.reserve(rules.size()); + + size_t pos = 0; + for (const auto& rule : rules) { + counts.push_back({rule.d_rule->d_matches.load(), pos}); + pos++; + } + + sort(counts.begin(), counts.end(), [](const decltype(counts)::value_type& a, + const decltype(counts)::value_type& b) { + return b.first < a.first; + }); + + std::vector<T> results; + results.reserve(top); + + size_t count = 0; + for (const auto& entry : counts) { + results.emplace_back(rules.at(entry.second)); + ++count; + if (count == top) { + break; + } + } + + return results; +} + +void setupLuaRules(LuaContext& luaCtx) +{ + luaCtx.writeFunction("makeRule", makeRule); + + luaCtx.registerFunction<string(std::shared_ptr<DNSRule>::*)()const>("toString", [](const std::shared_ptr<DNSRule>& rule) { return rule->toString(); }); + + luaCtx.writeFunction("showResponseRules", [](boost::optional<ruleparams_t> vars) { + showRules(&g_respruleactions, vars); + }); + + luaCtx.writeFunction("rmResponseRule", [](boost::variant<unsigned int, std::string> id) { + rmRule(&g_respruleactions, id); + }); + + luaCtx.writeFunction("mvResponseRuleToTop", []() { + moveRuleToTop(&g_respruleactions); + }); + + luaCtx.writeFunction("mvResponseRule", [](unsigned int from, unsigned int to) { + mvRule(&g_respruleactions, from, to); + }); + + luaCtx.writeFunction("showCacheHitResponseRules", [](boost::optional<ruleparams_t> vars) { + showRules(&g_cachehitrespruleactions, vars); + }); + + luaCtx.writeFunction("rmCacheHitResponseRule", [](boost::variant<unsigned int, std::string> id) { + rmRule(&g_cachehitrespruleactions, id); + }); + + luaCtx.writeFunction("mvCacheHitResponseRuleToTop", []() { + moveRuleToTop(&g_cachehitrespruleactions); + }); + + luaCtx.writeFunction("mvCacheHitResponseRule", [](unsigned int from, unsigned int to) { + mvRule(&g_cachehitrespruleactions, from, to); + }); + + luaCtx.writeFunction("showCacheInsertedResponseRules", [](boost::optional<ruleparams_t> vars) { + showRules(&g_cacheInsertedRespRuleActions, vars); + }); + + luaCtx.writeFunction("rmCacheInsertedResponseRule", [](boost::variant<unsigned int, std::string> id) { + rmRule(&g_cacheInsertedRespRuleActions, id); + }); + + luaCtx.writeFunction("mvCacheInsertedResponseRuleToTop", []() { + moveRuleToTop(&g_cacheInsertedRespRuleActions); + }); + + luaCtx.writeFunction("mvCacheInsertedResponseRule", [](unsigned int from, unsigned int to) { + mvRule(&g_cacheInsertedRespRuleActions, from, to); + }); + + luaCtx.writeFunction("showSelfAnsweredResponseRules", [](boost::optional<ruleparams_t> vars) { + showRules(&g_selfansweredrespruleactions, vars); + }); + + luaCtx.writeFunction("rmSelfAnsweredResponseRule", [](boost::variant<unsigned int, std::string> id) { + rmRule(&g_selfansweredrespruleactions, id); + }); + + luaCtx.writeFunction("mvSelfAnsweredResponseRuleToTop", []() { + moveRuleToTop(&g_selfansweredrespruleactions); + }); + + luaCtx.writeFunction("mvSelfAnsweredResponseRule", [](unsigned int from, unsigned int to) { + mvRule(&g_selfansweredrespruleactions, from, to); + }); + + luaCtx.writeFunction("rmRule", [](boost::variant<unsigned int, std::string> id) { + rmRule(&g_ruleactions, id); + }); + + luaCtx.writeFunction("mvRuleToTop", []() { + moveRuleToTop(&g_ruleactions); + }); + + luaCtx.writeFunction("mvRule", [](unsigned int from, unsigned int to) { + mvRule(&g_ruleactions, from, to); + }); + + luaCtx.writeFunction("clearRules", []() { + setLuaSideEffect(); + g_ruleactions.modify([](decltype(g_ruleactions)::value_type& ruleactions) { + ruleactions.clear(); + }); + }); + + luaCtx.writeFunction("setRules", [](const LuaArray<std::shared_ptr<DNSDistRuleAction>>& newruleactions) { + setLuaSideEffect(); + g_ruleactions.modify([newruleactions](decltype(g_ruleactions)::value_type& gruleactions) { + gruleactions.clear(); + for (const auto& pair : newruleactions) { + const auto& newruleaction = pair.second; + if (newruleaction->d_action) { + auto rule = makeRule(newruleaction->d_rule); + gruleactions.push_back({std::move(rule), newruleaction->d_action, newruleaction->d_name, newruleaction->d_id, newruleaction->d_creationOrder}); + } + } + }); + }); + + luaCtx.writeFunction("getTopRules", [](boost::optional<unsigned int> top) { + setLuaNoSideEffect(); + auto rules = g_ruleactions.getLocal(); + return getTopRules(*rules, (top ? *top : 10)); + }); + + luaCtx.writeFunction("topRules", [](boost::optional<unsigned int> top, boost::optional<ruleparams_t> vars) { + setLuaNoSideEffect(); + auto rules = g_ruleactions.getLocal(); + return rulesToString(getTopRules(*rules, (top ? *top : 10)), vars); + }); + + luaCtx.writeFunction("getTopCacheHitResponseRules", [](boost::optional<unsigned int> top) { + setLuaNoSideEffect(); + auto rules = g_cachehitrespruleactions.getLocal(); + return getTopRules(*rules, (top ? *top : 10)); + }); + + luaCtx.writeFunction("topCacheHitResponseRules", [](boost::optional<unsigned int> top, boost::optional<ruleparams_t> vars) { + setLuaNoSideEffect(); + auto rules = g_cachehitrespruleactions.getLocal(); + return rulesToString(getTopRules(*rules, (top ? *top : 10)), vars); + }); + + luaCtx.writeFunction("getTopCacheInsertedResponseRules", [](boost::optional<unsigned int> top) { + setLuaNoSideEffect(); + auto rules = g_cacheInsertedRespRuleActions.getLocal(); + return getTopRules(*rules, (top ? *top : 10)); + }); + + luaCtx.writeFunction("topCacheInsertedResponseRules", [](boost::optional<unsigned int> top, boost::optional<ruleparams_t> vars) { + setLuaNoSideEffect(); + auto rules = g_cacheInsertedRespRuleActions.getLocal(); + return rulesToString(getTopRules(*rules, (top ? *top : 10)), vars); + }); + + luaCtx.writeFunction("getTopResponseRules", [](boost::optional<unsigned int> top) { + setLuaNoSideEffect(); + auto rules = g_respruleactions.getLocal(); + return getTopRules(*rules, (top ? *top : 10)); + }); + + luaCtx.writeFunction("topResponseRules", [](boost::optional<unsigned int> top, boost::optional<ruleparams_t> vars) { + setLuaNoSideEffect(); + auto rules = g_respruleactions.getLocal(); + return rulesToString(getTopRules(*rules, (top ? *top : 10)), vars); + }); + + luaCtx.writeFunction("getTopSelfAnsweredResponseRules", [](boost::optional<unsigned int> top) { + setLuaNoSideEffect(); + auto rules = g_selfansweredrespruleactions.getLocal(); + return getTopRules(*rules, (top ? *top : 10)); + }); + + luaCtx.writeFunction("topSelfAnsweredResponseRules", [](boost::optional<unsigned int> top, boost::optional<ruleparams_t> vars) { + setLuaNoSideEffect(); + auto rules = g_selfansweredrespruleactions.getLocal(); + return rulesToString(getTopRules(*rules, (top ? *top : 10)), vars); + }); + + luaCtx.writeFunction("MaxQPSIPRule", [](unsigned int qps, boost::optional<unsigned int> ipv4trunc, boost::optional<unsigned int> ipv6trunc, boost::optional<unsigned int> burst, boost::optional<unsigned int> expiration, boost::optional<unsigned int> cleanupDelay, boost::optional<unsigned int> scanFraction, boost::optional<unsigned int> shards) { + return std::shared_ptr<DNSRule>(new MaxQPSIPRule(qps, (burst ? *burst : qps), (ipv4trunc ? *ipv4trunc : 32), (ipv6trunc ? *ipv6trunc : 64), (expiration ? *expiration : 300), (cleanupDelay ? *cleanupDelay : 60), (scanFraction ? *scanFraction : 10), (shards ? *shards : 10))); + }); + + luaCtx.writeFunction("MaxQPSRule", [](unsigned int qps, boost::optional<unsigned int> burst) { + if(!burst) + return std::shared_ptr<DNSRule>(new MaxQPSRule(qps)); + else + return std::shared_ptr<DNSRule>(new MaxQPSRule(qps, *burst)); + }); + + luaCtx.writeFunction("RegexRule", [](const std::string& str) { + return std::shared_ptr<DNSRule>(new RegexRule(str)); + }); + +#ifdef HAVE_DNS_OVER_HTTPS + luaCtx.writeFunction("HTTPHeaderRule", [](const std::string& header, const std::string& regex) { + return std::shared_ptr<DNSRule>(new HTTPHeaderRule(header, regex)); + }); + luaCtx.writeFunction("HTTPPathRule", [](const std::string& path) { + return std::shared_ptr<DNSRule>(new HTTPPathRule(path)); + }); + luaCtx.writeFunction("HTTPPathRegexRule", [](const std::string& regex) { + return std::shared_ptr<DNSRule>(new HTTPPathRegexRule(regex)); + }); +#endif + +#ifdef HAVE_RE2 + luaCtx.writeFunction("RE2Rule", [](const std::string& str) { + return std::shared_ptr<DNSRule>(new RE2Rule(str)); + }); +#endif + + luaCtx.writeFunction("SNIRule", [](const std::string& name) { + return std::shared_ptr<DNSRule>(new SNIRule(name)); + }); + + luaCtx.writeFunction("SuffixMatchNodeRule", [](const SuffixMatchNode& smn, boost::optional<bool> quiet) { + return std::shared_ptr<DNSRule>(new SuffixMatchNodeRule(smn, quiet ? *quiet : false)); + }); + + luaCtx.writeFunction("NetmaskGroupRule", [](const NetmaskGroup& nmg, boost::optional<bool> src, boost::optional<bool> quiet) { + return std::shared_ptr<DNSRule>(new NetmaskGroupRule(nmg, src ? *src : true, quiet ? *quiet : false)); + }); + + luaCtx.writeFunction("benchRule", [](std::shared_ptr<DNSRule> rule, boost::optional<unsigned int> times_, boost::optional<string> suffix_) { + setLuaNoSideEffect(); + unsigned int times = times_ ? *times_ : 100000; + DNSName suffix(suffix_ ? *suffix_ : "powerdns.com"); + struct item { + PacketBuffer packet; + InternalQueryState ids; + }; + vector<item> items; + items.reserve(1000); + for (int n = 0; n < 1000; ++n) { + struct item i; + i.ids.qname = DNSName(std::to_string(random())); + i.ids.qname += suffix; + i.ids.qtype = random() % 0xff; + i.ids.qclass = QClass::IN; + i.ids.protocol = dnsdist::Protocol::DoUDP; + i.ids.origRemote = ComboAddress("127.0.0.1"); + i.ids.origRemote.sin4.sin_addr.s_addr = random(); + i.ids.queryRealTime.start(); + GenericDNSPacketWriter<PacketBuffer> pw(i.packet, i.ids.qname, i.ids.qtype); + items.push_back(std::move(i)); + } + + int matches = 0; + ComboAddress dummy("127.0.0.1"); + StopWatch sw; + sw.start(); + for (unsigned int n = 0; n < times; ++n) { + item& i = items[n % items.size()]; + DNSQuestion dq(i.ids, i.packet); + + if (rule->matches(&dq)) { + matches++; + } + } + double udiff = sw.udiff(); + g_outputBuffer=(boost::format("Had %d matches out of %d, %.1f qps, in %.1f usec\n") % matches % times % (1000000*(1.0*times/udiff)) % udiff).str(); + + }); + + luaCtx.writeFunction("AllRule", []() { + return std::shared_ptr<DNSRule>(new AllRule()); + }); + + luaCtx.writeFunction("ProbaRule", [](double proba) { + return std::shared_ptr<DNSRule>(new ProbaRule(proba)); + }); + + luaCtx.writeFunction("QNameRule", [](const std::string& qname) { + return std::shared_ptr<DNSRule>(new QNameRule(DNSName(qname))); + }); + + luaCtx.writeFunction("QTypeRule", [](boost::variant<unsigned int, std::string> str) { + uint16_t qtype; + if (auto dir = boost::get<unsigned int>(&str)) { + qtype = *dir; + } + else { + string val = boost::get<string>(str); + qtype = QType::chartocode(val.c_str()); + if (!qtype) { + throw std::runtime_error("Unable to convert '"+val+"' to a DNS type"); + } + } + return std::shared_ptr<DNSRule>(new QTypeRule(qtype)); + }); + + luaCtx.writeFunction("QClassRule", [](uint64_t c) { + checkParameterBound("QClassRule", c, std::numeric_limits<uint16_t>::max()); + return std::shared_ptr<DNSRule>(new QClassRule(c)); + }); + + luaCtx.writeFunction("OpcodeRule", [](uint64_t code) { + checkParameterBound("OpcodeRule", code, std::numeric_limits<uint8_t>::max()); + return std::shared_ptr<DNSRule>(new OpcodeRule(code)); + }); + + luaCtx.writeFunction("AndRule", [](const LuaArray<std::shared_ptr<DNSRule>>& a) { + return std::shared_ptr<DNSRule>(new AndRule(a)); + }); + + luaCtx.writeFunction("OrRule", [](const LuaArray<std::shared_ptr<DNSRule>>& a) { + return std::shared_ptr<DNSRule>(new OrRule(a)); + }); + + luaCtx.writeFunction("DSTPortRule", [](uint64_t port) { + checkParameterBound("DSTPortRule", port, std::numeric_limits<uint16_t>::max()); + return std::shared_ptr<DNSRule>(new DSTPortRule(port)); + }); + + luaCtx.writeFunction("TCPRule", [](bool tcp) { + return std::shared_ptr<DNSRule>(new TCPRule(tcp)); + }); + + luaCtx.writeFunction("DNSSECRule", []() { + return std::shared_ptr<DNSRule>(new DNSSECRule()); + }); + + luaCtx.writeFunction("NotRule", [](const std::shared_ptr<DNSRule>& rule) { + return std::shared_ptr<DNSRule>(new NotRule(rule)); + }); + + luaCtx.writeFunction("RecordsCountRule", [](uint64_t section, uint64_t minCount, uint64_t maxCount) { + checkParameterBound("RecordsCountRule", section, std::numeric_limits<uint8_t>::max()); + checkParameterBound("RecordsCountRule", minCount, std::numeric_limits<uint16_t>::max()); + checkParameterBound("RecordsCountRule", maxCount, std::numeric_limits<uint16_t>::max()); + return std::shared_ptr<DNSRule>(new RecordsCountRule(section, minCount, maxCount)); + }); + + luaCtx.writeFunction("RecordsTypeCountRule", [](uint64_t section, uint64_t type, uint64_t minCount, uint64_t maxCount) { + checkParameterBound("RecordsTypeCountRule", section, std::numeric_limits<uint8_t>::max()); + checkParameterBound("RecordsTypeCountRule", type, std::numeric_limits<uint16_t>::max()); + checkParameterBound("RecordsTypeCountRule", minCount, std::numeric_limits<uint16_t>::max()); + checkParameterBound("RecordsTypeCountRule", maxCount, std::numeric_limits<uint16_t>::max()); + return std::shared_ptr<DNSRule>(new RecordsTypeCountRule(section, type, minCount, maxCount)); + }); + + luaCtx.writeFunction("TrailingDataRule", []() { + return std::shared_ptr<DNSRule>(new TrailingDataRule()); + }); + + luaCtx.writeFunction("QNameLabelsCountRule", [](uint64_t minLabelsCount, uint64_t maxLabelsCount) { + checkParameterBound("QNameLabelsCountRule", minLabelsCount, std::numeric_limits<unsigned int>::max()); + checkParameterBound("QNameLabelsCountRule", maxLabelsCount, std::numeric_limits<unsigned int>::max()); + return std::shared_ptr<DNSRule>(new QNameLabelsCountRule(minLabelsCount, maxLabelsCount)); + }); + + luaCtx.writeFunction("QNameWireLengthRule", [](uint64_t min, uint64_t max) { + return std::shared_ptr<DNSRule>(new QNameWireLengthRule(min, max)); + }); + + luaCtx.writeFunction("RCodeRule", [](uint64_t rcode) { + checkParameterBound("RCodeRule", rcode, std::numeric_limits<uint8_t>::max()); + return std::shared_ptr<DNSRule>(new RCodeRule(rcode)); + }); + + luaCtx.writeFunction("ERCodeRule", [](uint64_t rcode) { + checkParameterBound("ERCodeRule", rcode, std::numeric_limits<uint8_t>::max()); + return std::shared_ptr<DNSRule>(new ERCodeRule(rcode)); + }); + + luaCtx.writeFunction("EDNSVersionRule", [](uint64_t version) { + checkParameterBound("EDNSVersionRule", version, std::numeric_limits<uint8_t>::max()); + return std::shared_ptr<DNSRule>(new EDNSVersionRule(version)); + }); + + luaCtx.writeFunction("EDNSOptionRule", [](uint64_t optcode) { + checkParameterBound("EDNSOptionRule", optcode, std::numeric_limits<uint16_t>::max()); + return std::shared_ptr<DNSRule>(new EDNSOptionRule(optcode)); + }); + + luaCtx.writeFunction("showRules", [](boost::optional<ruleparams_t> vars) { + showRules(&g_ruleactions, vars); + }); + + luaCtx.writeFunction("RDRule", []() { + return std::shared_ptr<DNSRule>(new RDRule()); + }); + + luaCtx.writeFunction("TagRule", [](const std::string& tag, boost::optional<std::string> value) { + return std::shared_ptr<DNSRule>(new TagRule(tag, value)); + }); + + luaCtx.writeFunction("TimedIPSetRule", []() { + return std::shared_ptr<TimedIPSetRule>(new TimedIPSetRule()); + }); + + luaCtx.writeFunction("PoolAvailableRule", [](const std::string& poolname) { + return std::shared_ptr<DNSRule>(new PoolAvailableRule(poolname)); + }); + + luaCtx.writeFunction("PoolOutstandingRule", [](const std::string& poolname, uint64_t limit) { + return std::shared_ptr<DNSRule>(new PoolOutstandingRule(poolname, limit)); + }); + + luaCtx.registerFunction<void(std::shared_ptr<TimedIPSetRule>::*)()>("clear", [](std::shared_ptr<TimedIPSetRule> tisr) { + tisr->clear(); + }); + + luaCtx.registerFunction<void(std::shared_ptr<TimedIPSetRule>::*)()>("cleanup", [](std::shared_ptr<TimedIPSetRule> tisr) { + tisr->cleanup(); + }); + + luaCtx.registerFunction<void(std::shared_ptr<TimedIPSetRule>::*)(const ComboAddress& ca, int t)>("add", [](std::shared_ptr<TimedIPSetRule> tisr, const ComboAddress& ca, int t) { + tisr->add(ca, time(0)+t); + }); + + luaCtx.registerFunction<std::shared_ptr<DNSRule>(std::shared_ptr<TimedIPSetRule>::*)()>("slice", [](std::shared_ptr<TimedIPSetRule> tisr) { + return std::dynamic_pointer_cast<DNSRule>(tisr); + }); + luaCtx.registerFunction<void(std::shared_ptr<TimedIPSetRule>::*)()>("__tostring", [](std::shared_ptr<TimedIPSetRule> tisr) { + tisr->toString(); + }); + + luaCtx.writeFunction("QNameSetRule", [](const DNSNameSet& names) { + return std::shared_ptr<DNSRule>(new QNameSetRule(names)); + }); + +#if defined(HAVE_LMDB) || defined(HAVE_CDB) + luaCtx.writeFunction("KeyValueStoreLookupRule", [](std::shared_ptr<KeyValueStore>& kvs, std::shared_ptr<KeyValueLookupKey>& lookupKey) { + return std::shared_ptr<DNSRule>(new KeyValueStoreLookupRule(kvs, lookupKey)); + }); + + luaCtx.writeFunction("KeyValueStoreRangeLookupRule", [](std::shared_ptr<KeyValueStore>& kvs, std::shared_ptr<KeyValueLookupKey>& lookupKey) { + return std::shared_ptr<DNSRule>(new KeyValueStoreRangeLookupRule(kvs, lookupKey)); + }); +#endif /* defined(HAVE_LMDB) || defined(HAVE_CDB) */ + + luaCtx.writeFunction("LuaRule", [](LuaRule::func_t func) { + return std::shared_ptr<DNSRule>(new LuaRule(func)); + }); + + luaCtx.writeFunction("LuaFFIRule", [](LuaFFIRule::func_t func) { + return std::shared_ptr<DNSRule>(new LuaFFIRule(func)); + }); + + luaCtx.writeFunction("LuaFFIPerThreadRule", [](const std::string& code) { + return std::shared_ptr<DNSRule>(new LuaFFIPerThreadRule(code)); + }); + + luaCtx.writeFunction("ProxyProtocolValueRule", [](uint8_t type, boost::optional<std::string> value) { + return std::shared_ptr<DNSRule>(new ProxyProtocolValueRule(type, value)); + }); +} |