[dnsdist] ComboAddress truncate function?
Brian Sullivan
brian.sullivan at lookout.com
Wed Aug 28 16:35:36 UTC 2019
I figured it out ... the following works fine. Maybe the dq object is
readonly?
*-- Any traffic that exeeds max qps will be loggedfunction
rateLimitRule(dq) local ca = dq.remoteaddr ca:truncate(24) errlog("Rate
Limit Exceeded: DNSDistRateLimiting "..ca:toString()) return
DNSAction.None, ""end*
Regards,
brian
On Wed, Aug 28, 2019 at 11:35 AM Brian Sullivan <brian.sullivan at lookout.com>
wrote:
> Hi All,
>
> I am trying to use the truncate function associated with the CombAddress
> object.
>
> Here is the config:
>
>
>
>
>
>
> *-- Any traffic that exceeds max qps will be loggedfunction
> rateLimitRule(dq) dq.remoteaddr:truncate(24) errlog("Rate Limit Exceeded:
> DNSDistRateLimiting "..dq.remoteaddr:toString()) return DNSAction.None,
> ""endaddAction(MaxQPSIPRule(10, 24, 48), LuaAction(rateLimitRule))*
>
> Unfortunately I see the following output:
>
>
> *dnsdist[882]: Rate Limit Exceeded: DNSDistRateLimiting 10.51.13.64*
>
> I know this must work so I must be doing something wrong.
>
> Regards,
> brian
> --
>
>
>
> Brian M. Sullivan
> Senior Staff Security Intelligence Engineer
> bsullivan at lookout.com | www.lookout.com
>
--
Brian M. Sullivan
Senior Staff Security Intelligence Engineer
bsullivan at lookout.com | www.lookout.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190828/25a843b1/attachment.htm>
More information about the dnsdist
mailing list