[dnsdist] ComboAddress truncate function?

Remi Gacogne remi.gacogne at powerdns.com
Wed Aug 28 19:00:00 UTC 2019 

Hi Brian,

On 8/28/19 6:35 PM, Brian Sullivan wrote:
> I figured it out ... the following works fine. Maybe the dq object is
> readonly?

Most parts of dq are indeed read-only, except for those that are
documented as 'settable': https://dnsdist.org/reference/dq.html

Best regards,

Remi

> *-- Any traffic that exeeds max qps will be logged
> function rateLimitRule(dq)
>   local ca = dq.remoteaddr
>   ca:truncate(24)
>   errlog("Rate Limit Exceeded: DNSDistRateLimiting "..ca:toString())
>   return DNSAction.None, ""
> end*
> 
> Regards,
> brian
> 
> On Wed, Aug 28, 2019 at 11:35 AM Brian Sullivan
> <brian.sullivan at lookout.com <mailto:brian.sullivan at lookout.com>> wrote:
> 
>     Hi All,
> 
>     I am trying to use the truncate function associated with the
>     CombAddress object. 
> 
>     Here is the config:
>     *-- Any traffic that exceeds max qps will be logged
>     function rateLimitRule(dq)
>       dq.remoteaddr:truncate(24)
>       errlog("Rate Limit Exceeded: DNSDistRateLimiting
>     "..dq.remoteaddr:toString())
>       return DNSAction.None, ""
>     end
>     addAction(MaxQPSIPRule(10, 24, 48), LuaAction(rateLimitRule))*
> 
>     Unfortunately I see the following output:
> 
>     *dnsdist[882]: Rate Limit Exceeded: DNSDistRateLimiting 10.51.13.64
>     *
>     *
>     *
>     I know this must work so I must be doing something wrong.
> 
>     Regards,
>     brian
>     -- 
> 
>       
> 
>     Brian M. Sullivan
>     Senior Staff Security Intelligence Engineer
>     bsullivan at lookout.com <mailto:bsullivan at lookout.com> |
>      www.lookout.com <http://www.lookout.com>
> 
> 
> 
> -- 
> 
>   
> 
> Brian M. Sullivan
> Senior Staff Security Intelligence Engineer
> bsullivan at lookout.com <mailto:bsullivan at lookout.com> |  www.lookout.com
> <http://www.lookout.com>
> 
> 
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
> 


-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190828/a63314b3/attachment.sig>

More information about the dnsdist mailing list