[dnsdist] dynblock rules AND
remi.gacogne at powerdns.com
Tue Jun 11 13:11:50 UTC 2019
On 6/5/19 7:12 PM, Nico wrote:
> Quick question about that. Couldn't find a way to print the contents of
> a TimedIPSetRule.
> print( tb:slice():toString() ) only prints the number of addresses in
> the set.
Right, I'm afraid we don't currently offer any option to print the
content of the rule. toString() is used when the list of rules is
displayed in the console, the webserver, or returned to the API so we
don't want what could become a huge output there.
It wouldn't be hard to implement a new method to dump the content of the
rule, though, so please open a feature request on github if you care
> On Mon, Jun 3, 2019 at 10:02 AM Remi Gacogne <remi.gacogne at powerdns.com
> <mailto:remi.gacogne at powerdns.com>> wrote:
> Hi Nico,
> On 6/1/19 5:39 AM, Nico wrote:
> > Hi!
> > Small question about dynamic block rules
> > there is no AND for rate limiting rules ?
> > its always OR
> > local dbr = dynBlockRulesGroup()
> > dbr:setQTypeRate(dnsdist.ANY, 5, 10, "Exceeded ANY rate", 60)
> > dbr:setResponseByteRate(10000, 10, "Exceeded resp BW rate", 60)
> > If I want to limit TXT byte rate for example....
> There is indeed no way to combine rules for the dynamic blocking
> feature. You should be able to do the kind of rate-limiting you have in
> mind with regular rules, though.
> Best regards,
> Remi Gacogne
> PowerDNS.COM BV - https://www.powerdns.com/
> dnsdist mailing list
> dnsdist at mailman.powerdns.com <mailto:dnsdist at mailman.powerdns.com>
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the dnsdist