[dnsdist] print the ip address that match a Packet Actions
antoine blin
antoine.blin at gandi.net
Fri Oct 1 08:06:53 UTC 2021
Hi Remi
Thank you for your TIP. It works.
Antoine
On 28/09/2021 11:27, Remi Gacogne via dnsdist wrote:
> Hi Antoine,
>
> On 9/27/21 14:00, antoine blin via dnsdist wrote:
>> I'm using the rule : "addAction(MaxQPSIPRule(5), DropAction())" and
>> I'm wondering if it is possible to see, through the console API or
>> other API, the list of subnet in which rate limit rule is applied.
>
> Not directly, I'm afraid, but you could work something out by setting
> a tag when that rule matches, then trigger a LogAction [1] and finally
> a DropAction when the tag is set. Something like (untested, but you
> should get the idea):
>
> addAction(MaxQPSIPRule(5), SetTagAction("max-qpsip-rule", "match"))
> addAction(TagRule("max-qpsip-rule", "match"),
> LogAction('/path/to/dnsdist.log'))
> addAction(TagRule("max-qpsip-rule", "match"), DropAction())
>
> Note that this works because LogAction does not stop the processing of
> subsequent rules, as most actions do.
>
> [1]: https://dnsdist.org/rules-actions.html#LogAction
>
> Best regards
>
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20211001/e9063747/attachment.htm>
More information about the dnsdist
mailing list