This file implements the ipset module. More...
#include "config.h"#include "ipset/ipset.h"#include "util/regional.h"#include "util/net_help.h"#include "util/config_file.h"#include "services/cache/dns.h"#include "sldns/sbuffer.h"#include "sldns/wire2str.h"#include "sldns/parseutil.h"#include <libmnl/libmnl.h>#include <linux/netfilter/nfnetlink.h>#include <linux/netfilter/ipset/ip_set.h>Macros | |
| #define | BUFF_LEN 256 |
Functions | |
| static int | error_response (struct module_qstate *qstate, int id, int rcode) |
| Return an error. More... | |
| static struct mnl_socket * | open_mnl_socket () |
| static int | add_to_ipset (struct mnl_socket *mnl, const char *setname, const void *ipaddr, int af) |
| static void | ipset_add_rrset_data (struct ipset_env *ie, struct mnl_socket *mnl, struct packed_rrset_data *d, const char *setname, int af, const char *dname) |
| static int | ipset_check_zones_for_rrset (struct module_env *env, struct ipset_env *ie, struct mnl_socket *mnl, struct ub_packed_rrset_key *rrset, const char *qname, const int qlen, const char *setname, int af) |
| static int | ipset_update (struct module_env *env, struct dns_msg *return_msg, struct query_info qinfo, struct ipset_env *ie) |
| int | ipset_init (struct module_env *env, int id) |
| Init the ipset module. | |
| void | ipset_deinit (struct module_env *env, int id) |
| Deinit the ipset module. | |
| static int | ipset_new (struct module_qstate *qstate, int id) |
| void | ipset_operate (struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound) |
| Operate on an event on a query (in qstate). | |
| void | ipset_inform_super (struct module_qstate *ATTR_UNUSED(qstate), int ATTR_UNUSED(id), struct module_qstate *ATTR_UNUSED(super)) |
| void | ipset_clear (struct module_qstate *qstate, int id) |
| clear the ipset query-specific contents out of qstate | |
| size_t | ipset_get_mem (struct module_env *env, int id) |
| return memory estimate for ipset module | |
| struct module_func_block * | ipset_get_funcblock (void) |
| Get the function block with pointers to the ipset functions. More... | |
Variables | |
| static struct module_func_block | ipset_block |
| The ipset function block. More... | |
This file implements the ipset module.
It can handle packets by putting the A and AAAA addresses that are configured in unbound.conf as type ipset (local-zone statements) into a firewall rule IPSet. For firewall blacklist and whitelist usage.
|
static |
Return an error.
| qstate | our query state |
| id | module id |
| rcode | error code (DNS errcode). |
References module_qstate::ext_state, module_finished, module_qstate::return_msg, module_qstate::return_rcode, sldns_lookup_by_id(), sldns_rcodes, VERB_QUERY, and verbose().
| struct module_func_block* ipset_get_funcblock | ( | void | ) |
Get the function block with pointers to the ipset functions.
References ipset_block.
Referenced by module_funcs_avail().
|
static |
The ipset function block.
Referenced by ipset_get_funcblock().