/src/pdns/pdns/dnsdist-dynbpf.hh

Source (jump to first uncovered line)
/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#pragma once
#include "config.h"

#include "bpf-filter.hh"
#include "iputils.hh"

#include <boost/multi_index_container.hpp>
#include <boost/multi_index/ordered_index.hpp>
#include <boost/multi_index/member.hpp>

class DynBPFFilter
{
public:
  DynBPFFilter(std::shared_ptr<BPFFilter>& bpf)
  {
    d_data.lock()->d_bpf = bpf;
  }
  ~DynBPFFilter()
  {
  }
  void excludeRange(const Netmask& range)
  {
    d_data.lock()->d_excludedSubnets.addMask(range);
  }
  void includeRange(const Netmask& range)
  {
    d_data.lock()->d_excludedSubnets.addMask(range, false);
  }
  /* returns true if the addr wasn't already blocked, false otherwise */
  bool block(const ComboAddress& addr, const struct timespec& until);
  void purgeExpired(const struct timespec& now);
  std::vector<std::tuple<ComboAddress, uint64_t, struct timespec> > getAddrStats();
private:
  struct BlockEntry
  {
    BlockEntry(const ComboAddress& addr, const struct timespec until): d_addr(addr), d_until(until)
    {
    }
    ComboAddress d_addr;
    struct timespec d_until;
  };
  typedef boost::multi_index_container<BlockEntry,
                                       boost::multi_index::indexed_by <
                                         boost::multi_index::ordered_unique< boost::multi_index::member<BlockEntry,ComboAddress,&BlockEntry::d_addr>, ComboAddress::addressOnlyLessThan >,
                                         boost::multi_index::ordered_non_unique< boost::multi_index::member<BlockEntry,struct timespec,&BlockEntry::d_until> >
                                         >
                                       > container_t;
  struct Data {
    container_t d_entries;
    std::shared_ptr<BPFFilter> d_bpf{nullptr};
    NetmaskGroup d_excludedSubnets;
  };
  LockGuarded<Data> d_data;
};


Coverage Report

Created: 2023-03-26 07:17

Line	Count	Source (jump to first uncovered line)
1		/*
2		* This file is part of PowerDNS or dnsdist.
3		* Copyright -- PowerDNS.COM B.V. and its contributors
4		*
5		* This program is free software; you can redistribute it and/or modify
6		* it under the terms of version 2 of the GNU General Public License as
7		* published by the Free Software Foundation.
8		*
9		* In addition, for the avoidance of any doubt, permission is granted to
10		* link this program with OpenSSL and to (re)distribute the binaries
11		* produced as the result of such linking.
12		*
13		* This program is distributed in the hope that it will be useful,
14		* but WITHOUT ANY WARRANTY; without even the implied warranty of
15		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16		* GNU General Public License for more details.
17		*
18		* You should have received a copy of the GNU General Public License
19		* along with this program; if not, write to the Free Software
20		* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21		*/
22		#pragma once
23		#include "config.h"
24
25		#include "bpf-filter.hh"
26		#include "iputils.hh"
27
28		#include <boost/multi_index_container.hpp>
29		#include <boost/multi_index/ordered_index.hpp>
30		#include <boost/multi_index/member.hpp>
31
32		class DynBPFFilter
33		{
34		public:
35		DynBPFFilter(std::shared_ptr<BPFFilter>& bpf)
36	0	{
37	0	d_data.lock()->d_bpf = bpf;
38	0	}
39		~DynBPFFilter()
40	0	{
41	0	}
42		void excludeRange(const Netmask& range)
43	0	{
44	0	d_data.lock()->d_excludedSubnets.addMask(range);
45	0	}
46		void includeRange(const Netmask& range)
47	0	{
48	0	d_data.lock()->d_excludedSubnets.addMask(range, false);
49	0	}
50		/* returns true if the addr wasn't already blocked, false otherwise */
51		bool block(const ComboAddress& addr, const struct timespec& until);
52		void purgeExpired(const struct timespec& now);
53		std::vector<std::tuple<ComboAddress, uint64_t, struct timespec> > getAddrStats();
54		private:
55		struct BlockEntry
56		{
57		BlockEntry(const ComboAddress& addr, const struct timespec until): d_addr(addr), d_until(until)
58	0	{
59	0	}
60		ComboAddress d_addr;
61		struct timespec d_until;
62		};
63		typedef boost::multi_index_container<BlockEntry,
64		boost::multi_index::indexed_by <
65		boost::multi_index::ordered_unique< boost::multi_index::member<BlockEntry,ComboAddress,&BlockEntry::d_addr>, ComboAddress::addressOnlyLessThan >,
66		boost::multi_index::ordered_non_unique< boost::multi_index::member<BlockEntry,struct timespec,&BlockEntry::d_until> >
67		>
68		> container_t;
69		struct Data {
70		container_t d_entries;
71		std::shared_ptr<BPFFilter> d_bpf{nullptr};
72		NetmaskGroup d_excludedSubnets;
73		};
74		LockGuarded<Data> d_data;
75		};
76