/pdns

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: support several dynBlockRules of the same type with different actions #6907

Closed
rgacogne opened this Issue Aug 31, 2018 · 0 comments

Comments

Assignees
No one assigned
Labels
dnsdist feature request
Projects
None yet
Milestone
  dnsdist-1.3.x
1 participant
@rgacogne
@rgacogne
Member

rgacogne commented Aug 31, 2018

  • Program: dnsdist
  • Issue type: Feature request

Short description

It would be very useful to be able to insert more than one dynBlockRule of the same type (Query rate, rcode rate, response byte rate...) but with different thresholds and actions.

Usecase

That would allow generating an alert without blocking any query over a certain threshold, while blocking over a different one.

Description

local dbr = dynBlockRulesGroup()
dbr:setQueryRate(50, 10, "Exceeded query rate", 60, DNSAction.NoOp)
dbr:setQueryRate(100, 10, "Exceeded query rate", 60, DNSAction.Drop)

@rgacogne rgacogne added feature request dnsdist labels Aug 31, 2018

@rgacogne rgacogne added this to the dnsdist-1.3.x milestone Aug 31, 2018

@rgacogne rgacogne referenced this issue Sep 25, 2018

Merged

dnsdist: Add warning rates to dynBlockRulesGroup rules #6986

7 of 7 tasks complete

@rgacogne rgacogne closed this in #6986 Oct 17, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment