dnsdist: DSTPortRule #6813
dnsdist: DSTPortRule #6813
Conversation
Thanks a lot for this pull request! Code looks good, would you mind adding the new rule to |
} | ||
private: | ||
uint16_t d_port; | ||
uint16_t d_port_htons; |
rgacogne
Jul 30, 2018
Member
Given how cheap htons()
is, keeping the two values here feels a bit wrong.
Given how cheap htons()
is, keeping the two values here feels a bit wrong.
I felt like the rule should match the entire local address, not just the port... and/or match the object returned from addLocal() (if it does return something) |
Unless I'm mistaken, you can already use |
Yeah, but somehow it's weird that you cannot do both things with one matcher. I'd kinda expect something like this: LocalRule("*:443") |
@zeha while I don't disagree with one potentially being nice - the already existing combo of using a NetmaskGroupRule for that purpose seems just as easy to combine into whatever you want and might provide more re-use for some people. FWIW we use NMGs to shove a number of destination addresses into a single group, so re-using that group for any port matching we do would still be nice for us. The semantics of something like
|
} | ||
private: | ||
uint16_t d_port; | ||
uint16_t d_port_htons; |
rgacogne
Aug 2, 2018
Member
You removed the code using this member, but somehow forgot to remove the member itself ;-)
You removed the code using this member, but somehow forgot to remove the member itself ;-)
Unless someone is really motivated to work on the more advanced |
Agreed |
Short description
Allows matching based on the destination port of the question. This allows one to apply more powerful rules to ports bound for DoT for instance.
Checklist
I have: