The DNSQuestion (`dq`) object¶

A DNSQuestion or dq object is available in several hooks and Lua actions. This object contains details about the current state of the question. This state can be modified from the various hooks.

class DNSQuestion¶

The DNSQuestion object has several attributes, many of them read-only:

dh¶: The DNSHeader (dh) object of this query.

ecsOverride¶: Whether an existing ECS value should be overridden, settable.

ecsPrefixLength¶: The ECS prefix length to use, settable.

len¶: The length of the data starting at DNSQuestion.dh, including any trailing bytes following the DNS message.

localaddr¶: ComboAddress of the local bind this question was received on.

opcode¶: Integer describing the OPCODE of the packet. Can be matched against OPCode.

qclass¶: QClass (as an unsigned integer) of this question. Can be compared against DNSClass.

qname¶: DNSName of this question.

qtype¶: QType (as an unsigned integer) of this question. Can be compared against the pre-defined constants like DNSQType.A, DNSQType.AAAA``.

remoteaddr¶: ComboAddress of the remote client.

rcode¶: RCode (as an unsigned integer) of this question. Can be compared against RCode

size¶: The total size of the buffer starting at DNSQuestion.dh.

skipCache¶: Whether to skip cache lookup / storing the answer for this question, settable.

tcp¶: Whether the query was received over TCP.

useECS¶: Whether to send ECS to the backend, settable.

It also supports the following methods:

:getDO() → bool¶

New in version 1.2.0.

Get the value of the DNSSEC OK bit.

Returns:	true if the DO bit was set, false otherwise

:getEDNSOptions() → table¶

New in version 1.3.3.

Return the list of EDNS Options, if any.

Returns:	A table of EDNSOptionView objects, indexed on the ECS Option code

:getServerNameIndication() → string¶

New in version 1.4.0.

Return the TLS Server Name Indication (SNI) value sent by the client over DoT or DoH, if any. See SNIRule() for more information, especially about the availability of SNI over DoH.

Returns:	A string containing the TLS SNI value, if any

:getTag(key) → string¶

New in version 1.2.0.

Get the value of a tag stored into the DNSQuestion object.

Parameters:	key (string) – The tag’s key
Returns:	The tag’s value if it was set, an empty string otherwise

:getTagArray() → table¶

New in version 1.2.0.

Get all the tags stored into the DNSQuestion object.

Returns:	A table of tags, using strings as keys and values

:getTrailingData() → string¶

New in version 1.4.0.

Get all data following the DNS message.

Returns:	The trailing data as a null-safe string

:sendTrap(reason)¶

New in version 1.2.0.

Send an SNMP trap.

Parameters:	reason (string) – An optional string describing the reason why this trap was sent

:setTag(key, value)¶

New in version 1.2.0.

Set a tag into the DNSQuestion object.

Parameters:	key (string) – The tag’s key value (string) – The tag’s value

:setTagArray(tags)¶

New in version 1.2.0.

Set an array of tags into the DNSQuestion object.

Parameters:	tags (table) – A table of tags, using strings as keys and values

:setTrailingData(tail) → bool¶

New in version 1.4.0.

Set the data following the DNS message, overwriting anything already present.

Parameters:	tail (string) – The new data
Returns:	true if the operation succeeded, false otherwise

DNSResponse object¶

class DNSResponse¶

This object has all the functions and members of a DNSQuestion and some more

:editTTLs(func)¶

The function func is invoked for every entry in the answer, authority and additional section.

func points to a function with the following prototype: myFunc(section, qclass, qtype, ttl)

All parameters to func are integers:

section is the section in the packet and can be compared to DNS Packet Sections
qclass is the QClass of the record. Can be compared to DNSClass
qtype is the QType of the record. Can be e.g. compared to DNSQType.A, DNSQType.AAAA constants and the like.
ttl is the current TTL

This function must return an integer with the new TTL. Setting this TTL to 0 to leaves it unchanged

Parameters:	func (string) – The function to call to edit TTLs.

DNSHeader (`dh`) object¶

class DNSHeader¶

This object holds a representation of a DNS packet’s header.

:getRD() → bool¶: Get recursion desired flag.

:setRD(rd)¶

Set recursion desired flag.

Parameters:	rd (bool) – State of the RD flag

:setTC(tc)¶

Set truncation flag (TC).

Parameters:	tc (bool) – State of the TC flag

:setQR(qr)¶

Set Query/Response flag. Setting QR to true means “This is an answer packet”.

Parameters:	qr (bool) – State of the QR flag

:getCD() → bool¶: Get checking disabled flag.

:setCD(cd)¶

Set checking disabled flag.

Parameters:	cd (bool) – State of the CD flag

EDNSOptionView object¶

class EDNSOptionView¶

New in version 1.3.3.

An object that represents the values of a single EDNS option received in a query.

:count()¶: The number of values for this EDNS option.

:getValues()¶: Return a table of NULL-safe strings values for this EDNS option.

The DNSQuestion (`dq`) object¶

DNSResponse object¶

DNSHeader (`dh`) object¶

EDNSOptionView object¶

Table of Contents

Previous topic

Next topic

This Page

The DNSQuestion (dq) object¶

DNSResponse object¶

DNSHeader (dh) object¶

EDNSOptionView object¶

The DNSQuestion (`dq`) object¶

DNSHeader (`dh`) object¶