eBPF functions and objects

These are all the functions, objects and methods related to the eBPF Socket Filtering.

addBPFFilterDynBlocks(addresses, dynbpf[[, seconds=10], msg])

Changed in version 1.3.0: msg optional parameter added.

This is the eBPF equivalent of addDynBlocks(), blocking a set of addresses for (optionally) a number of seconds, using an eBPF dynamic filter. The default number of seconds to block for is 10.

Parameters:
  • addresses – set of Addresses as returned by an exceed function
  • dynbpf (DynBPFFilter) – The dynamic eBPF filter to use
  • seconds (int) – The number of seconds this block to expire
  • msg (str) – A message to display while inserting the block
newBPFFilter(maxV4, maxV6, maxQNames) → BPFFilter

Return a new eBPF socket filter with a maximum of maxV4 IPv4, maxV6 IPv6 and maxQNames qname entries in the block table.

Parameters:
  • maxV4 (int) – Maximum number of IPv4 entries in this filter
  • maxV6 (int) – Maximum number of IPv6 entries in this filter
  • maxQNames (int) – Maximum number of QName entries in this filter
newDynBPFFilter(bpf) → DynBPFFilter

Return a new dynamic eBPF filter associated to a given BPF Filter.

Parameters:bpf (BPFFilter) – The underlying eBPF filter
setDefaultBPFFilter(filter)

When used at configuration time, the corresponding BPFFilter will be attached to every bind.

Parameters:filter (BPFFilter) – The filter to attach
registerDynBPFFilter(dynbpf)
Register a DynBPFFilter filter so that it appears in the web interface and the API.
Parameters:dynbpf (DynBPFFilter) – The dynamic eBPF filter to register
unregisterDynBPFFilter(dynbpf)
Remove a DynBPFFilter filter from the web interface and the API.
Parameters:dynbpf (DynBPFFilter) – The dynamic eBPF filter to unregister
class BPFFilter

Represents an eBPF filter

:attachToAllBinds()

Attach this filter to every bind already defined. This is the run-time equivalent of setDefaultBPFFilter()

:block(address)

Block this address

Parameters:address (ComboAddress) – The address to block
:blockQName(name[, qtype=255])

Block queries for this exact qname. An optional qtype can be used, defaults to 255.

Parameters:
  • name (DNSName) – The name to block
  • qtype (int) – QType to block
:getStats()

Print the block tables.

:purgeExpired()

Remove the expired ephemeral rules associated with this filter.

:unblock(address)

Unblock this address.

Parameters:address (ComboAddress) – The address to unblock
:unblockQName(name[, qtype=255])

Remove this qname from the block list.

Parameters:
  • name (DNSName) – the name to unblock
  • qtype (int) – The qtype to unblock
class DynBPFFilter

Represents an dynamic eBPF filter, allowing the use of ephemeral rules to an existing eBPF filter.