eBPF functions and objects

These are all the functions, objects and methods related to the eBPF Socket Filtering.

addBPFFilterDynBlocks(addresses, dynbpf[[, seconds=10], msg])

Changed in version 1.3.0: msg optional parameter added.

This is the eBPF equivalent of addDynBlocks(), blocking a set of addresses for (optionally) a number of seconds, using an eBPF dynamic filter. The default number of seconds to block for is 10.

Parameters:
  • addresses – set of Addresses as returned by an exceed function
  • dynbpf (DynBPFFilter) – The dynamic eBPF filter to use
  • seconds (int) – The number of seconds this block to expire
  • msg (str) – A message to display while inserting the block
newBPFFilter(maxV4, maxV6, maxQNames) → BPFFilter

Return a new eBPF socket filter with a maximum of maxV4 IPv4, maxV6 IPv6 and maxQNames qname entries in the block table.

Parameters:
  • maxV4 (int) – Maximum number of IPv4 entries in this filter
  • maxV6 (int) – Maximum number of IPv6 entries in this filter
  • maxQNames (int) – Maximum number of QName entries in this filter
newDynBPFFilter(bpf) → DynBPFFilter

Return a new dynamic eBPF filter associated to a given BPF Filter.

Parameters:bpf (BPFFilter) – The underlying eBPF filter
setDefaultBPFFilter(filter)

When used at configuration time, the corresponding BPFFilter will be attached to every bind.

Parameters:filter (BPFFilter) – The filter to attach
registerDynBPFFilter(dynbpf)
Register a DynBPFFilter filter so that it appears in the web interface and the API.
Parameters:dynbpf (DynBPFFilter) – The dynamic eBPF filter to register
unregisterDynBPFFilter(dynbpf)
Remove a DynBPFFilter filter from the web interface and the API.
Parameters:dynbpf (DynBPFFilter) – The dynamic eBPF filter to unregister
class BPFFilter

Represents an eBPF filter

:attachToAllBinds()

Attach this filter to every bind already defined. This is the run-time equivalent of setDefaultBPFFilter()

:block(address)

Block this address

Parameters:address (ComboAddress) – The address to block
:blockQName(name[, qtype=255])

Block queries for this exact qname. An optional qtype can be used, defaults to 255.

Parameters:
  • name (DNSName) – The name to block
  • qtype (int) – QType to block
:getStats()

Print the block tables.

:unblock(address)

Unblock this address.

Parameters:address (ComboAddress) – The address to unblock
:unblockQName(name[, qtype=255])

Remove this qname from the block list.

Parameters:
  • name (DNSName) – the name to unblock
  • qtype (int) – The qtype to unblock
class DynBPFFilter

Represents an dynamic eBPF filter, allowing the use of ephemeral rules to an existing eBPF filter.

:purgeExpired()

Remove the expired ephemeral rules associated with this filter.

:excludeRange(netmasks)

New in version 1.3.3.

Exclude this range, or list of ranges, meaning that no dynamic block will ever be inserted for clients in that range. Default to empty, meaning rules are applied to all ranges. When used in combination with DynBPFFilter:includeRange(), the more specific entry wins.

Parameters:netmasks (int) – A netmask, or list of netmasks, as strings, like for example “192.0.2.1/24”
:includeRange(netmasks)

New in version 1.3.3.

Include this range, or list of ranges, meaning that rules will be applied to this range. When used in combination with DynBPFFilter:excludeRange(), the more specific entry wins.

Parameters:netmasks (int) – A netmask, or list of netmasks, as strings, like for example “192.0.2.1/24”