Netmasks and NetMaskGroups¶

There are two classes in the PowerDNS Recursor that can be used to match IP addresses against.

Netmask class¶

The Netmask class represents an IP netmask.

mask = newNetmask("192.0.2.1/24")
mask:isIPv4() -- true
mask:match("192.0.2.8") -- true

newNetmask(mask) → Netmask¶

Creates a new Netmask.

Parameters:¶

mask : str¶

The mask to convert.

class Netmask¶

Represents a netmask.

Netmask:empty() -> bool

True if the netmask doesn’t contain a valid address.

Netmask:getBits() -> int

The number of bits in the address.

Netmask:getNetwork() -> ComboAddress

Returns a ComboAddress representing the network (no mask applied).

Netmask:getMaskedNetwork() -> ComboAddress

Returns a ComboAddress representing the network (truncating according to the mask).

Netmask:isIpv4() -> bool

Deprecated since version v4.3.0: True if the netmask is an IPv4 netmask.

Netmask:isIPv4() -> bool

Added in version v4.3.0: True if the netmask is an IPv4 netmask.

Netmask:isIpv6() -> bool

Deprecated since version v4.3.0: True if the netmask is an IPv6 netmask.

Netmask:isIPv6() -> bool

Deprecated since version v4.3.0: True if the netmask is an IPv6 netmask.

Netmask:match(address) -> bool

True if the address passed in address matches

Parameters:¶

address : str

IP Address to match against.

Netmask:toString() -> str

Returns a human-friendly representation.

NetMaskGroup class¶

NetMaskGroups are more powerful than plain Netmasks. They can be matched against netmasks objects:

nmg = newNMG()
nmg:addMask("127.0.0.0/8")
nmg:addMasks({"213.244.168.0/24", "130.161.0.0/16"})
nmg:addMasks(dofile("bad-ips.lua")) -- contains return {"ip1","ip2"..}

if nmg:match(dq.remoteaddr) then
  print("Intercepting query from ", dq.remoteaddr)
end

Prefixing a mask with ! excludes that mask from matching.

newNMG([masks]) → NetMaskGroup¶

Changed in version 4.5.0: Added the optional masks parameter.

Returns a new NetMaskGroup. If no masks are passed, the object is empty.

Parameters:¶

masks : {str}¶

The masks to add.

class NetMaskGroup¶

IP addresses are passed to Lua in native format.

NetMaskGroup:addMask(mask)

Adds mask to the NetMaskGroup.

Parameters:¶

mask : str

The mask to add.

NetMaskGroup:addMasks(masks)

Adds masks to the NetMaskGroup.

Parameters:¶

masks : {str}

The masks to add.

NetMaskGroup:match(address) -> bool

Returns true if address matches any of the masks in the group.

Parameters:¶

address : ComboAddress

The IP address to match the netmasks against.