Netmasks and NetMaskGroups¶

There are two classes in the PowerDNS Recursor that can be used to match IP addresses against.

Netmask class¶

The Netmask class represents an IP netmask.

mask = newNetmask("192.0.2.1/24")
mask:isIPv4() -- true
mask:match("192.0.2.8") -- true

newNetmask(mask): Netmask¶

Creates a new Netmask.

Parameters:¶

mask (str) – The mask to convert.

class Netmask¶

Represents a netmask.

Netmask(): empty(): bool¶

True if the netmask doesn’t contain a valid address.

Netmask(): getBits(): int¶

The number of bits in the address.

Netmask(): getNetwork(): ComboAddress¶

Returns a ComboAddress representing the network (no mask applied).

Netmask(): getMaskedNetwork(): ComboAddress¶

Returns a ComboAddress representing the network (truncating according to the mask).

Netmask(): isIpv4(): bool¶

Deprecated since version 4.3.0: Use isIPv4.

True if the netmask is an IPv4 netmask.

Netmask(): isIPv4(): bool¶

Added in version 4.3.0.

True if the netmask is an IPv4 netmask.

Netmask(): isIpv6(): bool¶

Deprecated since version 4.3.0: Use isIPv6.

True if the netmask is an IPv6 netmask.

Netmask(): isIPv6(): bool¶

Added in version 4.3.0.

True if the netmask is an IPv6 netmask.

Netmask(): match(address): bool¶

True if the address passed in address matches

Parameters:¶

address (str) – IP Address to match against.

Netmask(): toString(): str¶

Returns a human-friendly representation.

NetMaskGroup class¶

NetMaskGroups are more powerful than plain Netmasks. They can be matched against netmasks objects:

nmg = newNMG()
nmg:addMask("127.0.0.0/8")
nmg:addMasks({"213.244.168.0/24", "130.161.0.0/16"})
nmg:addMasks(dofile("bad-ips.lua")) -- a lua script file that contains: return {"ip1","ip2"..}

if nmg:match(dq.remoteaddr) then
  print("Intercepting query from ", dq.remoteaddr)
end

Prefixing a mask with ! excludes that mask from matching.

newNMG([masks]): NetMaskGroup¶

Changed in version 4.6.0: Added the optional masks parameter.

Returns a new NetMaskGroup. If no masks are passed, the object is empty.

Parameters:¶

masks ({str}) – The masks to add.

class NetMaskGroup¶

IP addresses are passed to Lua in native format.

NetMaskGroup(): addMask(mask)¶

Adds mask to the NetMaskGroup.

Parameters:¶

mask (str) – The mask to add.

NetMaskGroup(): addMasks(masks)¶

Adds masks to the NetMaskGroup.

Parameters:¶

mask ({str}) – The masks to add.

NetMaskGroup(): match(address): bool¶

Returns true if address matches any of the masks in the group.

Parameters:¶

address (ComboAddress) – The IP address to match the netmasks against.