Policy Events

Since 4.4.0, the Lua hook policyEventFilter() is called along with a PolicyEvent object whenever a filtering policy matches.

PolicyEvent class

class PolicyEvent

Represents an event related to a filtering policy.


Add policyTag tag to the list of policyTags.

Parameters:tag (str) – The tag to add
:getPolicyTags() → {str}

Get the current policy tags as a table of strings.


Set the policy tags to tags, overwriting any existing policy tags.

Parameters:tags ({str}) – The policy tags

Skip the filtering policy (for example RPZ) named policyname for this query.

Parameters:policyname (str) – The name of the policy to ignore.

The decision that was made by the policy engine, see Modifying Policy Decisions.


A string with the name of the policy. Set by policyName in the rpzFile() and rpzMaster() configuration items. It is advised to overwrite this when modifying the PolicyEvent.appliedPolicy.policyKind


The action taken by the engine


The CNAME content for the pdns.policyactions.Custom response, a string


The kind of policy response, there are several policy kinds:

  • pdns.policykinds.Custom will return a NoError, CNAME answer with the value specified in PolicyEvent.appliedPolicy.policyCustom
  • pdns.policykinds.Drop will simply cause the query to be dropped
  • pdns.policykinds.NoAction will continue normal processing of the query
  • pdns.policykinds.NODATA will return a NoError response with no value in the answer section
  • pdns.policykinds.NXDOMAIN will return a response with a NXDomain rcode
  • pdns.policykinds.Truncate will return a NoError, no answer, truncated response over UDP. Normal processing will continue over TCP

The TTL in seconds for the pdns.policyactions.Custom response


DNSName of the name the query is for.


Type the query is for as an integer, can be compared against pdns.A, pdns.AAAA.


Whether the query was received over TCP.


ComboAddress of the requestor.