1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
{% from 'macros/common_macros.lua.j2' import string_table, boolean %}
{% from 'macros/policy_macros.lua.j2' import policy_get_tagset, policy_todname %}
{%- macro local_data_ttl(ttl) -%}
{%- if ttl -%}
{{ ttl.seconds() }}
{%- else -%}
{{ 'C.KR_RULE_TTL_DEFAULT' }}
{%- endif -%}
{%- endmacro -%}
{% macro kr_rule_local_address(name, address, nodata, ttl, tags=none) -%}
assert(C.kr_rule_local_address('{{ name }}', '{{ address }}',
{{ boolean(nodata) }}, {{ local_data_ttl(ttl)}}, {{ policy_get_tagset(tags) }},
C.KR_RULE_OPTS_DEFAULT) == 0)
{%- endmacro -%}
{% macro local_data_addresses(pairs, nodata, ttl) -%}
{% for name, addresses in pairs.items() %}
{% for address in addresses %}
{{ kr_rule_local_address(name, address, nodata, ttl) }}
{% endfor %}
{% endfor%}
{%- endmacro %}
{% macro kr_rule_local_hosts(file, nodata, ttl, tags=none) -%}
assert(C.kr_rule_local_hosts('{{ file }}', {{ boolean(nodata) }},
{{ local_data_ttl(ttl)}}, {{ policy_get_tagset(tags) }}, C.KR_RULE_OPTS_DEFAULT) == 0)
{%- endmacro %}
{% macro local_data_addresses_files(files, nodata, ttl, tags) -%}
{% for file in files %}
{{ kr_rule_local_hosts(file, nodata, ttl, tags) }}
{% endfor %}
{%- endmacro %}
{% macro local_data_records(input_str, is_rpz, nodata, ttl, extra, id='rrs') -%}
{{ id }} = ffi.new('struct kr_rule_zonefile_config')
{{ id }}.ttl = {{ local_data_ttl(ttl) }}
{{ id }}.tags = {{ policy_get_tagset(extra.tags) }}
{{ id }}.nodata = {{ boolean(nodata) }}
{{ id }}.is_rpz = {{ boolean(is_rpz) }}
{% if is_rpz -%}
{{ id }}.filename = '{{ input_str }}'
{% else %}
{{ id }}.input_str = [[
{{ input_str.multiline() }}
]]
{% endif %}
{# .opts are complicated #}
{{ id }}.opts = C.KR_RULE_OPTS_DEFAULT
{% if extra is not none -%}
{% if false and extra.dry_run is not none and extra.dry_run -%}
{{ id }}.opts.score = 4
{% else %}
{{ id }}.opts.score = 9
{% endif %}
{% if 'log' in extra and extra.log is not none -%}
{{ id }}.opts.log_level = 3 -- notice
{% if 'ip' in extra.log -%}
{{ id }}.opts.log_ip = true
{% endif %}
{% if 'name' in extra.log -%}
{{ id }}.opts.log_name = true
{% endif %}
{% endif %}
{% endif %}
assert(C.kr_rule_zonefile({{ id }})==0)
{%- endmacro %}
{% macro kr_rule_local_subtree(name, type, ttl, tags=none) -%}
assert(C.kr_rule_local_subtree(todname('{{ name }}'),
C.KR_RULE_SUB_{{ type.upper() }}, {{ local_data_ttl(ttl) }}, {{ policy_get_tagset(tags) }},
C.KR_RULE_OPTS_DEFAULT) == 0)
{%- endmacro %}
{% macro local_data_rules(items, nodata, ttl) -%}
{% for item in items %}
{% if item.name %}
{% for name in item.name %}
{% if item.address %}
{% for address in item.address %}
{{ kr_rule_local_address(name, address, nodata if item.nodata is none else item.nodata, item.ttl or ttl, item.tags) }}
{% endfor %}
{% endif %}
{% if item.subtree %}
{{ kr_rule_local_subtree(name, item.subtree, item.ttl or ttl, item.tags) }}
{% endif %}
{% endfor %}
{% elif item.file %}
{% for file in item.file %}
{{ kr_rule_local_hosts(file, nodata if item.nodata is none else item.nodata, item.ttl or ttl, item.tags) }}
{% endfor %}
{% elif item.records %}
{{ local_data_records(item.records, false, nodata if item.nodata is none else item.nodata, item.ttl or ttl, item) }}
{% endif %}
{% endfor %}
{%- endmacro %}
|
