modules/policy RPZ: various nitpicks

- logging
- watch by default
- in Fedora we need to depend on the version for lua 5.1
parent 0c60a0ac
Pipeline #45076 failed with stages
in 19 minutes and 6 seconds
......@@ -11,6 +11,8 @@ Bugfixes
- hints module: allow configuring the TTL and change default from 0 to 5s
- policy module: policy.rpz() will watch the file for changes by default
- packaging: lua cqueues added to default dependencies where available
Knot Resolver 3.2.1 (2019-01-10)
......@@ -59,7 +59,7 @@ BuildRequires: pkgconfig(lmdb)
BuildRequires: python3-sphinx
Requires: lua-socket-compat
Requires: lua-sec-compat
Requires: lua-cqueues
Requires: lua-cqueues-compat
Requires(pre): shadow-utils
%if 0%{?suse_version}
......@@ -231,7 +231,7 @@ Most properties (actions, filters) are described above.
:param action: the default action for match in the zone; typically you want ``policy.DENY``
:param path: path to zone file | database
:param watch: boolean, if true the file will be reparsed and the ruleset reloaded on file change
:param watch: boolean, if not false, the file will be reparsed and the ruleset reloaded on file change
Enforce RPZ_ rules. This can be used in conjunction with published blocklist feeds.
The RPZ_ operation is well described in this `Jan-Piet Mens's post`_,
......@@ -450,13 +450,14 @@ local function rpz_parse(action, path)
rules[name] = action_map[name_action]
-- Warn when NYI
if #name > 1 and not action_map[name_action] then
print(string.format('[ rpz ] %s:%d: unsupported policy action', path, tonumber(parser.line_counter)))
log('[poli] RPZ %s:%d: unsupported policy action', path, tonumber(parser.line_counter))
return rules
-- Split path into dirname and basename (like the shell utilities)
local function get_dir_and_file(path)
local dir, file = string.match(path, "(.*)/([^/]+)")
......@@ -475,7 +476,7 @@ end
function policy.rpz(action, path, watch)
local rules = rpz_parse(action, path)
if watch then
if watch or true then
local has_notify, notify = pcall(require, 'cqueues.notify')
if has_notify then
local bit = require('bit')
......@@ -490,11 +491,16 @@ function policy.rpz(action, path, watch)
-- Watcher will also fire for changes to the directory itself
if name == file then
-- If the file changes then reparse and replace the existing ruleset
if verbose() then
log('[poli] RPZ reloading: ' .. name)
rules = rpz_parse(action, path)
elseif watch then -- explicitly requested and failed
error('[poli] lua-cqueues required to watch and reload RPZ file')
elseif verbose() then
log('[poli] lua-cqueues required to watch and reload RPZ file, continuing without watching')
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment