msys.audit.rejections
Name
msys.audit.rejections — Return the number of rejections that have occurred for a CIDR block within a configured time window
Synopsis
msys.audit.rejections(monitor, options);
monitor: string options: table, optional
Description
Returns the number of rejections that have occurred for a CIDR block within a configured time window. monitor
corresponds to one of the monitors defined in the inbound_audit module. If the named module is not configured, an error is raised. options
is a table that can contain the following keys:
-
startv
the starting window (default 0) to query across. -
endv
the ending window (default 0) to query across. -
cidr
an IP/mask specifying the address of interest. If not specified, the current connected IP is assumed. -
cluster
use the cluster wide metrics, rather than the local node metrics. Ifoptions
is not a table, it is interpreted as though it was the cidr value of interest.
When specifying a window range, the aggregate sum over the specified range will be returned instead of the value from the current time window.
As of version 3.4, this feature supports IPv6.
IPv6 addresses are much more flexible than IPv4 addresses in terms of their formatting options. They also use a different delimiter character than IPv4 addresses (a colon instead of a period). This means that in certain contexts, an IPv6 address can create parsing ambiguities.
The accepted convention is to require that, in circumstances where a configuration parameter can also contain something other than an IP address, that an IPv6 address must be enclosed in square brackets. In practical terms, this means that things like the gateway
, routes
and listen
options must have IPv6 addresses enclosed in brackets. Others, such as peer
, relay_hosts
and prohibited_hosts
do not require the IPv6 address in brackets.
Enable this function with the statement require('msys.audit');
.