Revert "MXS-2513 Deprecate firewall and masking filters"

This reverts commit de3c5721e95d5d5be909a56faeb121ad09a2f6fe.

Documentation/Changelog.md

@@ -10,7 +10,6 @@
 * MaxCtrl commands `list sessions`, `show sessions` and `show session <id>`
   support reverse DNS lookup of client addresses. The conversion is activated
   by adding the `--rdns`-option to the command.
-* The database firewall filter and the masking filter have been deprecated.
 * The following MariaDB-Monitor settings have been removed and cause a startup error
   if defined: `mysql51_replication`, `multimaster` and `allow_cluster_recovery`. The
   setting `detect_replication_lag` is deprecated and is ignored.

Documentation/Filters/Database-Firewall-Filter.md

@@ -3,24 +3,54 @@
 Table of Contents
 =================
 
-[TOC]
+* [Overview](#overview)
+* [Configuration](#configuration)
+   * [Filter Parameters](#filter-parameters)
+      * [rules](#rules)
+      * [action](#action)
+      * [log_match](#log_match)
+      * [log_no_match](#log_no_match)
+* [Rule syntax](#rule-syntax)
+   * [Mandatory rule parameters](#mandatory-rule-parameters)
+      * [wildcard](#wildcard)
+         * [Example](#example)
+      * [columns](#columns)
+         * [Example](#example-1)
+      * [function](#function)
+         * [Example](#example-2)
+      * [not_function](#not_function)
+      * [Example](#example-3)
+      * [uses_function](#uses_function)
+         * [Example](#example-4)
+      * [function and columns](#function-and-columns)
+         * [Example](#example-5)
+      * [not_function and columns](#not_function-and-columns)
+         * [Example](#example-6)
+      * [regex](#regex)
+         * [Example](#example-7)
+      * [limit_queries](#limit_queries)
+         * [Example](#example-8)
+      * [no_where_clause](#no_where_clause)
+         * [Example](#example-9)
+   * [Optional rule parameters](#optional-rule-parameters)
+      * [at_times](#at_times)
+      * [on_queries](#on_queries)
+   * [Applying rules to users](#applying-rules-to-users)
+* [Module commands](#module-commands)
+   * [dbfwfilter::rules/reload [FILE]](#dbfwfilterrulesreload-file)
+   * [dbfwfilter::rules](#dbfwfilterrules)
+* [Use Cases](#use-cases)
+   * [Use Case 1 - Prevent rapid execution of specific queries](#use-case-1---prevent-rapid-execution-of-specific-queries)
+   * [Use Case 2 - Only allow deletes with a where clause](#use-case-2---only-allow-deletes-with-a-where-clause)
 
 ## Overview
 
-The database firewall filter has been deprecated in MaxScale 2.4 and
-it will be removed in a future version of MaxScale. We advise against
-using it.
-
 The Database Firewall filter is used to block queries that match a set of
 rules. It can be used to prevent harmful queries from reaching the backend
 database instances or to limit access to the database based on a more flexible
 set of rules compared to the traditional GRANT-based privilege system. Currently
 the filter does not support multi-statements.
 
-Note that the firewall filter should be viewed as a best-effort solution
-intended for protecting against accidental misuse rather than malicious
-attacks.
-
 ## Configuration
 
 The Database Firewall filter only requires minimal configuration in the

Documentation/Filters/Masking.md

@@ -9,10 +9,6 @@ Table of Contents
 
 ## Overview
 
-The masking filter has been deprecated in MaxScale 2.4 and
-it will be removed in a future version of MaxScale. We advise against
-using it.
-
 With the _masking_ filter it is possible to obfuscate the returned
 value of a particular column.
 
@@ -45,10 +41,6 @@ the _ssn_ would be masked, as in
 ...
 ```
 
-Note that the masking filter should be viewed as a best-effort solution
-intended for protecting against accidental misuse rather than malicious
-attacks.
-
 ## Security
 
 From MaxScale 2.3 onwards, the masking filter will reject statements

Documentation/Release-Notes/MaxScale-2.4.0-Release-Notes.md

@@ -81,22 +81,6 @@ The `ndbclustermon` module has been removed.
 The `mmmon` module has been removed as the `mariadbmon` monitor largely does
 what it used to do.
 
-## Deprecated Features
-
-### `dbfwfilter`
-
-The database firewall filter has been deprecated and it will be removed in a
-future version of MaxScale.
-
-We advise against using it.
-
-### `masking`
-
-The masking filter has been deprecated and it will be removed in a
-future version of MaxScale.
-
-We advise against using it.
-
 ## New Features
 
 ### Servers can be drained

server/modules/filter/dbfwfilter/dbfwfilter.cc

@@ -1272,9 +1272,6 @@ Dbfw::~Dbfw()
 
 Dbfw* Dbfw::create(const char* zName, MXS_CONFIG_PARAMETER* pParams)
 {
-    MXS_WARNING("The database firewall filter has been DEPRECATED in MaxScale 2.4 "
-                "and it will be removed in a future release of MaxScale.");
-
     Dbfw* rval = NULL;
     RuleList rules;
     UserMap users;

server/modules/filter/masking/maskingfilter.cc

@@ -77,6 +77,8 @@ extern "C" MXS_MODULE* MXS_CREATE_MODULE()
                                reload_argv,
                                "Reload masking filter rules");
 
+    MXS_NOTICE("Masking module %s initialized.", VERSION_STRING);
+
     typedef MaskingFilter::Config Config;
 
     static MXS_MODULE info =
@@ -174,9 +176,6 @@ MaskingFilter::~MaskingFilter()
 // static
 MaskingFilter* MaskingFilter::create(const char* zName, MXS_CONFIG_PARAMETER* pParams)
 {
-    MXS_WARNING("The masking filter has been DEPRECATED in MaxScale 2.4 and "
-                "it will be removed in a future release of MaxScale.");
-
     MaskingFilter* pFilter = NULL;
 
     Config config(zName, pParams);