[dnsdist] Block Random queries
lvrfrc87 at gmail.com
Wed Jun 8 14:53:52 UTC 2016
Hi guys for both responses. I was thinking more something to u32 module on
iptables. Let me be clear: the only fix values are the length of the random
charters that is "8" and the mix letters/numbers. What I was trying to do
is something like:
If the first 8 characters are random
and there are more then 2 numbers
Anyone can suggest me something for that?
2016-06-08 14:55 GMT+01:00 Aleš Rygl <ales at rygl.net>:
> Hi Frederico.
> It is imho almost impossible to block such queries. They are usually
> running at low rates per client per second but from many clients... I have
> already opened a feature request for a dynamic rule that would allow to
> insert rules based on dnsdist statistics of responses:
> In the mean time it could be done by an external script grabing
> topResponses from dnsdist, analyzing them ans install a rule.
> On Wed, 8 Jun 2016 13:53:37 +0100, Federico Olivieri wrote:
> Hi everybody,
> My server receives some random queries as xfz3421xc.domain.com,
> Can someone suggests some LUA script to block these kind of random queries?
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dnsdist