[dnsdist] Match CAA queries
Christian Elmerot
ce at one.com
Wed Jan 3 11:56:00 UTC 2018
On 2018-01-03 09:50, Ask Bjørn Hansen wrote:
>
>> On Aug 18, 2017, at 2:49, Remi Gacogne <remi.gacogne at powerdns.com> wrote:
>>
>> A simple QTypeRule(dnsdist.CAA) should match, so something like:
>>
>> addAction(QTypeRule(dnsdist.CAA), PoolAction("mypool"))
>>
>> should be enough to route it to a different pool, for example. I think
>> you should be able to use RCodeAction to make a NOERROR answer too.
> Great, that worked indeed.
>
> Now I wanted to make it also match a domain — so “example.org and qtype=CAA”.
>
> I tried
>
> addAction(AndRule({“example.org.”, QTypeRule(dnsdist.CAA)}), RCodeAction(dnsdist.NOERROR))
>
> but it gives me an error saying
>
> “Unable to convert parameter from table to St6vectorISt4pairIiSt10shared_ptrI7DNSRuleEESaIS4_EE”
>
>
> If I wrap “example.org.” in makeRule() it seems to work. Is that right?
>
If you are running dnsdist 1.2 then use QNameRule() i.e.
addAction(AndRule({QNameRule("example.org."), QTypeRule(dnsdist.CAA)}),
RCodeAction(dnsdist.NOERROR))
makeRule matches suffixes i.e. com. IIRC
/Elmerot
More information about the dnsdist
mailing list