[dnsdist] Modifying requests

Steve Freegard steve at abusix.com
Fri Mar 15 13:07:35 UTC 2019

Hi Remi,

Thanks for the reply.

I was thinking of placing dnsdist in front of a pool of rbldnsd servers 
and placing an query key within the qname as a form of authentication 
(instead of using an IP ACL), e.g. ip.ip.ip.ip.query_key.zone.zone.zone 
-> ip.ip.ip.ip.zone.zone.zone.

With the query keys in memory, it would have been simply to allow the 
modified qname through, or to return NXDOMAIN or REFUSED if the query 
key was either missing or invalid.

Kind regards,

On 15/03/2019 13:01, Remi Gacogne wrote:
> Hi Steve,
> On 3/15/19 1:51 PM, Steve Freegard wrote:
>> In Packet Policies, it states that each packet can be "Modified and
>> forwarded to a downstream and be modified back".
>> But I can't work out how to do this and the docs don't appear to give
>> any examples - what I would like to do is remove a label from the qname
>> before forwarding to a pool.
>> Anyone have any pointers as to how to do this?
> I'm afraid currently does not support altering the qname.
> If you don't mind telling us a bit more about what you are trying to
> achieve, perhaps we can suggest another way or, if it makes sense, turn
> that into a feature request.
> Best regards,
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190315/d5ea45bb/attachment.html>

More information about the dnsdist mailing list