[dnsdist] dnsdist Action dependant on source IP and queried domain
Chris
lists+pdns at gbe0.com
Thu Feb 27 08:28:57 UTC 2020
Hi,
On 27/2/20 4:13 pm, Jochen Demmer via dnsdist wrote:
> addAction(RegexRule(".internal\\.domain\\.net$"), PoolAction("privatezone"))
>
> But this would need a second selector which would be this NMG thing. How
> can I combine that?
As with the previous reply from Jacob Bunk, I would suggest this is the
wrong way to go about things. Ideally you would be running a separate
dnsdist instance for authoritative zones from the recursor (they can be
on the same host with no problems).
Anyway, to answer your question you may combine rules by using "AndRule"
and "OrRule". As an example:
-- Create NMG for source IP's
trustedNMG = newNMG()
trustedNMG:addMask("10.0.0.0/8")
trustedNMG:addMask("172.16.0.0/12")
trustedNMG:addMask("192.168.0.0/16")
trustedNMG:addMask("fd12::/16")
addAction(AndRule({NetmaskGroupRule(trustedNMG),RegexRule(".internal\\.domain\\.net$")}),
PoolAction("privatezone"))
More information about the dnsdist
mailing list