[dnsdist] Large domain list blocking via DNS
Jahanzeb Arshad
jahanzeb at nayatel.com
Mon Dec 13 07:00:11 UTC 2021
Greetings,
We want to implement blocking of large number (3M+) of undesirable
domains (adult/malware) via DNS. We have tested using PowerDNS recursor
and it is working in test environment. For blocking we have use LUA dns
script with domains in sqlite3 DB. Can we do same on DNSDIST as we are
using it as load balancer on front of all our resolver DNS. Does
DNSDIST support LUA with sqlite3 or other database.
driver = require "luasql.sqlite3"
local env = driver.sqlite3()
function preresolve ( dq )
if dq.qtype == pdns.A then
local con =
env:connect('/var/lib/powerdns/blacklistdomains.sqlite3',READONLY)
local sth = con:execute( string.format("SELECT 1 FROM domains
WHERE name = '%s'", dq.qname ) )
if sth:fetch() then
dq:addAnswer(pdns.A, "127.0.0.1", 300)
sth:close()
con:close()
return true;
end
con:close()
end
return false;
end
--
Regards
Jahanzeb Arshad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20211213/644d89b2/attachment.htm>
More information about the dnsdist
mailing list