[dnsdist] attempting to spoof a couple records

[Frank Even]

I've inherited an Unbound environment that has a few "local-zone"
records configured, and am now fronting with dnsdist and need dnsdist
to spoof those records and respond appropriately.

I've managed to make it happen for all traffic, but I can't seem to
get any syntax right for an "AndRule" to get it to work for only
certain source subnets.

I seem to be unable to properly decipher the documentation here.
Below is what I'm really trying to accomplish (all IPs are made up),
but I'm having issues getting it to work properly limited to a single
subnet.

    access-control-view: 127.0.0.0/8 internal
    access-control-view: 10.1.0.0/24 internal
    access-control-view: 10.5.0.0/24 internal

    view:
        name: "internal"
        local-zone: "int.domain"                 typetransparent
        local-data: "name.int.domain            IN A 10.7.7.7"
        local-data: "name.int.domain            IN AAAA"   # <----
(this is actually in the config, I can't seem to find any Ubound
documentation that makes sense of that though, seems like it could be
invalid, there are no IPv6 nets in the access-control-view lists -
does actually appear to be invalid on testing on the inherited
system...throws a weird error on a query).

Just for a single IP I've tried something like this to no avail:
addAction(AndRule({"10.5.5.5/32"}, {"name.int.domain",
SpoofAction("10.7.7.7")}))

Thanks for any guidance here.
Frank