[dnsdist] [EXT] Re: Is the sub-path of a DoH query passed to the backend?
Remi Gacogne
remi.gacogne at powerdns.com
Thu May 20 04:41:50 UTC 2021
Hi Suresh,
On 5/20/21 12:05 AM, Suresh Gunasekaran wrote:
> 1. Is there a way to run a custom script either before a DoH query is
> sent to the backend server or after a response was received from the
> backend? And can this script have access to the sub-path?
That can be done using a LuaAction [1] and the HTTP-related accessors of
the DNSQuestion object, in your case getHTTPPath() [2], I believe.
> 2. If the incoming request had a custom value in the Forwarded (or
> X-Forwarded-For) header will that information be sent to the backend
> server? The documentation talks about support for X-Proxied-For header
> via the addXPF parameter. Is that same as X-Forwarded-For?
No, XPF is a very different thing, see [3]. The trustForwardedForHeader
[4] parameter of the addDOHLocal() directive might be what you are
looking for, since it tells dnsdist to trust the X-Forwarded-For header
present in the query and use that as source client IP.
[1]: https://dnsdist.org/advanced/luaaction.html
[2]: https://dnsdist.org/reference/dq.html#DNSQuestion:getHTTPPath
[3]: https://dnsdist.org/advanced/passing-source-address.html#x-proxied-for
[4]:
https://dnsdist.org/reference/config.html?highlight=trustForwardedForHeader#addDOHLocal
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
More information about the dnsdist
mailing list