[dnsdist] CNAME Spoof NXDOMAIN replies

Djerk Geurts djerk at maizymoo.com
Mon Jun 6 22:40:54 UTC 2022


Trying to do the following in dnsdist and failing as I don’t think DNSAnswer supports the spoof option. Is there a way to implement the following login in dnsdist Lua script?

function nxdomain(dq)
  local qname = dq.qname
  print("Query: "..qname:toString())
  if (dq.qtype == DNSQType.NAPTR) then
    if (qname:countLabels() == 12) then
      qname:chopOff()
    end
    if (qname:countLabels() > 8) then
      qname:chopOff()
      local reply = "*."..qname:toString()
      print("Return: "..reply)
    else
      return DNSAction.None, ""
    end
  end
end

addResponseAction(RCodeRule(DNSRCode.NXDOMAIN), LuaResponseAction(nxdomain))

I’ve also tried:
      return SpoofCNAMEAction(reply)

But that didn’t work either. It seems that LueResponseAction is limited as to what the reply can be. What I’m trying to do is intercept NXDOMAIN replies and return a different value from a ‘parent’ record, hence the chopOff() and then using spoofing to return a valid reply instead of the original NXDOMAIN.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20220606/1c746677/attachment.htm>


More information about the dnsdist mailing list