[dnsdist] CNAME Spoof NXDOMAIN replies
Djerk Geurts
djerk at maizymoo.com
Mon Jun 6 22:40:54 UTC 2022
Trying to do the following in dnsdist and failing as I don’t think DNSAnswer supports the spoof option. Is there a way to implement the following login in dnsdist Lua script?
function nxdomain(dq)
local qname = dq.qname
print("Query: "..qname:toString())
if (dq.qtype == DNSQType.NAPTR) then
if (qname:countLabels() == 12) then
qname:chopOff()
end
if (qname:countLabels() > 8) then
qname:chopOff()
local reply = "*."..qname:toString()
print("Return: "..reply)
else
return DNSAction.None, ""
end
end
end
addResponseAction(RCodeRule(DNSRCode.NXDOMAIN), LuaResponseAction(nxdomain))
I’ve also tried:
return SpoofCNAMEAction(reply)
But that didn’t work either. It seems that LueResponseAction is limited as to what the reply can be. What I’m trying to do is intercept NXDOMAIN replies and return a different value from a ‘parent’ record, hence the chopOff() and then using spoofing to return a valid reply instead of the original NXDOMAIN.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20220606/1c746677/attachment.htm>
More information about the dnsdist
mailing list