[dnsdist] Client query id in the dq-object?
Remi Gacogne
remi.gacogne at powerdns.com
Tue Nov 15 08:52:37 UTC 2022
Hi Tom,
On 04/11/2022 08:02, Tom via dnsdist wrote:
> So the idea was to set a dnsdist rule on which I can set the
> AllowedDebugSRC (the admin's IP, to prevent, that anybody else could
> trigger the debug), check the QueryID and then send this kind of
> requests to a debug-enabled BIND, which then write a debug log from the
> received query. Someting like this:
>
>
> AllowedDebugSRC = newNMG()
> AllowedDebugSRC:addMask("1.2.3.4/32")
> function qidlog(dq)
> if(AllowedDebugSRC:match(dq.remoteaddr) and <qid> == 0) then
> print("Debugging from " .. dq.remoteaddr:toString() ..
> " with query id" .. <qid>)
> return DNSAction.Pool, "bind-querylog"
> end
> end
> addAction(AllRule(), LuaAction(qidlog))
I'm afraid there is currently no way in dnsdist to influence the query
ID in outgoing queries. This would not be easy to implement as it
touches the way dnsdist matches the responses received to the backend
against the outstanding queries, so that logic is quite deep in the core
code of dnsdist.
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20221115/79e72f49/attachment.sig>
More information about the dnsdist
mailing list