[dnsdist] Matching corrupt DNS queries?
Jacob Bunk Nielsen
jacob at bunknielsen.dk
Sun Aug 13 11:07:50 UTC 2023
We are sometimes seeing UDP DNS queries that come in with the TC flag
set to true. That doesn't make sense to send such queries as the client
should of course just make that query over TCP.
But how do I match those queries in dnsdist? The DNSHeader class has a
:setTC() function, but not a :getTC() function. Also, it would be great
to have a generic way to match on header flags like you can do on e.g.
or similar, but I don't find anything like this in the docs. Do any of
you do any sort of filtering based on header flags?
More information about the dnsdist