[dnsdist] dnsdist 1.7 : allow only A request

Jacob Bunk Nielsen jbn at one.com
Mon Mar 13 05:40:43 UTC 2023

On 10/03/2023 09.21, david n via dnsdist wrote:
> I tried to explicitly deny the most current DNS requests like for ex :
> -- refused query type :
> 	addAction(QTypeRule(dnsdist.ANY), DropAction())
> 	addAction(QTypeRule(dnsdist.SOA), DropAction())

With dnsdist 1.4 (as far as I remember) those names for the various 
query types changed, so dnsdist.ANY became DNSQType.ANY.

For your particular case of only wanting to serve A and AAAA records I 
would probably just do (untested):


With all the warnings that Stephane already gave you about why this is a 
bad idea.

You can replace RCodeAction(DNSRCode.REFUSED) with DropAction() if you 
don't even want to reply with a REFUSED response.

Best regards,


More information about the dnsdist mailing list