[dnsdist] Is it possible to add an EDE to DNSAction.SpoofRaw ?

Marco Davids (SIDN) marco.davids at sidn.nl
Thu Sep 26 16:09:58 UTC 2024 

Hi Remi,

Op 20-08-2024 om 09:26 schreef Remi Gacogne via dnsdist:

> Have you tried calling dq:setExtendedDNSError(...) [1] before returning 
> from the function? It should do what you want. >
> [1]: https://dnsdist.org/reference/dq.html#DNSQuestion:setExtendedDNSError

Sorry for the delay (and for the error in my luarule example), but I had 
some time to dive into this again and your suggestion does not work for me.

It seems that the combination of EDE and SpoofRaw (which is what I want) 
is suboptimal.

So, for instance, this works fine:

-----
function luarule1(dq)
     dq:setExtendedDNSError(0, "Hello from luarule1")
     return DNSAction.None
end

addAction(AndRule({QNameRule('example.nl.'), QClassRule(DNSClass.IN), 
QTypeRule(DNSQType.TXT)}), LuaAction(luarule1))
-----

But when I try a SpoofRaw, it does not work:

-----
function luarule2(dq)
    local result = 'hello from luarule2'
    local strlen = string.char(#result)
    dq:setExtendedDNSError(4, "We fiddled around with this in luarule2")
    return DNSAction.SpoofRaw, strlen .. result
end

addAction(AndRule({QNameRule('example.nl.'), QClassRule(DNSClass.IN), 
QTypeRule(DNSQType.TXT)}), LuaAction(luarule2))
-----

The spoofed answer is returned, but without the EDE.

Still using:

dnsdist 1.10.0-alpha0.1183.master.g5508d1039 (Lua 5.1.4 [LuaJIT 
2.1.0-beta3])

(but hoping to update soon though)

Thanks!

-- 
𝓜𝓪𝓻𝓬𝓸
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xBB2857E82C0F54F3.asc
Type: application/pgp-keys
Size: 81793 bytes
Desc: OpenPGP public key
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20240926/9a088318/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20240926/9a088318/attachment-0001.sig>

More information about the dnsdist mailing list