[Pdns-users] Wanted: Little Lua script creating
s.maddox at lantizia.me.uk
Fri Sep 12 15:36:58 UTC 2014
We run PowerDNS Recursor on a couple of systems and I need a little Lua
script making for them. I'm not too clued up on Lua so if someone can
help by writing/testing a script freely or in exchange for
something/money, it'd be appreciated.
At the beginning of each month a Cron job will download this .tar.gz and
extract it. This results in 98 directories each with a single text file
called 'domains' in each.
A MySQL database will exist with a single table that has a structure
like below. Except the first field `ip` the other field names are the
names of the 98 directories already mentioned (the categories).
CREATE DATABASE whatever;
CREATE TABLE filter (`ip` VARCHAR(15) NOT NULL PRIMARY KEY, `abortion`
BOOL NOT NULL DEFAULT 0, `bank` BOOL NOT NULL DEFAULT 0, `chat` BOOL NOT
NULL DEFAULT 0, `dialers` BOOL NOT NULL DEFAULT 0, `games` BOOL NOT NULL
DEFAULT 0, `jewelry` BOOL NOT NULL DEFAULT 0, `mixed_adult` BOOL NOT
NULL DEFAULT 0, `porn` BOOL NOT NULL DEFAULT 0, <<<--and 90 other-->>>
The purpose of the Lua script will be to check if the IP that is trying
to resolve a hostname is listed in the `ip` column.
If it is then check if the hostname their trying to query is in one of
the 'domains' files if they have that category enabled by the boolean flag.
Example... IP 188.8.131.52 is listed in the MySQL table with every
category set to 'false' except for 'chat' which is true. They're trying
to resolve 'icq.com' so the Lua script knows to give a different answer
(e.g. another IP with a notice page on it) as that IP is in the database
and 'icq.com' appears on a line in the file 'chat/domains'.
If anyone can help let me know...
1) I'm open to suggestions about alternative places to get the
categories / lists of domains to block.
2) Don't ask me not to use MySQL - it's what our internal developers
know how to stick data in to... however I appreciate caching this data
to something else might handy to read from that instead.
3) No I'm not looking for something non-DNS based like Squid. This is
just supposed to be a simple DNS-based *only* parental guard type
system, it's not meant to be perfect - just low on resources!
More information about the Pdns-users