[Pdns-users] Unable to filter Domains - Recursor 4.x behind dnsdist

Fri Feb 26 02:09:14 UTC 2016

Hello,

I am running an alpha release of Recursor 4.x for the domain filtering
option.  After configuring the lua scripts I was able to test a successfull
query from the Recursor Local Host by adding it into the IP Filters file. 
However,  when I try from my remote host the filter does not work. I am
running the Recursor behind dnsdist with "useclientsubnet" directive
enabled.  I confirmed the LB is sending OPT packed with the EDNS client
subnet embedded into the DNS Query.

I suspect Lua is not parsing this data properly and parsing all traffic from
the IP source being that of the Load Balancer.  Should I be using a
"getEDNSOption" to explicitly tell the Lua script to look for the EDNS
client subnet in order to properly match my filters?

Any help is greatly appreciated!

Here is a snippet of my action script:

adservers=newDS()
adservers:add(dofile("/etc/lua/blocklist-advertising.lua"))

filterset=newCAS()
filterset:add(dofile("/etc/lua/filtercustomers.lua"))

function preresolve(dq)

    if(not adservers:check(dq.qname) or (dq.qtype ~= pdns.A and dq.qtype ~=
pdns.AAAA)) then
        return false
    end

    dq.variable=true
    if(not filterset:check(dq.remoteaddr)) then
        return false
    end

    dq:addRecord(pdns.SOA,
        "fake."..dq.qname:toString().." fake."..dq.qname:toString().." 1
7200 900 1209600 86400",
        2)
    return true
end 

--
View this message in context: http://powerdns.13854.n7.nabble.com/Unable-to-filter-Domains-Recursor-4-x-behind-dnsdist-tp12173.html
Sent from the PowerDNS mailing list archive at Nabble.com.