[Pdns-users] wpad filtering
Mario Caruso
caruso at tiscali.com
Thu Nov 30 14:33:03 UTC 2017
Il Thu, 30 Nov 2017 14:51:46 +0100
Remi Gacogne <remi.gacogne at powerdns.com> ha scritto:
> Hi Mario,
Hi Remi,
Thank you for the reply,
>
> On 11/30/2017 11:52 AM, Mario Caruso wrote:
> > I am trying to write a lua rule to somehow filter/capture
> > the wpad like dq.qname (http://allievi.sssup.it/techblog/archives/81)
> >
> > in my test environment (debian stretch and recursor version
> > 4.1.0~rc3-1pdns.stretch) I have this rule :
> >
> > -- US-CERT TA16-144A.
> > if (dq.qname:isPartOf(newDN("wpad")))
> > then
> > dq.rcode = 0
> > dq:addAnswer(pdns.A, "127.0.0.1")
> > return true;
> > end
> >
> > but this doesn't seem to work, maybe I am misinterpreting
> > the isPartOf method , or maybe I should use :toString and
> > then use lua pattern matching.
>
> isPartOf() returns true if the name is a sub-domain of the one passed in
> parameter, so here it would match any domain under the hypothetic .wpad
> TLD, which is not what you want. Lua pattern matching would be one of
> the various ways to do that, yes.
I switched the expression to this one
queryString=dq.qname:toString()
-- US-CERT TA16-144A.
if (querystring:match('^wpad%.'))
then
dq.rcode = 0
dq:addAnswer(pdns.A, "127.0.0.1")
return true;
end
and this is working in the test environment.
I would like to know what other admins thinks of this
approach, I mean can it affect performances as it is "casting"
to string every query ? Am I the only one doing this ?
thanks to everybody
M.
---------------------------
() ASCII Ribbon Campaign
/\ Against HTML E-Mail
---------------------------
This mail is ubuntu Hostile
---------------------------
More information about the Pdns-users
mailing list