[Pdns-users] Blacklist domains

Andrea Biancalani a.biancalani at conmet.it
Tue Oct 24 13:02:36 UTC 2023


Answering myself because I've found what I'm looking for, if anybody 
need this can follow this steps:

- go to 
https://github.com/mikalsande/pdns-recursor-lua/blob/master/block.lua 
(opensource script);
- copy/paste block.lua script above into /etc/powerdns/block_domains.lua 
(or whatever name you like);
- create a list of domains you want to blacklist (no www.domainname.tld, 
just domainname.tld) in /etc/powerdns/block.list (or whatever name you 
like) ;
- modify /etc/powerdns/recursor.conf as below:

lua-dns-script=/etc/powerdns/block_domains.lua

- restart powerdns recursor with systemctl restart pdns-recursor.service

Now you can tail your syslog for specific query you want to debug, 
system should answer with a class C IP address (192.0.2.1) for IPv4 and 
2001:db8::1 for IPv6.

Hope this can help someone. All credits to .lua develop on github.

Kudos



Il 24/10/2023 14:19, Andrea Biancalani ha scritto:
>
> Hello everybody,
>
> I'm using a simple PDNS Authoritative 4.8 Master/Slave + PDNS Recursor 
> 4.9 servers (both MySQL backend) to allow customers query,
> local postal police required to blacklist a list of domains. I've no 
> knowledge about lua scripting, is there any guide teaching which is 
> the most fast and functional way to achieve a simple blacklist for 
> specific domain lists?
>
> Thanks all.

-- 
Andrea Biancalani - /Rep. Commerciale e Tecnico/
*Connessioni Metropolitane srl*
Via G. Valentini, 14 - Prato (PO) - 59100
Sito web: https://www.conmet.it
Tel. 0574 536553
Fax. 0574 536554
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20231024/908bab70/attachment.htm>


More information about the Pdns-users mailing list