[Pdns-users] LUA for "filter-aaaa-on-v4"
Otto Moerbeek
otto at drijf.net
Mon Oct 30 06:25:55 UTC 2023
On Mon, Oct 30, 2023 at 04:35:25AM +0000, Djerk Geurts via Pdns-users wrote:
> Hi all,
>
> Not had the opportunity to test this yet, but wanted to check with those more experienced at LUA scripting if the following has any unexpected side effects:
>
> function preresolve(dq)
> -- Implementation of 'filter-aaaa-on-v4'
> if dq.qtype == pdns.AAAA and dq.remoteaddr:isIPv4() then
> dq.appliedPolicy.policyKind = pdns.policykinds.Drop
> return false
> else
> return false
> end
> end
>
> I will run a test when I get the opportunity. Does anyone filter AAAA requests for single stack clients (IPv4 only obviously)?
>
> Thanks,
> Djerk Geurts
This polciy will also apply to dual stack clients that happen to
contact the rescursor over v4 to request an AAAA. There is nothing
wrong with that, but your policy will cause timeouts for the clients.
So not recommended.
-Otto
More information about the Pdns-users
mailing list