-
Notifications
You must be signed in to change notification settings - Fork 920
dnsdist examples
Evaggelos Balaskas edited this page Dec 25, 2019
·
8 revisions
wiki page with dnsdist examples
In the below example, we support two DoH local Endpoints and we want to send their traffic to two different PowerDNS instances. Using HTTPPathRegexRule we can match them we a specific pool.
New in version 1.4.0
-- DNS over HTTPS
addDOHLocal("127.0.0.1:8053", nil, nil, "/dns-query", { reusePort=true })
addDOHLocal("127.0.0.1:8054", nil, nil, "/ads", { reusePort=true })
-- Filter DNS queries to backend DNS based on endpoint
newServer({address="127.0.0.1:5454", pool="ads"})
addAction(HTTPPathRegexRule("ads"), PoolAction("ads"))
-- fwd queries to:
newServer({address="127.0.0.1:5353"})a full working example is here.
This lua code will resolve any domain name with an IP in it's hostname to it's IP. If no IP match, then dnsdist will response with client's IP address (whatismyip).
-- Import LuaJIT - FFI Library
local ffi = require("ffi")
-- Declare inet_pton
ffi.cdef[[
int inet_pton(int af, const char *src, void *dst);
]]
-- Family IPv4
local AF_INET = 2
local inet = ffi.new("unsigned int [1]")
function luarule(dq)
-- replace dash with dot
ip = string.gsub(dq.qname:toString(), "-", ".")
-- get only digits
ip = string.match(ip, "%d+%.%d+%.%d+%.%d+")
-- if not matched, print whatismyip
if ip == nil then
return DNSAction.Spoof, dq.remoteaddr:tostring()
end
-- Validate IPv4
if ffi.C.inet_pton(AF_INET, ip , inet) == 1 then
return DNSAction.Spoof, ip
else
return DNSAction.Spoof, dq.remoteaddr:tostring()
end
end
addAction(AllRule(), LuaAction(luarule))
Please also read the PowerDNS Documentation that is available from https://doc.powerdns.com/