Hello,
I would like to kindly ask for an advice here.
I spoof certain A records to a single IP address on my DNS backends.
Based on this IP I would like to log them in order to identify the
clients sending such requests. I am not sure what is the best way to do
it. I know that I have to use addResponseAction together with
DnstapLogResponseAction or with LuaResponseAction. Nevertheless I am not
sure how to code it...
Will this approach work?
function checkResponseIP(dr)
if dr.qtype == DNSQType.A and "IP in the response is w.x.y.z" then
-->> DnstapLogResponseAction("dnsdist", log-receiver) <<<---
return DNSResponseAction.None
end
return DNSResponseAction.None
end
addResponseAction(AllRule(), LuaResponseAction((checkResponseIP)))
Or is there a way how to use a function matching the response instead
of AllRule() and then simply use:
addResponseAction(MyIPResponseMatchingRule(),
DnstapLogResponseAction("dnsdist", log-receiver))
or
addCacheHitResponseAction(MyIPResponseMatchingRule(),
DnstapLogResponseAction("dnsdist", log-receiver))
respectively?
Thanks
Regards
Ales
_______________________________________________
dnsdist mailing list
[email protected]
https://mailman.powerdns.com/mailman/listinfo/dnsdist
