rgacogne
commented
4 years ago This has been implemented in https://github.com/PowerDNS/pdns/pull/8722 and will be available in 1.5.0 (available as 1.5.0-rc4 at the moment), as documented at 1.
Open jonlmcdonald opened 4 years ago
rgacogne
commented
4 years ago This has been implemented in https://github.com/PowerDNS/pdns/pull/8722 and will be available in 1.5.0 (available as 1.5.0-rc4 at the moment), as documented at 1.
jonlmcdonald
commented
4 years ago How would this be used in Lua? Where would the TTL be specified in the following example?
return DNSAction.Spoof, "some.domain.com"
Habbie
commented
4 years ago Hi, you're commenting on a closed ticket. Such comments tend to get ignored if they are not noticed immediately.
I also don't have the answer for you right now. Best to come back to IRC :)
rgacogne
commented
4 years ago I read that report too quickly and incorrectly assumed it was about SpoofAction, please accept my apologies!
rgacogne
commented
4 years ago It's a bit complicated by the fact that Lua rules can only return a single string, and changing that would be a bit cumbersome. Since we support returning a list of IP addresses separated by a comma, we would need to find a way to pass the TTL in that string without making the parsing too brittle. Perhaps something like "<IP 1>, <IP 2>, ... <IP N> - <TTL>".
Short description
Allow DNSAction.Spoof to specify TTL. This would be similar to recursor's dq:addAnswer.
Usecase
I have lists in a database that are used for allow/block. When blocked, a spoofed response is returned. Setting TTL=1 would allow changes (allowlist) to be made without delay.
Description
Add a TTL setting to DNSAction.Spoof.