I am using dnsdist 1.4.0-beta1 and am trying to detect queries that are
using a local/experimental optcode. For example, I have the following in
the dnsdist.conf file.

addAction(EDNSOptionRule(65002), DropAction())

and I see the rule in the webserver.

[image: Screen Shot 2019-07-31 at 12.47.10 PM.png]

and I sent a query with the ENDS Option and it doesn't get dropped. I know
this because I have a Lua script associated with the pdns recursor that is
processing that specific option.

lua snippit
      -- Special Code is in EDNS Option 65002
      local specialcode = dq:getEDNSOption(65002)
      if (specialcode) then
        pdnslog("*************************** Special Code = "..specialcode)

Log file Output
*************************** Special Code = BLAH

Any idea on what is going on?



Brian M. Sullivan
Senior Staff Security Intelligence Engineer
bsulli...@lookout.com |  www.lookout.com
dnsdist mailing list

Reply via email to