On 10/03/2023 09.21, david n via dnsdist wrote:
I tried to explicitly deny the most current DNS requests like for ex :
-- refused query type :
addAction(QTypeRule(dnsdist.ANY), DropAction())
addAction(QTypeRule(dnsdist.SOA), DropAction())
With dnsdist 1.4 (as far as I remember) those names for the various
query types changed, so dnsdist.ANY became DNSQType.ANY.
For your particular case of only wanting to serve A and AAAA records I
would probably just do (untested):
addAction(
NotRule(OrRule({QTypeRule(DNSQType.A),QTypeRule(DNSQType.AAAA)})),
RCodeAction(DNSRCode.REFUSED))
With all the warnings that Stephane already gave you about why this is a
bad idea.
You can replace RCodeAction(DNSRCode.REFUSED) with DropAction() if you
don't even want to reply with a REFUSED response.
Best regards,
Jacob
_______________________________________________
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist