Thank you. It seems I missed that one. :)
On Sun, Mar 19, 2023, at 21:06, Otto Moerbeek wrote:
> On Sun, Mar 19, 2023 at 04:54:19PM +0100, Chandra via dnsdist wrote:
>
> > Hello all,
> >
> > I am trying to configure DOH over HTTP and I can't seem to figure out what
> > I'm doing wrong. I have a nginx proxying the incoming request and don't
> > need it on HTTPS. Here's my config
> >
> > *--- doh over http*
> > setACL({"0.0.0.0/0", "::/0"})
> > addLocal('0.0.0.0:7070')
> > webserver("127.0.0.1:8083")
> >
> > newServer({address="1.1.1.1", pool="pub-unsafe-tier1",name="cloudflare"})
> > newServer({address="8.8.8.8", pool="pub-unsafe-tier1",name="google"})
> > newServer({address="194.242.2.2",pool="pub-safe-tier1",name="mullvad-noadblock",checkInterval=60})
> > newServer({address="84.200.69.80",
> > pool="pub-safe-tier2",name="dnswatch1",checkInterval=60})
> > newServer({address="84.200.70.40",
> > pool="pub-safe-tier2",name="dnswatch2",checkInterval=60})
> >
> >
> > addDOHLocal("0.0.0.0:9090",nil,nil, "/dns-query", { reusePort=true,
> > trustForwardedForHeader=true })
> > ```
> >
> > When testing on the locally, here's what I get:
> >
> > $ curl -H 'accept: application/dns-message'
> > 'http://localhost:9090/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB'
> >
> > dns query not allowed
> >
> > $ ...
> >
> >
> > Where am I going wrong?
>
> You have no policy defined. The default policy is to send packets to
> the default pool (named ""). Your default pool is empty. So the query
> gets refused, since no policy applies.
>
> -Otto
>
_______________________________________________
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
