On Sun, Mar 19, 2023 at 09:09:47PM +0100, Chandra wrote:
> Thank you. It seems I missed that one. :)
It's good form to reply to the list.
-Otto
>
> On Sun, Mar 19, 2023, at 21:06, Otto Moerbeek wrote:
> > On Sun, Mar 19, 2023 at 04:54:19PM +0100, Chandra via dnsdist wrote:
> >
> > > Hello all,
> > >
> > > I am trying to configure DOH over HTTP and I can't seem to figure out
> > > what I'm doing wrong. I have a nginx proxying the incoming request and
> > > don't need it on HTTPS. Here's my config
> > >
> > > *--- doh over http*
> > > setACL({"0.0.0.0/0", "::/0"})
> > > addLocal('0.0.0.0:7070')
> > > webserver("127.0.0.1:8083")
> > >
> > > newServer({address="1.1.1.1", pool="pub-unsafe-tier1",name="cloudflare"})
> > > newServer({address="8.8.8.8", pool="pub-unsafe-tier1",name="google"})
> > > newServer({address="194.242.2.2",pool="pub-safe-tier1",name="mullvad-noadblock",checkInterval=60})
> > > newServer({address="84.200.69.80",
> > > pool="pub-safe-tier2",name="dnswatch1",checkInterval=60})
> > > newServer({address="84.200.70.40",
> > > pool="pub-safe-tier2",name="dnswatch2",checkInterval=60})
> > >
> > >
> > > addDOHLocal("0.0.0.0:9090",nil,nil, "/dns-query", { reusePort=true,
> > > trustForwardedForHeader=true })
> > > ```
> > >
> > > When testing on the locally, here's what I get:
> > >
> > > $ curl -H 'accept: application/dns-message'
> > > 'http://localhost:9090/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB'
> > >
> > > dns query not allowed
> > >
> > > $ ...
> > >
> > >
> > > Where am I going wrong?
> >
> > You have no policy defined. The default policy is to send packets to
> > the default pool (named ""). Your default pool is empty. So the query
> > gets refused, since no policy applies.
> >
> > -Otto
> >
_______________________________________________
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
