It seems too cryptic to me. It seems to me usually overriding some name, I would expect also other query types to be handled.
Could we support for example: --address=/example.com/#,local meaning the same value as another --local=/example.com/ specified? Just on single line, only one domain per config needed. On 8/31/21 10:12 PM, Simon Kelley wrote: > On 31/08/2021 10:49, Dominik DL6ER wrote: > >> Our conclusion was that the all-zero address (0.0.0.0 and [::]) >> approach is the most effective one to block A and AAAA queries. >> For all other query types we recommend NODATA (i.e., a NOERROR reply >> with no answer records). Using this combination, we've not seen any >> issues anywhere. Devices either recognize 0.0.0.0 as an address they >> cannot connect to or us it to connect to themselves where there is >> typically nothing served on port 443 (or wherever they are connecting >> to). >> > Which can be achieved in dnsmasq with > > --address=/example.com > --address=/example.com/ > > The first line gives the A and AAAA answers, the second makes all other > query types NODATA. > > > I occurs to me that address=/example.com should possibly imply the > NODATA answer without needing the second line. Would that mean --server=/example.com would be required to forward other than address queries to upstream servers? > Thoughts? > > Cheers, > > Simon. > > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss > -- Petr Menšík Software Engineer Red Hat, http://www.redhat.com/ email: pemen...@redhat.com PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss