Hello, I looked into setting up an ACL using Forward-confirmed reverse DNS (FCrDNS) to verify clients like googebot.
I looked into "http-request do-resolve" for this but as far as I can see it only allows "ipv4" and "ipv6" resolution but no other generic DNS lookups. Is there a reason why it doesn't allow any generic DNS record type lookups? I'm not even sure that the do-request is the right approach here. Any idea, how FCrDNS checks should be mae with haproxy? To make it clear, what a FCrDNS check involves: making a reverse lookup of the origin IP addres, then a forward lookup of the result, then check if the result is a superset of the origin IP address. Thanks Björn
