2014-10-20 11:54 GMT-03:00 Curtis Maurand <cur...@maurand.com>: > On 10/20/2014 9:40 AM, Ciro Iriarte wrote: > > 2014-10-17 13:35 GMT-03:00 k...@rice.edu <k...@rice.edu>: > > Hi Ciro, > > We used a CDB key value store. It was easy to use/update and had > very good performance. "grepping" is O(n*n) so it will tank as > your list grows and you really don't want to slow down your DNS > lookups. > > Regards, > Ken > > Hi Ken, I'll look at the LUA+CDB mix given it seems more elegant, any > document specific for PDNS you can point me to? > > Regards,! > > Hi, > > No PDNS specific documentation, we used the CDB map to allow the > blacklist to be update without needing to restart the recursor > and lose all the cached DNS lookups. We wrote a function similar > to the example Lua script using a CDB map instead. > > Regards, > Ken > > Hi Ken!, would you be willing to publish/share your implementation?. > Having two different rules (two groups, each group with different > answers), do you think it's best to use two scripts?, or just push > more data to the CDB (A record expected + answer) and use one script? > > Regards, > > > I've been looking for a way to do this as well. I would think that a > separate pdns instance on a different server than your main dns would do the > trick or have one bound to one address and a second instance bound to > another using separate databases. I tried setting up a zone and delegating > it to the current DNS and that doesn't work. It's an interesting problem. > Currently I'm using iptables on my mail servers, but that get's unwieldy and > unmanageable in a hurry. I've also done it with spamassassin rules, but > that also get's to be unmanageable, too. > > --Curtis > > > > > -- > Curtis Maurand > cur...@maurand.com > 207-252-7748 > > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > http://mailman.powerdns.com/mailman/listinfo/pdns-users >
Does that mean that the recursor can only handle one LUA script?. Regards, -- Ciro Iriarte http://iriarte.it -- _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
