Hi,
I am running dnsdist 1.4.0-rc1 and I am seeing something odd. As a test I
have the following rule configured.
addAction(MaxQPSIPRule(2, 32, 48), DelayAction(500))
and I run 100 queries at 10 per second and my statistics from my client are
as follows:
Statistics for data/input/input1: min =
Hi,
I'd like to know where I should submit a feature request and what that
process might be?
Thanks,
brian
--
Brian M. Sullivan
Senior Staff Security Intelligence Engineer
bsulli...@lookout.com | www.lookout.com
___
dnsdist mailing list
with a higher qps value and add a DropAction to protect the
recursor.
Thanks for your quick response,
Regards,
brian
On Fri, Aug 16, 2019 at 8:49 AM Remi Gacogne
wrote:
> Hi Brian,
>
> On 8/15/19 3:35 PM, Brian Sullivan wrote:
> > Enclosed is the pcap file
> >
> >
Remi Gacogne
wrote:
> Hi Brian,
>
> On 8/13/19 4:49 PM, Brian Sullivan wrote:
> > I'd like to know where I should submit a feature request and what that
> > process might be?
>
> The usual process is to open a new feature request on our Github
> repository [1], f
Hi All,
I have read through the documentation and maybe I missed this. Is there a
way to signal additional information from dnsdist to pdns recursor? For
example, I'd like when a rate limiter triggers to tag the query somehow so
that in the recursor I could do some special processing. Open to any
Hi All,
I am trying to use the truncate function associated with the CombAddress
object.
Here is the config:
*-- Any traffic that exceeds max qps will be loggedfunction
rateLimitRule(dq) dq.remoteaddr:truncate(24) errlog("Rate Limit Exceeded:
DNSDistRateLimiting
Hi,
When I use a dynamic rule block and it gets triggered I see a log message
as follows:
*dnsdist[15542]: Inserting dynamic block for 10.51.76.142 for 10 seconds:
Exceeded Query Rate*
Is there a way to truncate the IP Address? It is considered PII and we are
required to not log any PII.
ction.None, ""end*
Regards,
brian
On Wed, Aug 28, 2019 at 11:35 AM Brian Sullivan
wrote:
> Hi All,
>
> I am trying to use the truncate function associated with the CombAddress
> object.
>
> Here is the config:
>
>
>
>
>
>
> *-- Any traffic tha
Hi All,
Works great! Thanks for putting this in 1.4!
There is one minor issue ... the documentation is incorrect.
minTLSVersion: str - Minimum version of the TLS protocol to support.
Possible values are ‘tls-1.0’, ‘tls-1.1’, ‘tls-1.2’ and ‘tls-1.3’.
The strings should not have the dash in
Hi All,
I have a question from our compliance team, is dnsdist FIPS 140-2 compliant?
thanks,
brian
--
Brian M. Sullivan
Senior Staff Security Intelligence Engineer
bsulli...@lookout.com | www.lookout.com
___
dnsdist mailing list
may not get to this before Friday my time.
Thanks,
brian
On Wed, Jul 31, 2019 at 3:36 PM Remi Gacogne
wrote:
> Hi Brian,
>
> On 7/31/19 6:57 PM, Brian Sullivan wrote:
> > I am using dnsdist 1.4.0-beta1 and am trying to detect queries that are
> > using a local/experimental op
Hi,
I am using dnsdist 1.4.0-beta1 and am trying to detect queries that are
using a local/experimental optcode. For example, I have the following in
the dnsdist.conf file.
addAction(EDNSOptionRule(65002), DropAction())
and I see the rule in the webserver.
[image: Screen Shot 2019-07-31 at
Hi,
I am trying to configure the snmpAgent in dnsdist and get the following log
message.
NET SNMP support is required to use snmpAgent()
I am running dnsdist 1.4.0-rc5. I assume that NET SNMP support is not
provided in this release. What do I need to do to get NET SNMP support?
Thanks,
brian
500,
> Brian Sullivan wrote
> a message of 83 lines which said:
>
> > I am using version 1.4.0 of dnsdist.
>
> Me too, and I didn't enable anything special.
>
> "latency-avg100": 108417.14787735096,
> "latency-avg1000": 120915.884223
Hi,
I am playing with DoH and tried an experiment.
I ran the command
curl -H 'accept: application/dns-message' -v '
https://cloudflare-dns.com/dns-query?dns=q80BAAABA3d3dwdleGFtcGxlA2NvbQAAAQAB'
| hexdump
and got a valid response. I then pointed it to my dnsdist instance and see
this in
Please disregard my previous email ... I figured it out.
On Fri, Mar 6, 2020 at 9:43 AM Brian Sullivan
wrote:
> Hi,
>
> I am playing with DoH and tried an experiment.
> I ran the command
>
> curl -H 'accept: application/dns-message' -v '
> https://cloudflare-
16 matches
Mail list logo
