Last active
November 17, 2019 16:04
-
-
Save tomekjarosik/fe1a342665bfe4b6141b842e63ac8e33 to your computer and use it in GitHub Desktop.
powerdns-filtering.lua
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Define new Domain Set | |
| blocked_domains=newDS() | |
| -- Load Domain Set from the file. Format of the file is: 'return {"a.com", "b.com", "a.fb.com"}' | |
| blocked_domains:add(dofile("/etc/powerdns/full_list_13-11-2019.lua")) | |
| -- define a preresolve() function which gets called by PowerDNS to determine what to do with a domain | |
| function preresolve(dq) | |
| -- If we see that a query name is not part of one of the blocked domains, | |
| -- or the query is not for an IP(v6) address, we return false and the normal resolution process continues. | |
| if(not blocked_domains:check(dq.qname) or (dq.qtype ~= pdns.A and dq.qtype ~= pdns.AAAA)) then | |
| return false | |
| end | |
| -- Otherwise if it is a domain to be blocked, | |
| -- we insert a SOA record that says "this domain name exists, but the type you queried for doesn’t". | |
| dq:addRecord(pdns.SOA, | |
| "fake."..dq.qname:toString().." fake."..dq.qname:toString().." 1 7200 900 1209600 86400", | |
| 2) | |
| return true | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment