[Unbound-users] Default Responses
Attila Nagy
bra at fsn.hu
Thu Sep 29 10:08:31 UTC 2011
Hi,
On 06/16/11 14:47, Brian Smith wrote:
>
> Can Unbound, out of the box, be configured to have a default response?
> IE respond to a query for doesnotexist.com (this would normally
> respond NXDomain) with some sort of answer?
>
Just for the archive (and if you don't give a shit about the debian
way), you can easily achieve this with a python helper module:
class unbound():
def init(self, id, cfg):
return True
def deinit(self, id):
return True
def inform_super(self, id, qstate, superqstate, qdata):
return True
def operate(self, id, event, qstate, qdata):
if (event == MODULE_EVENT_PASS) or (event == MODULE_EVENT_NEW):
qstate.ext_state[id] = MODULE_WAIT_MODULE
return True
if event == MODULE_EVENT_MODDONE:
if (qstate.return_msg and qstate.qinfo.qtype_str=='A'):
flags = qstate.return_msg.rep.flags & 0xf
if flags == RCODE_NXDOMAIN:
msg = DNSMessage(qstate.qinfo.qname_str, RR_TYPE_A,
RR_CLASS_IN, PKT_QR | PKT_RA | PKT_AA)
if (qstate.qinfo.qtype == RR_TYPE_A) or
(qstate.qinfo.qtype == RR_TYPE_ANY):
msg.answer.append("%s 10 IN A 127.0.0.1" %
qstate.qinfo.qname_str)
if not msg.set_return_msg(qstate):
qstate.ext_state[id] = MODULE_ERROR
return True
#we don't need validation, result is valid
qstate.return_msg.rep.security = 2
qstate.return_rcode = RCODE_NOERROR
qstate.ext_state[id] = MODULE_FINISHED
return True
qstate.ext_state[id] = MODULE_FINISHED
return True
dnsObj = unbound()
init = dnsObj.init
deinit = dnsObj.deinit
operate = dnsObj.operate
inform_super = dnsObj.inform_super
This will give back 127.0.0.1 for every NXDOMAIN answers for A RR type
queries with a 10 seconds TTL.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20110929/f9b2e165/attachment.htm>
More information about the Unbound-users
mailing list