dnsdist conf

How would I like dnsdist to be working, let’s try to make a table (workflow)

Client lookup Domain Destination Type/Action
BadDomain dnsdist 0.0.0.0:53 addAction(“adnexus.net”, RCodeAction(dnsdist.REFUSED))
Local.domain.tld (ex set other ip than the public should now about) pDns-auth 1-> many:5300 Normal query
Unknow domain Dns-recursor 1-> many:5301 Normal root server lookup

What my goal?

My goal is simply to be able to block for bad-domains (to keep privacy), have access to the free internet and later to be able to make a public dns server, that would show the Danish (later other countries) how the internet would look like if we reversed there non-democratic blocking 🙂

So why not just do some standard /etc/hosts or such… well How do you access that on your internet connected radio or other IOT’s? you simply can’t, so this is a way to keep these items to remain private.

Question

How to make this with lua/mysql.

Is there someone would would help me make this code, at a start for testing?

The code should contain both the *.sql and /etc/dnsdist/dnsdist.conf

 

Current code which doesn’t do step 3 is:

setLocal('0.0.0.0:53')

addAction("adnexus.net", RCodeAction(dnsdist.REFUSED))
addAction("amazonaws.com", RCodeAction(dnsdist.REFUSED))
addAction("tdc.dk", RCodeAction(dnsdist.REFUSED))
addAction({"ping.eu", "ping.com", "rarbg.me", "rarbg.to", "google-analytics.com", "apple-dns.net"}, RCodeAction(dnsdist.REFUSED))
addAction({"trackerfix.com"}, RCodeAction(dnsdist.REFUSED))
addAction({"a-0001.a-msedge.net", "a-0002.a-msedge.net", "a-0003.a-msedge.net", "a-0004.a-msedge.net", "a-0005.a-msedge.net", "a-0006.a-msedge.net", "a-0007.a-msedge.net", "a-0008.a-msedge.net", "a-0009.a-msedge.net", "a-msedge.net", "a.ads1.msn.com", "a.ads2.msads.net", "a.ads2.msn.com", "a.rad.msn.com", "ac3.msn.com", "ad.doubleclick.net", "adnexus.net", "adnxs.com", "ads.msn.com", "ads1.msads.net", "ads1.msn.com", "aidps.atdmt.com", "aka-cdn-ns.adtech.de", "apps.skype.com", "az361816.vo.msecnd.net", "az512334.vo.msecnd.net", "b.ads1.msn.com", "b.ads2.msads.net", "b.rad.msn.com", "bs.serving-sys.com", "c.atdmt.com", "c.msn.com", "ca.telemetry.microsoft.com", "cache.datamart.windows.com", "cdn.atdmt.com", "cds26.ams9.msecn.net", "choice.microsoft.com", "choice.microsoft.com.nstac.net", "compatexchange.cloudapp.net", "corp.sts.microsoft.com", "corpext.msitadfs.glbdns2.microsoft.com", "cs1.wpc.v0cdn.net", "db3aqu.atdmt.com", "df.telemetry.microsoft.com", "diagnostics.support.microsoft.com", "ec.atdmt.com", "fe2.update.microsoft.com.akadns.net", "feedback.microsoft-hohm.com", "feedback.search.microsoft.com", "feedback.windows.com", "flex.msn.com", "g.msn.com", "h1.msn.com", "i1.services.social.microsoft.com", "i1.services.social.microsoft.com.nsatc.net", "lb1.www.ms.akadns.net", "live.rads.msn.com", "m.adnxs.com", "m.hotmail.com", "msedge.net", "msftncsi.com", "msnbot-65-55-108-23.search.msn.com", "msntest.serving-sys.com", "oca.telemetry.microsoft.com", "oca.telemetry.microsoft.com.nsatc.net", "pre.footprintpredict.com", "preview.msn.com", "pricelist.skype.com", "rad.live.com", "rad.msn.com", "redir.metaservices.microsoft.com", "reports.wes.df.telemetry.microsoft.com", "s.gateway.messenger.live.com", "s0.2mdn.net", "schemas.microsoft.akadns.net", "secure.adnxs.com", "secure.flashtalking.com", "services.wes.df.telemetry.microsoft.com", "settings-sandbox.data.microsoft.com", "settings-win.data.microsoft.com", "sls.update.microsoft.com.akadns.net", "spynet2.microsoft.com", "spynetalt.microsoft.com", "sqm.df.telemetry.microsoft.com", "sqm.telemetry.microsoft.com", "sqm.telemetry.microsoft.com.nsatc.net", "static.2mdn.net", "statsfe1.ws.microsoft.com", "statsfe2.update.microsoft.com.akadns.net", "statsfe2.ws.microsoft.com", "survey.watson.microsoft.com", "telecommand.telemetry.microsoft.com", "telecommand.telemetry.microsoft.com.nsatc.net", "telemetry.appex.bing.net", "telemetry.microsoft.com", "telemetry.urs.microsoft.com", "view.atdmt.com", "vortex-bn2.metron.live.com.nsatc.net", "vortex-cy2.metron.live.com.nsatc.net", "vortex-sandbox.data.microsoft.com", "vortex-win.data.microsoft.com", "vortex.data.microsoft.com", "watson.live.com", "watson.microsoft.com", "watson.ppe.telemetry.microsoft.com", "watson.telemetry.microsoft.com", "watson.telemetry.microsoft.com.nsatc.net", "wes.df.telemetry.microsoft.com", "www.msftncsi.com"}, RCodeAction(dnsdist.REFUSED))

newServer({address="127.0.0.1:5300", pool="localdomain"})
addAction({'local.reck.dk', 'tld0.com', 'tld2.com', 'google.com'}, PoolAction("localdomain"))

webserver("0.0.0.0:8083", "password", "APIkey")

pc = newPacketCache(100, 86400, 0, 60, 60, false) getPool("localdomain"):setCache(pc)

newServer({address="192.168.1.3:5301", name="master", qps=1, pool="tld"})
newServer({address="192.168.1.42", name="42", qps=1, pool="tld"})
newServer({address="192.168.1.39", name="39", qps=1, pool="tld"})
setServerPolicy(firstAvailable)
addAction({"192.168.1.0/24", "127.0.0.0/8"}, PoolAction("tld"))
pc1 = newPacketCache(100, 86400, 0, 60, 60, false) getPool("tld"):setCache(pc1)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.