* DNSAction.Nxdomain: return a response with a NXDomain rcode
* DNSAction.Pool: use the specified pool to forward this query
* DNSAction.Refused: return a response with a Refused rcode
- * DNSAction.Spoof: spoof the response using the supplied IPv4 (A), IPv6 (AAAA) or string (CNAME) value
+ * DNSAction.Spoof: spoof the response using the supplied string (CNAME) value or a comma-separated list of IPv4 (A) or IPv6 (AAAA)
* DNSAction.Truncate: return a response with TC=1
The same feature exists to hand off some responses for Lua inspection, using `addLuaResponseAction(x, func)`.
return 0;
}
-void spoofResponseFromString(DNSQuestion& dq, const string& spoofContent)
+static void spoofResponseFromString(DNSQuestion& dq, const string& spoofContent)
{
string result;
- try {
- ComboAddress spoofAddr(spoofContent);
- SpoofAction sa({spoofAddr});
- sa(&dq, &result);
- }
- catch(PDNSException &e) {
- SpoofAction sa(spoofContent); // CNAME then
+
+ std::vector<std::string> addrs;
+ stringtok(addrs, spoofContent, " ,");
+
+ if (addrs.size() == 1) {
+ try {
+ ComboAddress spoofAddr(spoofContent);
+ SpoofAction sa({spoofAddr});
+ sa(&dq, &result);
+ }
+ catch(const PDNSException &e) {
+ SpoofAction sa(spoofContent); // CNAME then
+ sa(&dq, &result);
+ }
+ } else {
+ std::vector<ComboAddress> cas;
+ for (const auto& addr : addrs) {
+ try {
+ cas.push_back(ComboAddress(addr));
+ }
+ catch (...) {
+ }
+ }
+ SpoofAction sa(cas);
sa(&dq, &result);
}
}
std::shared_ptr<DownstreamState> whashed(const NumberedServerVector& servers, const DNSQuestion* dq);
std::shared_ptr<DownstreamState> roundrobin(const NumberedServerVector& servers, const DNSQuestion* dq);
int getEDNSZ(const char* packet, unsigned int len);
-void spoofResponseFromString(DNSQuestion& dq, const string& spoofContent);
uint16_t getEDNSOptionCode(const char * packet, size_t len);
void dnsdistWebserverThread(int sock, const ComboAddress& local, const string& password, const string& apiKey, const boost::optional<std::map<std::string, std::string> >&);
bool getMsgLen32(int fd, uint32_t* len);
function spoof1rule(dq)
if(dq.qtype==1) -- A
then
- return DNSAction.Spoof, "192.0.2.1"
+ return DNSAction.Spoof, "192.0.2.1,192.0.2.2"
elseif(dq.qtype == 28) -- AAAA
then
return DNSAction.Spoof, "2001:DB8::1"
60,
dns.rdataclass.IN,
dns.rdatatype.A,
- '192.0.2.1')
+ '192.0.2.1', '192.0.2.2')
expectedResponse.answer.append(rrset)
(_, receivedResponse) = self.sendUDPQuery(query, response=None, useQueue=False)