Options

Drop certain DNS queries (ANY and RD)

mischamischa Member
in aFleX
When you don't want to allow certain DNS queries to be send to the DNS server.

when RULE_INIT { set ::DEBUG 0 } when DNS_REQUEST { if { $::DEBUG == 1 } { log "Question: name: [DNS::question name] - type: [DNS::question type] - Query ID: [DNS::header id] - RD: [DNS::header rd]" } if { [DNS::question type] eq "ANY" } { if { $::DEBUG == 1 } { log "Drop ANY query from [IP::client_addr]" } drop } elseif { [DNS::header rd] } { drop if { $::DEBUG == 1 } { log "Drop RD query from [IP::client_addr]" } } }

Comments

Sign In or Register to comment.