Forum Discussion
JWhitesPro_1928
Jun 21, 2016Cirrostratus
DNS Whitelist Responses
Does anyone know if an iRule already exists that accomplishes the following:
DNS Request comes in from client
If the request matches an entry in a datagroup table the request is allowed to proce...
- Jun 21, 2016
when DNS_REQUEST { if { [class match [string tolower [DNS::question name]] equals "dg-allowed-dns-queries"] } { reject } }
VernonWells
Jun 21, 2016Employee
when CLIENT_ACCEPTED {
if { [class match [IP::client_addr] equals "dg-allowed-clients"] } {
reject
}
}
applied to any DNS listeners. It must be a rule created in the ltm space. This can be done even if LTM is not provisioned.
- JWhitesPro_1928Jun 21, 2016CirrostratusThank you. I think I made my question unclear. What I am really trying to do is look up the actual requested DNS record in the table, if it exists as a record I want to allow a response for then we will allow the request to process, otherwise we just drop the request.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects