Forum Discussion

JWhitesPro_1928

Cirrostratus

Jun 21, 2016

Solved

DNS Whitelist Responses

Does anyone know if an iRule already exists that accomplishes the following: DNS Request comes in from client If the request matches an entry in a datagroup table the request is allowed to proce...

Jun 21, 2016

when DNS_REQUEST {
    if { [class match [string tolower [DNS::question name]] equals "dg-allowed-dns-queries"] } {
        reject
    }
}

VernonWells

Employee

when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals "dg-allowed-clients"] } {
        reject
    }
}

applied to any DNS listeners. It must be a rule created in the ltm space. This can be done even if LTM is not provisioned.

JWhitesPro_1928

Cirrostratus

Jun 21, 2016

Thank you. I think I made my question unclear. What I am really trying to do is look up the actual requested DNS record in the table, if it exists as a record I want to allow a response for then we will allow the request to process, otherwise we just drop the request.

Forum Discussion

DNS Whitelist Responses

Recent Discussions

F5 WAF risk assessment process

APM parse HTTP Connector json to message box, iRule etc.

OS resource consume between 1 slot with 4 cpu core and 2 slot 2 cpu core

BETAFORT RECOVERY A PROFESSIONAL DIGITAL ASSETS RECOVERY

Curl usage

Related Content

Logging of DNS Requests and Responses without a DNS license

Introduction of Incident Response

DDoS IPI List - Whitelist DNS Servers

The Power of &: F5 Hybrid DNS solution

Using F5 Distributed Cloud DNS Load Balancer health checks and DNS observability