Forum Discussion
DNS(UDP) hostname filter
Hi
bigip load balance caching DNS servers in ISP.
I made an irule which block DNS query packets which has pre-defined URL list.
(eg. bigip block DNS query which ask IP address of "www.naver.com")
but it didn't work.
please advice.
my irule is below.
=================
when CLIENT_DATA {
if { matchclass [UDP::payload] contains $::dnslist } {
log local0. "bad URL!"
drop
} else {
pool dns_pool
}
}
class dnslist {
"www.naver.com"
"www.yahoo.co.kr"
}
=========================
3 Replies
krelm_52303Nimbostratus
I have a similar requirement - need to do DNS proxying on an LTM. I want to list internal domains (around 20 of them) in a class and send to internal DNS pool. All other requests to ISP DNS pool.
Running 9.4.6 - would something like this work now?
when DNS_REQUEST {
if { ([DNS::rrtype] eq "A") and (matchclass [DNS::rrname] eq $::dnsinternal)
pool internal_dns
} else {
pool ISP_dns
}
}
class dnsinternal {
"www.internal.com"
"internal.com"
"internal.net"
}- krelm_52303Oooops, didn't read the wiki properly. The DNS_Request event is only available on a GTM, not LTM.
So, back to the drawing board. Any ideas gladly received. - JRahm
Admin
These two posts may help you get started:
https://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=6760&view=topic Click here
https://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=5557&view=topic Click here
