Logging DNS Requests
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’.
Short Description
(From Author Torijori_Yamamada this post in Technical Forum) I've needed an iRule to read query & query-type from dns packets and send them to remote syslog server. I found a couple of posts on devcentral but looks like they work if you have DNS / GTM license. So, i wrote one for my own needs.
Full Code Snippet
Published Sep 16, 2022
Version 1.0
JRahm
Admin
Admin
- Nikoolayy1
MVP
Nice article! I have planned to make an article using TCP::collect and TCP::payload for the same as to read DNS over TCP or SMTP (SMTP proxy as there is for some reason no F5 native SMTP event) and to use DNS headers in the conditions when you do not have DNS/GTM license and can't use the DNS_REQUEST event 🙂
Juergen_MangJust as note: I have implemented almost complete Query/Response parsing for DNS: https://community.f5.com/t5/codeshare/logging-of-dns-requests-and-responses-without-a-dns-license/ta-p/315445
