[rbldnsd] Using rbldnsd to blacklist websites
Wayne Sherman
wsherman at gmail.com
Tue Jan 30 02:45:28 MSK 2007
>> So, (I know you don't like this) but how can I get rbldnsd to reply with
>> REFUSE for all domain names it does not have entries for instead of
>> NXDOMAIN?
>
> I think you can hack the code a bit for that, it's not difficult.
>
> In rbldnsd_packet.c:replypacket() (which you already tried to alter),
> call 'refuse(DNS_R_REFUSED)' macro if `found' is zero, right before
> the "now complete the reply: ..." comment, and probably a bit above
> it as well, right after "if (qi.qi_dnlab == 0)" test (so that it'll
> refuse queries to TLDs too).
I inserted the code starting at line 396. Please see attached...
It works for sending back REFUSED if no domain is found and sending
127.0.0.2 for BL domains.
I need a little help with the optional reply of NXDOMAIN. It is sending
NXDOMAIN along with an answer section which BIND just rejects as
malformed and does the lookup itself. How do I set the answer count to
0 and clear our the answer section of the reply packet?
Thanks,
Wayne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rbldnsd_packet.c.gz
Type: application/gzip
Size: 10385 bytes
Desc: not available
Url : http://www.corpit.ru/pipermail/rbldnsd/attachments/20070129/43d88bb1/rbldnsd_packet.c.bin
More information about the rbldnsd
mailing list