wiki'd

by JoKeru

DNS Filtering

A simple DNS Proxy that returns NXDOMAIN if the master offers an IP from a specified blacklist.

[cc lang='bash']
\$ yum install python-twisted
\$ wget https://github.com/lamby/dns-filter/zipball/master
\$ unzip master
\$ cd lamby-dns-filter-9c5d40d
\$ vi dns-filter.conf
\$ ./run.sh &

\$ netstat -tulnp | grep 53
udp 0 0 0.0.0.0:53 0.0.0.0:* 5736/python

\$ tail -f /var/log/messages
2012-06-02 01:31:27+0300 [-] twistd 8.2.0 (/usr/bin/python 2.6.6) starting up.
2012-06-02 01:31:27+0300 [-] reactor class: twisted.internet.selectreactor.SelectReactor.
2012-06-02 01:31:27+0300 [-] starting on 53
2012-06-02 01:31:27+0300 [-] Starting protocol
[/cc]

dns-filter.conf
[cc land='bash']
[dns-filter]

# DNS server to get results from
master = 8.8.8.8

# Invalid 'A' record IP addresses. The program will return "no such
# domain" if one of these addresses is offered.
invalid =
10.20.30.41,
10.20.30.42
[/cc]

Comments