API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 14th, 2015
199
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.17 KB | None | 0 0
raw download clone embed print report
  1. ---
  2. --- Domain blacklist/override - LUA evaluation script
  3. ---
  4. --- v0.1 (20141025) - Ciro Iriarte <ciro.iriarte@gmail.com>
  5. --- - First release
  6. --- v0.2 (20141029) - Ciro Iriarte <ciro.iriarte@gmail.com>
  7. --- - Added verification for *.arpa requests, exit inmediatly
  8. --- - Added support for "domain ending in", with *.badboy.com
  9. --- - ToDo: cleanup duplicated code?
  10. --- v0.3 (20141215) - Ciro Iriarte <ciro.iriarte@gmail.com>
  11. --- - Fixed a bug with character evaluation that allowed an infinite loop
  12. --- v0.4 (20141217) - Ciro Iriarte <ciro.iriarte@gmail.com>
  13. --- - Limit loop to 127 iterations (max allowed levels on a domain), protects us from infinite loop scenarios
  14. --- - Open CDB file just once. This will require a script reload on update.
  15. --- - Normalize queries to lowercase
  16.  
  17. function endswith(s, send)
  18. return #s >= #send and s:find(send, #s-#send+1, true) and true or false
  19. end
  20.  
  21. function preresolve ( remoteip, domain, qtype )
  22.  
  23. domain = string.lower( domain )
  24. orig_domain = domain
  25.  
  26. if endswith (domain,".arpa.") then
  27. return -1, {}
  28. end
  29.  
  30. resp=db:get(domain)
  31.  
  32. if resp == nil then
  33. guard = 128
  34. while domain ~= "" and guard > 0
  35. do
  36. guard = guard-1
  37. domain = domain:gsub("[^%.]*%.(.*)", "%1")
  38. ---print ("Looking for = *." .. domain)
  39. resp=db:get("*." .. domain)
  40. if resp ~= nil then
  41. ---print ("++> Got match")
  42.  
  43. rtype, rvalue = resp:match("([^,]+),([^,]+)")
  44. ---print("Tipo: " .. rtype .. "| Valor: " .. rvalue)
  45.  
  46. ret={
  47. {qtype=rtype, ttl=1, place="1", content=rvalue},
  48. }
  49.  
  50. if tonumber(rtype) == pdns.CNAME then
  51. return "followCNAMERecords", 0, ret
  52. else
  53. return 0, ret
  54. end
  55. else
  56. ---print ("--> didn't get match")
  57. end
  58. end
  59.  
  60. if guard == 0 then
  61. pdnslog("Got stuck at '" .. domain .. "' when called with '" .. orig_domain .. "'", pdns.loglevels.Warning)
  62. ---print("Got stuck at '" .. domain .. "' when called with '" .. orig_domain .. "'")
  63. end
  64.  
  65. return -1, {}
  66. else
  67.  
  68. rtype, rvalue = resp:match("([^,]+),([^,]+)")
  69. ---print("Tipo: " .. rtype .. "| Valor: " .. rvalue)
  70. ret={
  71. {qtype=rtype, ttl=1, place="1", content=rvalue},
  72. }
  73.  
  74. if tonumber(rtype) == pdns.CNAME then
  75. return "followCNAMERecords", 0, ret
  76. else
  77. return 0, ret
  78. end
  79. end
  80.  
  81. end
  82.  
  83. cdb = require("cdb")
  84. db = assert(cdb.open("/etc/powerdns/blacklist.cdb"))
  85. --preresolve ( "10.1.1.1","pelota.twi-tter.com","TXT")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!