[dns-operations] xt_dns (forked) - filtering ANY (and other) queries
Peter van Dijk
peter.van.dijk at netherlabs.nl
Fri Aug 3 11:43:10 UTC 2012
Hello,
On Aug 3, 2012, at 9:45 , Simon Munton wrote:
> You can also do it with the standard module "u32", including EDNS0, its just more fun :)
As far as I have seen, using u32 to match on anything in UDP payload basically limits you
to IPv4, because of the way IPv6 chains headers (of course, you can assume this does not
usually happen).
Also, matching a QTYPE when you don't know the QNAME beforehand is tricky (but doable
within limits).
Kind regards,
--
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
More information about the dns-operations
mailing list