[Dnsmasq-discuss] Filtering non-latin1 or non-ASCIII dns requests?
Petr Menšík
pemensik at redhat.com
Thu May 11 15:56:12 UTC 2023
I think there might be a way to reject all IDN names, which start with
xn-- prefix. Which is present in all ascii forms of incoming names,
which contain non-ascii characters, encoded in IDN 2008. That might
help. I am not sure there is existing option to block any name
containing such label.
On 5/11/23 04:12, B at us wrote:
>
> I realize this breaks many standards. But the reality for most small
> installations is we have no real business visiting sites with
> non-ASCII domain names. I’m thinking of protecting against the Greek
> “α” which looks a lot like the letter “a”.
>
> Is there an easy way to translate domains that don’t match
> \.[A-Za-z0-9]\. to 127.0.0.1?
>
> Thanks!
>
>
--
Petr Menšík
Software Engineer, RHEL
Red Hat,https://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20230511/33477c97/attachment.htm>
More information about the Dnsmasq-discuss
mailing list