[Dnsmasq-discuss] shortcuts for REFUSED / RCODE
Ercolino de Spiacico
bellocarico at hotmail.com
Wed Mar 20 09:09:23 UTC 2024
Following the man page I can see that we have short syntax to define a
locally a domain binding using address (or local as we use) directive
and return accordingly:
local=/example.com/# = 0.0.0.0 (NULL)
local=/example.com/ = NXDOMAIN
In the context of adblocking I am told certain browsers/systems react
much better when the DNS server returns FORBIDDEN (I guess they mean
REFUSED which is return code 5
https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-6)
as this instructs the query generator (app) to stops hammering again for
such domain.
It seems like this behavior can be achieved in dnsmasq via the syntax
local=/example.com/127.0.0.1
Great. Since we run this on routers (Tomato) the dsnamsq configuration
file size matters.
Bottom line: Could we have a shortcut char for REFUSED as well e.g.
local/example.com/%
As an alternative request... is it a good idea to re-thing the shortcut
approach and simply allow the rfc's RCODE after the latest slash to
return the correspondent RCODE name? e.g.
local/example.com/2 // ServFail
local/example.com/9 // notAuth
etc?
Thanks
More information about the Dnsmasq-discuss
mailing list