Using a DLZ as RPZ?
Colin Vidal
colin at isc.org
Tue Dec 2 06:52:49 UTC 2025
On Tue, 2025-12-02 at 00:11 +0100, Jesus Cea wrote:
> On 29/11/25 5:57, Ondřej Surý wrote:
> >
> > > On 29. 11. 2025, at 4:35, Jesus Cea <jcea at jcea.es> wrote:
> > >
> > > DLZ simply can not be used as RPZ
> >
> > This. But you can probably easily rewrite your DLZ into a plugin
> > that has access to similar places as RPZ.
>
> That was the first thing I tried, but there is zero documentation and
> only a code example (filter-aaaa.c). I have invested quite a few
> hours
Reading below I assume you found this out, but just in case, it's
sparse but an easy introduction:
https://bind9.readthedocs.io/en/latest/chapter4.html#developing-plugins
Also, see `lib/ns/include/ns/hooks.h` which contains a way more
detailed explanation of plugin internals.
> trying to do what I want to do. Being able to reply to a query with
> NXDOMAIN was quite easy, but I have invested quite a few hours trying
> to
> learn enough details about the bind internal arcane code to cope
> enough
> with rdata/rdatalist/rdataset bind intricate details to be able to
> put a
> "fake" SOA in the ADDITIONAL section of the NXDOMAIN reply for
> allowing
> negative caching. If somebody could help there...
I'd suggest having a look at `bin/plugins/synthrecord.c`, in particular
the function `synthrecord_response` (and its call-sites) which
synthesize a record. Not exactly what you want, but it's a good start
to grasp how to create/manipulate rdata/rdatalist/rdataset.
Colin
More information about the bind-users
mailing list