diff options
Diffstat (limited to 'plugin/acl/acl.go')
| -rw-r--r-- | plugin/acl/acl.go | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/plugin/acl/acl.go b/plugin/acl/acl.go index ce7b041cb..e684dc42c 100644 --- a/plugin/acl/acl.go +++ b/plugin/acl/acl.go @@ -45,6 +45,8 @@ const ( actionAllow // actionBlock blocks unauthorized queries towards protected DNS zones. actionBlock + // actionFilter returns empty sets for queries towards protected DNS zones. + actionFilter ) // ServeDNS implements the plugin.Handler interface. @@ -73,7 +75,16 @@ RulesCheckLoop: { break RulesCheckLoop } + case actionFilter: + { + m := new(dns.Msg) + m.SetRcode(r, dns.RcodeSuccess) + w.WriteMsg(m) + RequestFilterCount.WithLabelValues(metrics.WithServer(ctx), zone).Inc() + return dns.RcodeSuccess, nil + } } + } RequestAllowCount.WithLabelValues(metrics.WithServer(ctx)).Inc() |