aboutsummaryrefslogtreecommitdiff
path: root/plugin/acl/acl.go
diff options
context:
space:
mode:
Diffstat (limited to 'plugin/acl/acl.go')
-rw-r--r--plugin/acl/acl.go14
1 files changed, 10 insertions, 4 deletions
diff --git a/plugin/acl/acl.go b/plugin/acl/acl.go
index 95a5c65eb..017a8ac6b 100644
--- a/plugin/acl/acl.go
+++ b/plugin/acl/acl.go
@@ -69,8 +69,11 @@ RulesCheckLoop:
switch action {
case actionBlock:
{
- m := new(dns.Msg)
- m.SetRcode(r, dns.RcodeRefused)
+ m := new(dns.Msg).
+ SetRcode(r, dns.RcodeRefused).
+ SetEdns0(4096, true)
+ ede := dns.EDNS0_EDE{InfoCode: dns.ExtendedErrorCodeBlocked}
+ m.IsEdns0().Option = append(m.IsEdns0().Option, &ede)
w.WriteMsg(m)
RequestBlockCount.WithLabelValues(metrics.WithServer(ctx), zone).Inc()
return dns.RcodeSuccess, nil
@@ -81,8 +84,11 @@ RulesCheckLoop:
}
case actionFilter:
{
- m := new(dns.Msg)
- m.SetRcode(r, dns.RcodeSuccess)
+ m := new(dns.Msg).
+ SetRcode(r, dns.RcodeSuccess).
+ SetEdns0(4096, true)
+ ede := dns.EDNS0_EDE{InfoCode: dns.ExtendedErrorCodeFiltered}
+ m.IsEdns0().Option = append(m.IsEdns0().Option, &ede)
w.WriteMsg(m)
RequestFilterCount.WithLabelValues(metrics.WithServer(ctx), zone).Inc()
return dns.RcodeSuccess, nil
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-27 07:39:45 +0000