TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

plugin/acl: add the ability to filter records (#4389)

Browse source 
Currently ACLs only allow for allow and block, however it isn't
always desirable to set the status code to REFUSED. Often times
you want to completely hide the fact that those records even exist.

Adding the ability to acl to filter results makes it significantly
harder for a third party to know that the records are being masked.

Signed-off-by: George Shammas <george@shamm.as>
This commit is contained in:
George Shammas 2021-02-01 09:52:23 -05:00 committed by GitHub
parent d289b4ea26
commit 117a389e40
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 75 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

14
plugin/acl/setup_test.go
View file

@ -42,6 +42,13 @@ func TestSetup(t *testing.T) {
}`,
false,
},
{
"Filter 1",
`acl {
filter type A net 192.168.0.0/16
}`,
false,
},
{
"Whitelist 1",
`acl {
@ -153,6 +160,13 @@ func TestSetup(t *testing.T) {
}`,
false,
},
{
"Filter 1 IPv6",
`acl {
filter type A net 2001:0db8:85a3:0000:0000:8a2e:0370:7334
}`,
false,
},
{
"Whitelist 1 IPv6",
`acl {