TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 3 Projects Releases Packages Wiki Activity Actions
coredns/plugin
History
rsclarke ead84e1fa8
plugin/acl: adding ability to drop queries (#5722) 
Both block and filter actions write responses to the client based upon
the source IP address of the UDP packet containing the query.  An
attacker spoofing the source IP address to that of their target, can
elicit a response to be sent to the victim host, known as DNS
Reflection.  If an attacker is able to elicit a large response from a
relatively small query, with a spoofed source IP address, they are able
to increase the amount of data sent to the victim, known as DNS
Amplification.  Scaling this from one to many queries allows an attacker
to perform an effective Denial of Service (DoS) attack against their
target.

Adding the drop action enables CoreDNS to ignore queries of a given
type or network range from being processed and a response written,
where an operator knows ahead of time, should not originate or be
destined to.

Signed-off-by: rsclarke <hey@rsclarke.dev>

Signed-off-by: rsclarke <hey@rsclarke.dev>
2022-11-01 10:16:55 +01:00
..
acl plugin/acl: adding ability to drop queries (#5722) 2022-11-01 10:16:55 +01:00
any docs: move Also See to See Also (#4245) 2020-10-28 10:56:35 -07:00
auto plugin/auto: fix ticker leak in golang (#5688) 2022-10-11 15:27:20 +02:00
autopath add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
azure add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
bind add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
bufsize Do not expand query UDP buffer size if already set to a smaller value (#5602) 2022-09-07 22:53:30 +09:00
cache plugin/cache: cache now uses source query DNSSEC option for upstream refresh (#5671) 2022-10-21 11:29:04 -04:00
cancel docs: move Also See to See Also (#4245) 2020-10-28 10:56:35 -07:00
chaos add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
clouddns add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
debug add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
deprecated For caddy v1 in our org (#4018) 2020-09-24 18:14:41 +02:00
dns64 add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
dnssec add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
dnstap auto go fmt 2022-09-12 10:30:25 +00:00
erratic docs: move Also See to See Also (#4245) 2020-10-28 10:56:35 -07:00
errors auto go fmt 2022-05-30 10:29:34 +00:00
etcd add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
file plugin/file: fix file leak (#5687) 2022-10-11 20:49:52 +02:00
forward plugin/forward: fix ticker leak in golang (#5689) 2022-10-11 15:28:24 +02:00
geoip add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
grpc add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
header plugin/header: Add support for query modification (#5548) (#5556) 2022-08-12 04:46:06 -07:00
health dont lameduck when reloading (#5472) 2022-07-06 13:52:18 -04:00
hosts plugin/hosts: fix ticker leak in golang (#5690) 2022-10-11 15:26:45 +02:00
import docs: move Also See to See Also (#4245) 2020-10-28 10:56:35 -07:00
k8s_external auto go fmt 2022-09-05 10:29:36 +00:00
kubernetes plugin/k8s_external: Fix rcode for headless services (#5657) 2022-10-20 16:30:12 -04:00
loadbalance add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
local add local plugin (#4262) 2020-11-05 15:02:07 +01:00
log add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
loop Update to avoid pseudo-random number (#5225) 2022-03-16 12:24:58 -04:00
metadata plugin/view: Advanced routing interface and new 'view' plugin (#5538) 2022-09-08 14:56:27 -04:00
metrics plugin/prometheuss : make plugin enabled metric view aware (#5618) 2022-09-14 14:45:45 -04:00
minimal plugin/minimal: fix import path (#4523) 2021-03-16 10:55:21 +01:00
nsid docs: move Also See to See Also (#4245) 2020-10-28 10:56:35 -07:00
pkg plugin/view: Advanced routing interface and new 'view' plugin (#5538) 2022-09-08 14:56:27 -04:00
pprof add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
ready plugin/ready: Reset list of readiness plugins on startup (#5492) 2022-07-18 09:50:15 -04:00
reload plugin/reload : stop scheduler on shutdown (#5686) 2022-10-11 07:05:00 -04:00
rewrite plugin/view: Advanced routing interface and new 'view' plugin (#5538) 2022-09-08 14:56:27 -04:00
root cleanup deprecated package io/ioutil (#4920) 2021-10-13 09:30:31 +02:00
route53 add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
secondary add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
sign Fix security scans by cleaning up file path (#5185) 2022-02-14 11:24:21 -05:00
template plugin/template : add support for extended DNS errors (#5659) 2022-10-03 11:04:56 -04:00
test add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
tls add positive tests to TestTLS function (#5330) 2022-04-25 07:36:50 -07:00
trace plugin/trace : make zipkin HTTP reporter more configurable using Corefile (#5460) 2022-07-08 07:20:19 -04:00
transfer add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
tsig plugin/tsig: Document unimplemented secondary tsig transfers (#5605) 2022-09-07 11:39:31 -04:00
view plugin/view : fix README (#5627) 2022-09-17 09:59:47 -04:00
whoami update all +build statements (#5271) 2022-03-18 07:11:14 -07:00
backend.go Cherry-pick: Implement notifies for transfer plugin (#3972) (#4142) 2020-09-24 20:30:39 +02:00
backend_lookup.go add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
done.go go report card fixes (#3182) 2019-08-24 18:14:25 +00:00
log_test.go Clean up tests logging (#1979) 2018-07-19 16:23:06 +01:00
normalize.go add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
normalize_test.go add golangci-lint linter (#5499) 2022-07-10 11:06:33 -07:00
plugin.go Reduce the cardinality of health endpoint metrics (#4650) 2021-05-27 15:16:38 +02:00
register.go For caddy v1 in our org (#4018) 2020-09-24 18:14:41 +02:00