hns_doh_loadbalancer/dnsdist.conf

local dbr = dynBlockRulesGroup()
dbr:setQueryRate(30, 10, "Exceeded query rate", 60)
dbr:setRCodeRate(DNSRCode.NXDOMAIN, 20, 10, "Exceeded NXD rate", 60)
dbr:setRCodeRate(DNSRCode.SERVFAIL, 20, 10, "Exceeded ServFail rate", 60)
dbr:setQTypeRate(DNSQType.ANY, 5, 10, "Exceeded ANY rate", 60)
dbr:setResponseByteRate(10000, 10, "Exceeded resp BW rate", 60)

function maintenance()
  dbr:apply()
end
dbr:apply()

addAction(RegexRule(".*nonexistentdomain.*"), DropAction())

addAction(AndRule{MaxQPSIPRule(5), TCPRule(false)}, TCAction())

newServer({address="127.0.0.1:5353", name="HSD"})

addLocal('0.0.0.0:53', {reusePort=true})
addLocal('[::]:53', {reusePort=true})
addDOHLocal("127.0.0.1:8053", nil, nil, {"/", "/dns-query"}, { reusePort=true })
addTLSLocal('0.0.0.0', '/etc/letsencrypt/live/hnsdoh.com/fullchain.pem', '/etc/letsencrypt/live/hnsdoh.com/privkey.pem', { reusePort=true })
addTLSLocal('[::]', '/etc/letsencrypt/live/hnsdoh.com/fullchain.pem', '/etc/letsencrypt/live/hnsdoh.com/privkey.pem', { reusePort=true })

addACL('0.0.0.0/0')
addACL('[::]/0')

map = { newDOHResponseMapEntry("^/$", 307, "https://welcome.hnsdoh.com") }
dohFE = getDOHFrontend(0)
dohFE:setResponsesMap(map)

setKey("csl2icaGACsP3+M9tx55c8+dBxVCnlnqAHEC92P55eo=")
controlSocket('127.0.0.1:5199')
feat: Add HNS Canada to nodes 2024-07-20 12:59:34 +10:00			`local dbr = dynBlockRulesGroup()`
			`dbr:setQueryRate(30, 10, "Exceeded query rate", 60)`
			`dbr:setRCodeRate(DNSRCode.NXDOMAIN, 20, 10, "Exceeded NXD rate", 60)`
			`dbr:setRCodeRate(DNSRCode.SERVFAIL, 20, 10, "Exceeded ServFail rate", 60)`
			`dbr:setQTypeRate(DNSQType.ANY, 5, 10, "Exceeded ANY rate", 60)`
			`dbr:setResponseByteRate(10000, 10, "Exceeded resp BW rate", 60)`

			`function maintenance()`
			`dbr:apply()`
			`end`
			`dbr:apply()`

			`addAction(RegexRule(".nonexistentdomain."), DropAction())`

			`addAction(AndRule{MaxQPSIPRule(5), TCPRule(false)}, TCAction())`

feat: Update install instructions 2024-06-20 13:58:44 +10:00			`newServer({address="127.0.0.1:5353", name="HSD"})`
fix: Add paths to allow redirects 2024-01-08 01:27:32 +11:00
feat: Update install instructions 2024-06-20 13:58:44 +10:00			`addLocal('0.0.0.0:53', {reusePort=true})`
feat: Add ipv6 support 2024-10-10 14:58:52 +11:00			`addLocal('[::]:53', {reusePort=true})`
feat: Update install instructions 2024-06-20 13:58:44 +10:00			`addDOHLocal("127.0.0.1:8053", nil, nil, {"/", "/dns-query"}, { reusePort=true })`
			`addTLSLocal('0.0.0.0', '/etc/letsencrypt/live/hnsdoh.com/fullchain.pem', '/etc/letsencrypt/live/hnsdoh.com/privkey.pem', { reusePort=true })`
feat: Add ipv6 support 2024-10-10 14:58:52 +11:00			`addTLSLocal('[::]', '/etc/letsencrypt/live/hnsdoh.com/fullchain.pem', '/etc/letsencrypt/live/hnsdoh.com/privkey.pem', { reusePort=true })`
feat: Add dnsdist as backend 2023-12-22 17:41:51 +11:00
			`addACL('0.0.0.0/0')`
feat: Add ipv6 support 2024-10-10 14:58:52 +11:00			`addACL('[::]/0')`
feat: Add dnsdist as backend 2023-12-22 17:41:51 +11:00
fix: Add paths to allow redirects 2024-01-08 01:27:32 +11:00			`map = { newDOHResponseMapEntry("^/$", 307, "https://welcome.hnsdoh.com") }`
			`dohFE = getDOHFrontend(0)`
			`dohFE:setResponsesMap(map)`
feat: Add dnsdist as backend 2023-12-22 17:41:51 +11:00
			`setKey("csl2icaGACsP3+M9tx55c8+dBxVCnlnqAHEC92P55eo=")`
feat: Add ipv6 support 2024-10-10 14:58:52 +11:00			`controlSocket('127.0.0.1:5199')`