I need a dns proxy
, and Acrylic DNS Proxy works but only lacks one thing: blacklisting certain IP from DNS answers.
Luckily Acrylic DNS Proxy
is open source
software written in Delph 7, and I need DC community to help adding this little function.
In AcrylicConfiguration.ini I hope there's a new section
So whenever PrimaryServerAddress answers 192.168.1.1, Acrylic will continue lookup on SecondaryServerAddress, if it still answers 192.168.1.* or 192.168.2.2, then to TertiaryServerAddress until a correct answer is retrieved.
If all answers were in the blacklist, I hope Acrylic could yield SERVERFAIL if there's no Default IP.
And Acrylic can log this fail.
I know under one circumstance things might get somehow complicated, when DNS returns multiple records and one of them unfortunately were included in the blacklist, I hope that IP could be eliminated in the protocol level and cache only the rest of correct answers. If this is hard to implement, simply return SERVERFAIL.
I hope this won't take you guys too much time, and any help or suggestions is appreciated.
Thank you guys!