https://dnsdist.org/rules-actions.html#addLuaAction which links to https://dnsdist.org/reference/constants.html#dnsaction suggests that the Lua function should return a single value, being one of the DNSAction constants. However, this fails with LuaAction failed inside lua, returning ServFail: Trying to cast a lua variable from "number" to "NSt3__15tupleIJiNS_12basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEEEEE" because dnsdist expects that constant plus a string. The dnsdistconf.lua example script in the repo does show this.
dnsdist.conf: (compare to the version in #6348 which does work as far as this ticket is concerned)
function luarule(dq) if (dq.qtype==dnsdist.NAPTR) then return DNSAction.Nxdomain else return DNSAction.Allow end end
[sudo] ./dnsdist -C dnsdist.conf
send any query to dnsdist
A spoofed NXDOMAIN for NAPTR queries, normal processing otherwise.
dnsdist reports LuaAction failed inside lua, returning ServFail: Trying to cast a lua variable from "number" to "NSt3__15tupleIJiNS_12basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEEEEE" and the client receives a SERVFAIL.
Proposed fixes (why not both):
Improve the documentation in this area.
Make the second return value optional for cases where it does not make sense (I think Nxdomain would qualify for that).
The text was updated successfully, but these errors were encountered: