Return NXDOMAIN instead of NOERROR to dns-redirect-ip

Question

Return NXDOMAIN instead of NOERROR to dns-redirect-ip

mrak opened this issue 6 years ago · 2 comments

Is there a way to set responses for blacklisted domains to be an NXDOMAIN (Domain does not exist) response instead of a NOERROR response with an A record pointing to dns-redirect-ip?

If not, can a new feature be added to switch to this behavior instead?

Answer 1 · 2019-02-27T23:47:28.000Z

dnsmasq supports it, but I'd need more requests to justify the additional coding effort. You're welcome to make a PR in the meantime though.

Answer 2 · 2019-02-28T01:00:38.000Z

Just to follow-up for others wanting this:

It appears to work if you simply delete (empty the text field for the ConfigTree UI) the dns-redirect-ip option from the blacklist. This will tell dnsmasq to use an empty IP for redirects, which it will interpret as an NXDOMAIN answer.

If you load the ConfigTree UI again, it will auto-fill 0.0.0.0 but that won't reflect the configuration state unless you save again.

So, not fully accounted for in code, but possible.