DNS::question

Description¶

This iRules command gets (v11.0+) or sets (v11.1+) the question field value.

Note: This command requires the DNS Profile, which is only enabled as part of GTM or the DNS Services add-on.

Syntax¶

DNS::question <name|type|class> [value]

DNS::question <name|type|class> [value]¶

gets (v11.0+) or sets (v11.1+) the question field value. Note: A question RR has no rdata and only requests with qdcount == 1 are accepted. The return types for name, type, and class are all strings. Type returns/accepts any of the valid DNS types defined in the RFCs. The class returns/accepts IN, CH, & HS.

Examples¶

when DNS_REQUEST {
    log local0. "my question name: [DNS::question name]"
}

The follow rule violates the DNS protocol in isolation since a client won’t understand the response (i.e., we changed the question name) but let’s assume there’s intercept code in DNS_RESPONSE to handle it and restore it to the original question name

when DNS_REQUEST {
        set my_rr [DNS::rr "example.net A IN 10 1.2.3.4"]
        DNS::question name $my_rr
}

Related Information¶

Valid Events:

DNS_REQUEST, DNS_RESPONSE, GLOBAL_GTM

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.

Sample Code:

This short rule will return NOTIMPL or optionally drop requests with a TKEY question type that can be used to exploit BIND vulnerability CVE-2015-5477.

when DNS_REQUEST {
if {[DNS::question type] equals "TKEY" }{
   #optionally log TKEY request:
   #log local0. "query [DNS::question name] type  [DNS::question type] dropped "
   #drop <<optionally just drop the connection
   DNS::header rcode NOTIMPL
   DNS::return
   }
}

Introduced: LTM-11.0.0

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.

DNS::question¶

Description¶

Syntax¶

DNS::question <name|type|class> [value]¶

Examples¶

Related Information¶

DNS::question ¶