From: bert hubert <bert.hubert@netherlabs.nl>
Date: Sun, 5 Jun 2016 08:30:05 +0000 (+0200)
Subject: netflix messing with your IPv6? This script has you covered.
X-Git-Tag: rec-4.0.0-rc1~18
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0b5e21d599dec446986c1536ba0063c1a5c592a8;p=pdns

netflix messing with your IPv6? This script has you covered.
---

diff --git a/pdns/recursordist/examples/strip-ipv6-from-domains.lua b/pdns/recursordist/examples/strip-ipv6-from-domains.lua
new file mode 100644
index 000000000..f49f15ff4
--- /dev/null
+++ b/pdns/recursordist/examples/strip-ipv6-from-domains.lua
@@ -0,0 +1,39 @@
+--[[ 
+	Sometimes, domains break when IPv6 is used. A common example is
+	Netflix via an IPv6 tunnel, which Netflix interprets as a proxying 
+	attempt.
+	
+	This function strips IPv6 from one or more subdomains. It can be called
+	with a single domain, like "netflix.com", or with a domain set, which
+	is more efficient and scales very well.
+	
+	This file is meant for including, so you can call it from your preresolve.
+	Alternatively, uncomment the activation code below and you can load it
+	directly into your resolver with 'lua-dns-script=strip-ipv6-from-domains.lua'.
+]]--
+
+function preventIPv6ForDomains(dq, domain)
+	local ds=newDS()
+	if(type(domain) == "string") then
+		ds:add{domain}
+	else
+		ds=domain
+	end
+	if(dq.qtype ~= pdns.AAAA) then return false end
+	if(ds:check(dq.qname)) then
+		dq.rcode = 0
+		return true
+	end
+	return false
+end
+
+-- To activate, uncomment the block below:
+
+--[[
+netflix=newDS()
+netflix:add{"netflix.com"}
+
+function preresolve(dq)
+	return preventIPv6ForDomains(dq, "netflix.com")
+end
+]]--
\ No newline at end of file