Forum Discussion

Wasfi_182818's avatar
Wasfi_182818
Icon for Nimbostratus rankNimbostratus
Sep 22, 2016

Insert response data based on request Data.

Hi;

 

Can a response HTTP header be inserted based on the source IP Address of the HTTP request? Similarly, can a DNS A query response coming from a load balanced DNS be modified based on the source IP Address of the original DNS query?

 

Kindly Wasfi

 

2 Replies

  • Hi Wasfi,

    both tasks are possible.

    The HTTP stuff is fairly easy to implement with an iRule.

    And if you own a license for

    [DNS::*]
    related iRule commands, the DNS stuff will be also fairly easy to implement. If not, then you have to parse the DNS request packetwise and rewrite them as needed. This could be a real challange if you don't have much iRule and DNS experience... 😉

    Cheers, Kai

  • Hi Wasfi,

    depending on the availability of a DNS Service license the required iRule will like this...

    when DNS_RESPONSE {
        set orig_subnet "213.73.89.0"
        set new_subnet "1.2.3.0"
        foreach answer [DNS::answer] {
            if { ( [DNS::type $answer] eq "A" ) and 
                 ( [IP::addr [DNS::rdata $answer]/24 equals $static::orig_subnet] ) } then {
                DNS::rdata $answer "[string range $new_subnet 0 [string last "." $new_subnet]][getfield [DNS::rdata $answer] "." 4]"
            }
        }
    }
    

    But if you don't own a DNS Service license, then it would be required to parse the raw DNS response payloads byte for byte and sometimes even bit for bit.

    Well, parsing DNS Answers packet wise using iRules is not impossible, but it would definitely require some pretty good coding skills and also quite some time to do it right. To give you an idea what is needed to manually parse a DNS answers and translate certain A records...

     - DNS Header (12 bytes)
       - DNS Request ID (2 bytes)                                                                          (Can be skipped)
       - DNS Flags (2 bytes)                                                                               (Can be skipped)
       - DNS Query Count (2 bytes)                                                                         (Must be evaluated)
       - DNS Answer Count (2 bytes)                                                                        (Must be evaluated)
       - DNS Authority Count (2 bytes)                                                                     (Can be skipped)                
       - DNS Additional Count (2 bytes)                                                                    (Can be skipped)
     - DNS Payload (Variable Length)
       - DNS Query 1 (Query Name Length + 4 bytes) 
         - Query Name Value (Variable Length terminated via 0x00)                                          (Must be evaluated)
         - Query Type (2 bytes)                                                                            (Can be skipped)
         - Query Class (2 bytes)                                                                           (Can be skipped)
       - DNS Query n (Query Name Length + 4 bytes) 
         - Query Name (Variable Length terminated via 0x00 or via High-bit DNS Compression Pointers)       (Must be evaluated)
         - Query Type (2 bytes)                                                                            (Can be skipped)
         - Query Class (2 bytes)                                                                           (Can be skipped)
       - DNS Answer 1 (Query Name Length + 10 bytes + Answer Value)
         - Query Name (Variable Length terminated via 0x00 or via High-bit DNS Compression Pointers)       (Must be evaluated)
         - Answer Type (2 bytes)                                                                           (Must be checked for A record)
         - Answer Class (2 bytes)                                                                          (Can be skipped)
         - Answer TTL (4 bytes)                                                                            (Can be skipped)
         - Answer Value Lenght (2 bytes)                                                                   (Must be evaluated)
         - Answer Value (Variable Length)                                                                  (Any A record must be parsed)
       - DNS Answer n (Query Name Length + 10 bytes + Answer Value)
         - Query Name (Variable Length terminated via 0x00 or via High-bit DNS Compression Pointers)       (Must be evaluated)
         - Answer Type (2 bytes)                                                                           (Must be checked for A record)
         - Answer Class (2 bytes)                                                                          (Can be skipped)
         - Answer TTL (4 bytes)                                                                            (Can be skipped)
         - Answer Value Lenght (2 bytes)                                                                   (Must be evaluated)
         - Answer Value (4 bytes) (could be adjusted)                                                      (Any A record must be parsed)
       - DNS Authority n1 (Variable Length)                                                                (Can be skipped)
       - DNS Authority n2 (Variable Length)                                                                (Can be skipped)
       - DNS Additional n1 (Variable Length)                                                               (Can be skipped)
       - DNS Additional n2 (Variable Length)                                                               (Can be skipped)
    

    Note: Scroll the Window to the right to see the required actions...

    Cheers, Kai