Use full qualified client name as group name #329
Comments
|
Hey, |
|
The usecase is basically this. Say a client has a dynamic dns name with noip. That name would be joebob.ddns.net which resolves to 192.111.111.xxx - So under clientGroupsBlock, I'd like to be able to use the joebob.ddns.net in place of the IP subnet or client hostname. That way, blocky could potentailly use the joebob.ddns.net to "authenticate" the requesting IP of 192.111.111.xxx to joebob.ddns.net and it's ruleset. If that makes sense. |
|
ok, got it. With simple DNS query (port 53), there is only the IP address available, therefore you can either map ip to client name manually (in your case not possible, because dynamic IPs) or use rDNS to transform the IP to the host name. I'm not sure if your ddns provider has such rDNS resolver for own names. If yes, it work out of the box. Another option would be to use DoT or DoH in blocky. In this case each client can pass own name with the request. There is currently no way to resolve the name in clientGroupBlocks and match the result with request IP. |
|
Right, that's kind of what I figured. Would this functionality be something you'd consider adding? |
|
Yes, I think, it would be a nice additional lookup strategy. The lookup should be performed periodically and the result (IP addresses) should be cached. |
0xERR0R
changed the title
I realize that blocky was made for a LAN environment but I'm testing with a few VPS's and using it with a handful of different locations that all have dynamic public IPs. These locations all have dynamic DNS names via noip.com. It looks like Blocky will do a rdns lookup, but that wouldn't help in my situation. I would it to actually do a regular 'ol lookup on a hostname like "xxxx.noip.com" and see if it matches the corresponding IP. Would this be something that could be added? Or maybe it already is and I'm just totally missing it.
Thanks! I'm really digging this project.
The text was updated successfully, but these errors were encountered: