github.com/mholt/caddy-l4@v0.0.0-20241104153248-ec8fae209322/integration/caddyfile_adapt/gd_matcher_dns.caddytest (about) 1 { 2 layer4 { 3 tcp/:8053 { 4 @a dns { 5 allow_regexp ^(|[-0-9a-z]+\\.)example\\.com\\.$ 6 } 7 route @a { 8 proxy tcp/one.one.one.one:53 9 } 10 @b tls 11 route @b { 12 tls 13 subroute { 14 @c dns { 15 allow example.com. NS 16 deny * * IN 17 default_deny 18 prefer_allow 19 } 20 route @c { 21 proxy tcp/one.one.one.one:53 22 } 23 @d http 24 route @d { 25 proxy localhost:80 26 } 27 } 28 } 29 } 30 udp/:53 { 31 @d dns { 32 deny_regexp * ^(MX|NS)$ 33 } 34 route @d { 35 proxy udp/one.one.one.one:53 36 } 37 } 38 } 39 } 40 ---------- 41 { 42 "apps": { 43 "layer4": { 44 "servers": { 45 "srv0": { 46 "listen": [ 47 "tcp/:8053" 48 ], 49 "routes": [ 50 { 51 "match": [ 52 { 53 "dns": { 54 "allow": [ 55 { 56 "name_regexp": "^(|[-0-9a-z]+\\\\.)example\\\\.com\\\\.$" 57 } 58 ] 59 } 60 } 61 ], 62 "handle": [ 63 { 64 "handler": "proxy", 65 "upstreams": [ 66 { 67 "dial": [ 68 "tcp/one.one.one.one:53" 69 ] 70 } 71 ] 72 } 73 ] 74 }, 75 { 76 "match": [ 77 { 78 "tls": {} 79 } 80 ], 81 "handle": [ 82 { 83 "handler": "tls" 84 }, 85 { 86 "handler": "subroute", 87 "routes": [ 88 { 89 "handle": [ 90 { 91 "handler": "proxy", 92 "upstreams": [ 93 { 94 "dial": [ 95 "tcp/one.one.one.one:53" 96 ] 97 } 98 ] 99 } 100 ], 101 "match": [ 102 { 103 "dns": { 104 "allow": [ 105 { 106 "name": "example.com.", 107 "type": "NS" 108 } 109 ], 110 "default_deny": true, 111 "deny": [ 112 { 113 "class": "IN" 114 } 115 ], 116 "prefer_allow": true 117 } 118 } 119 ] 120 }, 121 { 122 "handle": [ 123 { 124 "handler": "proxy", 125 "upstreams": [ 126 { 127 "dial": [ 128 "localhost:80" 129 ] 130 } 131 ] 132 } 133 ], 134 "match": [ 135 { 136 "http": [ 137 {} 138 ] 139 } 140 ] 141 } 142 ] 143 } 144 ] 145 } 146 ] 147 }, 148 "srv1": { 149 "listen": [ 150 "udp/:53" 151 ], 152 "routes": [ 153 { 154 "match": [ 155 { 156 "dns": { 157 "deny": [ 158 { 159 "type_regexp": "^(MX|NS)$" 160 } 161 ] 162 } 163 } 164 ], 165 "handle": [ 166 { 167 "handler": "proxy", 168 "upstreams": [ 169 { 170 "dial": [ 171 "udp/one.one.one.one:53" 172 ] 173 } 174 ] 175 } 176 ] 177 } 178 ] 179 } 180 } 181 } 182 } 183 }