Spoof DNS request from a specific IP address in Bind

Question

Lets say a user block at 192.168.1.0/24 wants to access facebook. I want the BIND Server to reply with a wrong IP address, lets say 172.32.1.1. But when users from the IP address block of 192.168.2.0/24 want to access facebook they will get the real IP address of facebook.

DNS used is BIND9.

user1008764 · Answer 1 · 2015-06-01T10:42:07.943

1

you can implement this by creating views in named.conf

ACL for non facebook users:

acl nonfacebook {
   192.168.1.0/24;
};

and the view linked to your zone file:

view "nonfacebook" {
  match-clients { nonfacebook; };
  zone "facebook.com" IN {
    type master;
    file "<<your zone file>>";
  };

edited Jun 01 '15 at 10:42

answered Jun 01 '15 at 09:45

user1008764

1,176

Spoof DNS request from a specific IP address in Bind

1 Answers1