plugin/rewrite: add rcode as a rewrite option (#6204)

* plugin/forward add ignore_server_failure for masking upstream server faults Signed-off-by: schou <pschou@users.noreply.github.com> * Switch from a ignore_server_fail to a rewrite rcode type. Signed-off-by: schou <pschou@users.noreply.github.com> * trim down the tests Signed-off-by: schou <pschou@users.noreply.github.com> * fixing readme TTL and using map for rcode Signed-off-by: schou <pschou@users.noreply.github.com> * add newline Signed-off-by: schou <pschou@users.noreply.github.com> --------- Signed-off-by: schou <pschou@users.noreply.github.com>
2025-11-01 10:43:17 -04:00 · 2023-08-26 22:20:12 -04:00
parent 07c7dc82f0
commit 5ace19d455
4 changed files with 308 additions and 0 deletions
--- a/plugin/rewrite/README.md
+++ b/plugin/rewrite/README.md
@@ -26,6 +26,7 @@ e.g., to rewrite ANY queries to HINFO, use `rewrite type ANY HINFO`.
   * `edns0` - an EDNS0 option can be appended to the request as described below in the **EDNS0 Options** section.
   * `ttl` - the TTL value in the _response_ is rewritten.
   * `cname` - the CNAME target if the response has a CNAME record
+   * `rcode` - the response code (RCODE) value in the _response_ is rewritten.

 * **TYPE** this optional element can be specified for a `name` or `ttl` field.
  If not given type `exact` will be assumed. If options should be specified the
@@ -335,6 +336,61 @@ rewrite ttl example.com. 30-
 rewrite ttl example.com. 30 # equivalent to rewrite ttl example.com. 30-30
 ```

+### RCODE Field Rewrites
+
+At times, the need to rewrite a RCODE value could arise. For example, a DNS server
+may respond with a SERVFAIL instead of NOERROR records when AAAA records are requested.
+
+In the below example, the rcode value the answer for `coredns.rocks` the replies with SERVFAIL
+is being switched to NOERROR.
+
+This example rewrites all the *.coredns.rocks domain SERVFAIL errors to NOERROR
+```
+    rewrite continue {
+        rcode regex (.*)\.coredns\.rocks SERVFAIL NOERROR
+    }
+```
+
+The same result numeric values:
+```
+    rewrite continue {
+        rcode regex (.*)\.coredns\.rocks 2 0
+    }
+```
+
+The syntax for the RCODE rewrite rule is as follows. The meaning of
+`exact|prefix|suffix|substring|regex` is the same as with the name rewrite rules.
+An omitted type is defaulted to `exact`.
+
+```
+rewrite [continue|stop] rcode [exact|prefix|suffix|substring|regex] STRING FROM TO
+```
+
+The values of FROM and TO can be any of the following, text value or numeric:
+
+```
+  0 NOERROR
+  1 FORMERR
+  2 SERVFAIL
+  3 NXDOMAIN
+  4 NOTIMP
+  5 REFUSED
+  6 YXDOMAIN
+  7 YXRRSET
+  8 NXRRSET
+  9 NOTAUTH
+  10 NOTZONE
+  16 BADSIG
+  17 BADKEY
+  18 BADTIME
+  19 BADMODE
+  20 BADNAME
+  21 BADALG
+  22 BADTRUNC
+  23 BADCOOKIE
+```
+
+
 ## EDNS0 Options

 Using the FIELD edns0, you can set, append, or replace specific EDNS0 options in the request.