Filter request by type

Summary

I want dnscrypt-proxy only resolve A and AAAA and block else, because my primary use is browser and i have no other use of DNS types. Some malicious software actively trying to probe my network by sending PTR or TXT using DNS and I have no way to stop this.

I was able to block TXT but it leaked PTR to upstream. Could you add a filter like this:

• dnscrypt-proxy.toml

# when set, filter the request if the type is match by one of
filter-by-type = PTR,TXT,MX,HTTPS

or

allow_only_type = A.AAAA

So I don't have to do:

User ---> DNSMasq(filter-rr=TXT,PTR <- This blocks TXT but PTR is ggeting though anyway) --> dnscrypt-proxy

chain.

Why would this be useful?

Some users already asked similar thing;

• How to filter out LAN / private addresses resolution? #1705 (you closed this on on May 8, 2021 without reason???)
• Cloaking rules also block MX and TXT records #2661 (comment) (you said "we can introduce an option to set an explicitly list of record types that will be forwarded")

Possible implementation

# when set, filter the request if the type is match by one of
filter-by-type = PTR,TXT

[github-actions]

This issue was automatically closed because it did not follow the issue template. We use the issue tracker exclusively for bug reports and feature additions that have been previously discussed. However, this issue appears to be a support request. Please use the discussion forums for support requests.