From a5e51ddd6b71c1067d88e5b0e08841813027acbc Mon Sep 17 00:00:00 2001
From: Jack O'Sullivan <jackos1998@gmail.com>
Date: Thu, 16 May 2024 21:05:48 +0100
Subject: [PATCH] nixos/home: Filter out Disney+ IPv6 DNS queries

---
 nixos/boxes/home/routing-common/dns.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/nixos/boxes/home/routing-common/dns.nix b/nixos/boxes/home/routing-common/dns.nix
index f6e17c7..f7f9885 100644
--- a/nixos/boxes/home/routing-common/dns.nix
+++ b/nixos/boxes/home/routing-common/dns.nix
@@ -61,6 +61,19 @@ in
           webserver = true;
           webserver-address = "::";
           webserver-allow-from = [ "127.0.0.1" "::1" ];
+
+          lua-dns-script = pkgs.writeText "pdns-script.lua" ''
+            -- Disney+ doesn't like our IP space...
+            function preresolve(dq)
+              local name = dq.qname:toString()
+              if dq.qtype == pdns.AAAA and (string.find(name, "disneyplus") or string.find(name, "disney-plus")) then
+                dq.rcode = 0
+                return true
+              end
+
+              return false
+            end
+          '';
         };
       };
     };