diff --git a/pdns/dynupdate.lua b/pdns/dynupdate.lua
new file mode 100644
index 0000000..86c4fee
--- /dev/null
+++ b/pdns/dynupdate.lua
@@ -0,0 +1,36 @@
+function removeExclamationMark(input)
+    if input:find('%!$')
+    then
+        return input(bar:sub(1, -1))
+    else
+        return input
+    end
+end
+
+function updatepolicy(input)
+
+    -- target zone where the CNAMEs point to
+    myzone = "dhcp.domain.com"
+
+    -- allowed networks to accept updates from
+    mynetworks = newNMG()
+    mynetworks:addMasks({"1.2.3.4", "127.0.0.1"})
+
+    -- ignore non-authorized networks
+    if not mynetworks:match(input:getRemote())
+    then
+        pdnslog("dynupdate: network check failed from " .. input:getRemote():toString(), pdns.loglevels.Info)
+        return false
+    end
+    pdnslog("dynupdate: incoming request for " .. input:getZoneName():toString(), pdns.loglevels.Info)
+
+    if (input:getQType() == pdns.A and input:getZoneName():toString() == myzone)
+    then
+        if input:getQName():toString() == hostname .. "." or input:getQName():toString() == hostname .. "." .. input:getZoneName():toString()
+        then
+            return true
+        end
+    end
+
+    return false
+end