RPZ for reverse lookups ?
J Doe
general at nativemethods.com
Sat Aug 24 20:56:06 UTC 2019
Hello,
I have a basic question regarding RPZ on Bind 9.11.x.
Is it possible to re-write a response on a reverse lookup ? For instance, if I considered example.com a “bad domain”, can I write a RPZ policy so that a reverse lookup of IP’s that map to example.com fails or is blocked ?
I know I can do this with a forward lookup to generate NXDOMAIN:
; Forward resolution of: example.com and subdomains generates: NXDOMAIN
example.com IN CNAME .
*.example.com IN CNAME .
…but can this also be done on reverse lookups ?
Thanks,
- J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20190824/afc54a6a/attachment.html>
More information about the bind-users
mailing list