RPZ help on BIND
Steven Carr
sjcarr at gmail.com
Sat Jan 4 15:40:16 UTC 2014
On 4 January 2014 15:13, babu dheen <babudheen at yahoo.co.in> wrote:
> Since i am not well familiar with BIND, i am expecting help
> from BIND forum.
First of all please do not expect help, this mailing list is a
community, not guaranteed support, we will help if we can. If you need
dedicated help then ISC (and any number of other companies) provide
paid support services.
> But i want to direct malware domain lookup to one IP address (for example
> 10.0.0.1). So would like to know how to create a location zone file to
> create customized IP address for malware domain?
You can override the RPZ policy and redirect to a FQDN, so the
response sent back to the client will be a CNAME to the FQDN you
specify in the configuration and not the action specified in the RPZ
file itself. You need to make sure the FQDN you redirect to is
resolvable and points to 10.0.0.1. Under your options statement you
would indicate the override e.g.
options {
...
response-policy {
zone "rpz.spamhaus.org" policy CNAME fqdn.to.redirect.to;
};
...
}
Steve
More information about the bind-users
mailing list