RPZ in dns views
Rama Krishna Prasad Chunduru
rkpchunduru at gmail.com
Tue Jan 26 03:39:59 UTC 2016
Hi Doug,
Thanks for immediate reply. The problem is solved.
Regards,
Rama
On Fri, Jan 22, 2016 at 11:40 PM, Doug Barton <dougb at dougbarton.us> wrote:
> On 01/22/2016 05:30 PM, Rama Krishna Prasad Chunduru wrote:
>
>> Hi All,
>> I am trying to use RPZ ( Response Policy Zone) in DNS views (BIND
>> 9.8.2) but i am getting the below error
>>
>> service named restart
>>
>> Stopping named: [ OK ]
>>
>> Starting named:
>>
>> Error in named configuration:
>>
>> /etc/named.conf:92: when using 'view' statements, all zones must be in
>> views
>>
>> [FAILED]
>>
>
> That error message is pretty clear. :)
>
> Whenever you edit named.conf, especially if you're doing it by hand, you
> should run named-checkconf and make sure you don't get any errors. That's
> what the service script is doing for you, and it's even telling you exactly
> which line to look at (92).
>
>
>
> view "second-key-view" {
>>
>> match-clients{
>>
>> second-key-acl;
>>
>> //key secret-key;
>>
>> };
>>
>>
>> zone "bbc.com <http://bbc.com>"
>>
>> {
>>
>> type master;
>>
>> file "views/firstkey";
>>
>> allow-query {none;};
>>
>> };
>>
>>
>>
>> response-policy {
>>
>> zone "youtube.com <http://youtube.com>";
>>
>> };
>>
>> };
>>
>
> You ended the view with the close-curly-bracket immediately above. You
> probably want to comment out (or completely remove) the zone declaration
> below.
>
> zone "youtube.com <http://youtube.com>"
>>
>> {
>>
>> type master;
>>
>> file "dummy-block";
>>
>> allow-query {none;};
>>
>> };
>>
>>
>> view ...
>>
>
> hope this helps,
>
> Doug
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160125/3516f1f9/attachment.html>
More information about the bind-users
mailing list