White list (RPZ deny all but mine)
tda
tda at suttk.ru
Fri Aug 18 09:45:43 UTC 2017
Hello.
I use Bind 9.10.3.dfsg.P4-8 and 9.9.5.dfsg-3 (for ns1, ns2).
I configured response-policy {zone "rpz.zone";}
And now I'd like to bulid an whitelist. Drop all requests except listed
in rpz.zone.
Something like:
domain.me CNAME rpz-passthru.
*.domain.me CNAME rpz-passthru.
trusted.me CNAME rpz-passthru.
*.trusted.me CNAME rpz-passthru.
. CNAME rpz-drop.
*. CNAME rpz-drop.
Is it possible?
PS I don't want disable recursion. I'd like RPZ fow white list.
More information about the bind-users
mailing list