Queries regarding forwarders
Grant Taylor
gtaylor at tnetconsulting.net
Thu Aug 9 19:02:47 UTC 2018
On 08/09/2018 01:01 AM, Lee wrote:
> yes, it works just fine
Good.
> it does, so you have to flag your local zones as rpz-passthru. eg:
> *.home.net CNAME rpz-passthru.
> localhost CNAME rpz-passthru.
> 8.0.0.0.127.rpz-ip CNAME . ; 127.0.0.0/8
> 8.0.0.0.10.rpz-ip CNAME . ; 10.0.0.0/8
> 12.0.0.16.172.rpz-ip CNAME . ; 172.16.0.0/12
> 16.0.0.168.192.rpz-ip CNAME . ; 192.168.0.0/16
That makes sense. RPZ would filter the private IPs by default, but
zones with said records can be told to not be blocked by RPZ.
Thank you for the clarification Lee.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180809/56e60bc3/attachment.bin>
More information about the bind-users
mailing list