Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
gentoo bind dns rpz-zone
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
stijn.verbeeck
n00b
n00b


Joined: 02 Mar 2015
Posts: 1

PostPosted: Mon Mar 02, 2015 11:26 am    Post subject: gentoo bind dns rpz-zone Reply with quote

hi,

i tried to config bind as cache server with the option "response-policy".
Caching works fine, but when i tried to ping (or dig) to a domain thas is declared in de RPZ-zone, i get not the response from the rpz-zone but from the root name server.

my "named.conf" (etc/bind/named.conf)

Code:

//
// sample BIND configuration file
//

options {
  // tell named where to find files mentioned below
  directory "/var/bind";
  // on a multi-homed host, you might want to tell named
  // to listen for queries only on certain interfaces
  listen-on { 127.0.0.1; 192.168.1.0/24; };
  response-policy { zone "rpz"; };
//  forwarders {8.8.8.8;
//        };
   dnssec-validation auto;
                   
};



// The single dot (.) is the root of all DNS namespace, so
// this zone tells named where to start looking for any
// name on the Internet
zone "." IN {
  // a hint type means that we've got to look elsewhere
  // for authoritative information
  type hint;
  file "named.root";
};

// Where the localhost hostname is defined
zone "localhost" IN {
  // a master type means that this server needn't look
  // anywhere else for information; the localhost buck
  // stops here.
  type master;
  file "zone.localhost";
  // don't allow dynamic DNS clients to update info
  // about the localhost zone
  allow-update { none; };
};

// Where the 127.0.0.0 network is defined
zone "0.0.127.in-addr.arpa" IN {
  type master;
  file "revp.127.0.0";
  allow-update { none; };
};

 zone "rpz" IN {
 type master;
 file "/var/bind/safesearch.google";
 allow-query {192.168.1.0/24;};

 };


and my local rpz (/var/bind/safesearch.google) file is

Code:

$TTL 60
@   IN   SOA   localhost. root.localhost. (
         201503024
         3H
         1H
         1W
         1H )
             IN    NS    localhost.
   
www.yahoo.com      CNAME   .
weather.yahoo.com   CNAME *.
patat.be      CNAME   google.com.
ad.yahoo.com        A    127.0.0.1


what is wrong?
Back to top
View user's profile Send private message
Looping81
n00b
n00b


Joined: 30 Oct 2014
Posts: 7
Location: Belgique

PostPosted: Fri Oct 30, 2015 3:15 pm    Post subject: Reply with quote

Hi,

Same result for me and i don't know why...

Did you have found the reason ?

Thanks ;-)

Loop
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum