[prev in list] [next in list] [prev in thread] [next in thread]
List: bind-users
Subject: Re: v9.12.1 RPZ 'map' format returns fatal error: incompatible masterfile-format or database for a
From: aclion () yepmail ! net
Date: 2018-04-23 1:51:07
Message-ID: 1524448267.4110869.1347004008.28600503 () webmail ! messagingengine ! com
[Download RAW message or body]
> Can you point to where in the docs/ARM/wiki/whatever it says that?
Found it!
ftp://ftp.isc.org/isc/bind9/9.11.2b1/doc/arm/Bv9ARM.ch06.html
Response Policy Zone (RPZ) Rewriting
BIND 9 includes a limited mechanism to modify DNS responses for requests analogous to \
email anti-spam DNS blacklists. Responses can be changed to deny the existence of \
domains (NXDOMAIN), deny the existence of IP addresses for domains (NODATA), or \
contain other IP addresses or data.
Response policy zones are named in the response-policy option for the view or among \
the global options if there is no response-policy option for the view. Response \
policy zones are ordinary DNS zones containing RRsets that can be queried normally if \
allowed. It is usually best to restrict those queries with something like allow-query \
{ localhost; };. Note that zones using masterfile-format map cannot be used as \
policy zones. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I paid attention to the "Response policy zones are ordinary DNS zones", thought that \
meant 'in all ways', and didn't read on apparently :-/
AC
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from \
this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic