On 16-09-14 18:20, King, Harold Clyde (Hal) wrote:
> Resolve all traffic for example.com from example.comĀ¹s dns servers, but
> stop badhost.example.com.
Ideally you would use RPZ records for this purpose. You can override
single records with another record. RPZ is only available in bind 9.8+.
An example:
--- Config:
options {
response-policy { zone "rpz.int.mtak.nl"; };
};
zone "rpz.int.mtak.nl" {
type master;
file "/etc/bind/db/rpz.int.mtak.nl.zone";
allow-transfer { slaves; };
};
--- Zone file:
@ IN SOA localhost. root.localhost. (
2014072602 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1H) ; minimum
IN NS localhost.
badhost.example.com IN CNAME yourcompanywebsite.com ;or
alternatively
badhost.example.com IN A 0.0.0.0
---
mtak
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
