White list (RPZ deny all but mine)

tda Fri, 18 Aug 2017 02:47:30 -0700

Hello.

I use Bind 9.10.3.dfsg.P4-8 and 9.9.5.dfsg-3 (for ns1, ns2).


I configured response-policy {zone "rpz.zone";}

And now I'd like to bulid an whitelist. Drop all requests except listedin rpz.zone.


Something like:

domain.me     CNAME   rpz-passthru.
*.domain.me  CNAME   rpz-passthru.
trusted.me     CNAME   rpz-passthru.
*.trusted.me  CNAME   rpz-passthru.
.          CNAME   rpz-drop.
*.         CNAME   rpz-drop.

Is it possible?


PS I don't want disable recursion. I'd like RPZ fow white list.

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

White list (RPZ deny all but mine)

Reply via email to