And would please share your Options para for response-zone rpz.zone.db
On Tue, Apr 17, 2018 at 5:43 PM, Philippe Maechler <pmaechler...@glattnet.ch > wrote: > Hello blason > > > > I'm not an RPZ expert, but we have a running RPZ configuration > > > > From named.conf > > > > zone "rpz.zone" { > > type master; > > file "/etc/namedb/master/rpz.zone.db"; > > allow-query { localhost; }; > > allow-transfer { 192.168.3.0/24; }; > > }; > > > > And inside the rpz.zone.db we have: > > $TTL 3600 > > @ IN SOA rpz.zone. rpz.zone. ( > > 2017100903; > > 3600; > > 300; > > 86400; > > 60 ) > > IN NS localhost. > > > > ; Malware Domains, NXDOMAIN as a reply > > ;crayumm.com IN CNAME . > > ;*.crayumm.com IN CNAME . > > > > ; phising sites > > baddomain.com CNAME . > > malwaredomain.com CNAME . > > uglydomain.com CNAME . > > otherbaddomain.com CNAME . > > > > ; and so on > > > > This way you don’t increase the size of the named.conf. You only have one > RPZ zone and an entry for all “bad” domains inside it > > > > I recommend to enable the logging for the RPZ category in named.conf > > logging { > > channel rpz_log { > > file "/var/named/var/log/rpz.log" versions 3 size 20m; > > print-time yes; > > print-category yes; > > }; > > category rpz { rpz_log; syslog_server; }; > > …. > > }; > > > > HTH > > > > Philippe > > > > -----Original Message----- > > From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of > blason16 > > Sent: Tuesday, April 17, 2018 11:49 AM > > To: bind-users@lists.isc.org > > Subject: Re: Queries related to RPZ > > > > OK - I resolved the issue now the query I had was how to use tens or > > thousands of zones with DNS RPZ? Will it not increase named.conf file > > size?Can someone please suggest other way? > > > > > > > > -- > > Sent from: http://bind-users-forum.2342410.n4.nabble.com/ > > _______________________________________________ > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > > > bind-users mailing list > > mailto:bind-users@lists.isc.org > > https://lists.isc.org/mailman/listinfo/bind-users >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users