On Mon, Oct 20, 2014 at 02:09:05PM -0300, Ciro Iriarte wrote: > 2014-10-20 13:29 GMT-03:00 Robert Mortimer <r...@scramworks.net>: > > Hi, > > > > Just to add a bit less light, we implemented this sort of thing about 5 > > years back > > and now with the aid of a small script have a solution which is fully RPZ > > compatable. Using PDNS recursor and LUA, which can hadle an RPZ feed of > > about four > > thousand records and around 5,000 QPS. We did stress test briefly with a > > 11,000 item > > RPZ feed. > > > > As said no need to restart when it updates just do a LUA reload. Hopefully I > > should be able to release what we did soon - am waiting for permission from > > our > > legal types. > > > > Really not sure if that helps any, except to say it's very doable and can be > > quite stable. > > > > > > RPZ seem really interesting, and I see there was a request for it in > the past*. The thing is, we have direct requests from local government > agencies to ban some domains with legal issues (mandated by a judge > for example), and we were just approached about being able to block > sites from the Internet Watch Foundation black list also (with their > own landing page). Both cases will be redirected to different sites, > and each has its own data source. Currently on bind we just define the > domain as authoritative and it's kind of a hassle. > > Also, I thought about adding some helpful LUA bits to report date/time > or the client's IP address, but from what I understood, only one LUA > script can be added to the recursor, maybe a super monster script > could be able to achieve all that. > > > Ref: > * http://mailman.powerdns.com/pipermail/pdns-users/2012-December/009451.html > > > Regards, > -- > Ciro Iriarte > http://iriarte.it > --
Hi, I would use a single Lua script for all of it. I am trying to find my sample using CDB to post. Regards, Ken _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
