2014-10-20 15:15 GMT-03:00 bert hubert <[email protected]>: > On Mon, Oct 20, 2014 at 01:12:07PM -0500, [email protected] wrote: >> > Also, I thought about adding some helpful LUA bits to report date/time >> > or the client's IP address, but from what I understood, only one LUA >> > script can be added to the recursor, maybe a super monster script >> > could be able to achieve all that. > > Ciro, > > We could allow chaining Lua scripts eventually, but I'm more interested in > a solution that works for people. Is everyone happy with RPZ for blacklist > purposes? > >> I would use a single Lua script for all of it. I am trying to find my >> sample using CDB to post. > > Hi Ken, > > That would be great, perhaps we could ship a version of that as a contrib/. > > Bert >
Reading a little more about RPZ it seems to be tailored at Bind's convenience, just define a special zone were you could add FQDNs to override. That doesn't seem usual for pdns-recursor, I might be wrong. It would be nice to keep the solution simple, and as clean as it can fit pdns-recursor. It doesn't need to be with RPZ, unless the use cases mandate to copy blindly this special zones from the authorities (it's not the case on my end). Ref: http://jpmens.net/2011/04/26/how-to-configure-your-bind-resolvers-to-lie-using-response-policy-zones-rpz/ Regards, -- Ciro Iriarte http://iriarte.it -- _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
