Infact what I observed that the intermediate DNS servers are not forwarding
he queries for .com and .net servers to my RPZ servers and it tries
resolves directly on his own from TLD servers
192.168.3.72 End User
192.168.3.15 [AUTH Server for test.com] and has forwarder to
192.168.3.44 [RPZ]
So, 3
Ok - Now I added like this and it disappeared.
response-policy { zone "whitelist.allow" policy passthru;
zone "malware.trap";
zone "ransomwareips.block"; } qname-wait-recurse no
break-dnssec no;
On Sat, Aug 11, 2018 at 7:51 AM Blason R wro
This is not accepting and giving my syntax error.
named-checkconf /etc/bind/named.conf
/etc/bind/named.conf.options:29: syntax error near '}'
And here is I added
response-policy { zone "whitelist.allow" policy passthru;
zone "malware.trap";
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Fri, 2018-08-10 at 13:17 +0530, Blason R wrote:
> Nah I dont think that is the answer since you need a termination after
> clause.
Did you actually try the answer below?
> On Fri, Aug 10, 2018 at 12:58 PM Vadim Pavlov wrote:
> Should be:
>
Hello,
Well even though the entry is there in RPZ zone it is still being returned
as nxdomain.
On Fri, Aug 10, 2018, 3:01 PM WILSON Sam wrote:
> I'm sorry, I don't understand the question. Your message shows a query
> and an NXDOMAIN response. That seems to be correct. I don't know whether
>
I'm sorry, I don't understand the question. Your message shows a query and an
NXDOMAIN response. That seems to be correct. I don't know whether your RPZ
configuration is supposed to change that.
Sam
> On 9 Aug 2018, at 18:25, Blason R wrote:
>
> Is it a big?? I mean certain domains from m
Hello All,
I have been debugging my issue from last 30+ hrs without luck and dang its
something related to forwarding. Again here is my quick scenario
I have Windows DNS Server 192.168.1.42 Has Forwarder set to 192.168.1.179
[BIND/RPZ]
Now certain domains when queried from end user e.g 192.168.1
Nah I dont think that is the answer since you need a termination after
clause.
Thanks and Regards,
Lionel F
On Fri, Aug 10, 2018 at 12:58 PM Vadim Pavlov wrote:
> Should be:
>
> response-policy {zone "whitelist.allow" policy passthru;
> zone "malware.trap";
>
Should be:
response-policy {zone "whitelist.allow" policy passthru;
zone "malware.trap";
zone "ransomwareips.block";
} qname-wait-recurse no break-dnssec no;
Vadim
> On 09 Aug 2018, at 20:50, Blason R wrote:
>
> This is the error I am getting
>
>
9 matches
Mail list logo
