I doubt you can use RPZ for that. We use https://dnsdist.org/ for that, our rule:
-- WPAD Name Collission Vulnerability -- US-CERT TA16-144A. Redirect to landing page addAction(RegexRule("^wpad\\."),SpoofAction("192.168.1.2", "2001:DB8::2")) Daniel On 29.11.17 19:12, Grant Taylor via bind-users wrote: > Is it possible to filter (*.)wpad.* with RPZ? Or do I need to look into > Response Policy Service and try to filter that way? > > I've used RPZ for various different things over the years, but I don't > quite know how to match a wild card on the right hand side. > > Context: I'd like to prevent ""misconfigurations like the following and > I was hoping that RPZ could be utilized: > > Link - Anybody else having issues with wpad.domain.name? > - > https://www.reddit.com/r/networking/comments/732r5n/anybody_else_having_issues_with_wpaddomainname/ > > Link - Alert (TA16-144A) WPAD Name Collision Vulnerability > - https://www.us-cert.gov/ncas/alerts/TA16-144A _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users